EAV – detailed information
The development of the VEC’s electronic voting system has been the result of significant research and collaboration from a number of academic and commercial organisations. The VEC has contracted out the development of a number of components of the system as well as undertaking its own development project. The system has also been subject to a significant peer review and technical assessment during its development lifecycle. Details are provided below.
suVote has been written under contract for VEC by the University of Surrey, England and is the subject of the following peer-reviewed publications which include design documentation and an original prototype of the system
The documents below are also public documents but were not peer reviewed
- Final technical report
Ximix has been written under contract for VEC by Crypto Workshop. Cryptoworkshop are the authors and maintainer of the Bouncy Castle open source Java cryptographic API on which Ximix depends. Ximix is a Randomised Partial Checking (RPC) mixnet specifically written to process tuples.
For introductory material please see
Ximix implements RPC based on the following papers
- "Making Mix Nets Robust For Electronic Voting By Randomized Partial Checking" Markus Jakobsson, Ari Juels, Ronald L. Rivest, 11th USENIX Security Symposium, 2002.
- "A Secure and Optimally Efficient Multi-Authority Election Scheme" R. Cramer, R. Gennaro, B. Schoenmakers, CGS Journal, October, 1997.
- “Secure Distributed Key Generation for Discrete-Log Based Cryptosystems” R. Gennaro, S Jarecki, H. Krawczyk, T. Rabin, Journal of Cryptology, 2007.
- "A Threhold Cryptosystem without a Trusted Party (Extended Abstract)" T. P. Perdersen, Springer-Verlag, 1998.
- “How to share a secret” A. Shamir, Communications of the ACM, November, 1979.
- "Short signatures from the Weil pairing" D. Boneh, B. Lynn, and H. Shacham, AsiaCrypt 2001.
- The Java Pairing Based Cryptography Library (jPBC) http://sourceforge.net/projects/jpbc/, Downloaded November 2013.
- "How not to Prove Yourself: Pitfalls of the Fiat-Shamir Heuristic and Applications to Helios" D.Bernhard, O. Pereira, B, Warinschi, volume 7658 of Lecture Notes in Computer Science, pages 626-643. 2012.
- "Efficient Cryptographic Protocol Design Based on Distributed El Gamal Encryption" F. Brandt, Proceeding ICISC'05 Proceedings of the 8th international conference on Information Security and Cryptology, Pages 32-47 Springer-Verlag. 2006.
VPS, EVM and VVA
Both EVM and VPS reply on suVote client proxies to perform signing and verification actions and to communicate with central suVote services.
VVA is a .NET application with code dependencies in the VEC election management system. VVA enables VEC to set up e-voting and it automates some data processing. However, all security, integrity and privacy control of the e-voting rests with suVote and Ximix components.
Third party system and protocol examination
This system was examined by the Danish expert group DemTech. A report was written concerning vVote and includes commentary from all the VEC contracted development teams on details of the implementation. The report is available here DemTech Report
To provide feedback or for any questions about vVote please e-mail SourceCodeFeedback@vec.vic.gov.au