User:Li.andy/sandbox

Article evaluation

https://en.wikipedia.org/wiki/POPVOX

"empower effective participation, and create a transparent record that influences policy-making and fosters accountable, responsive governing.[citation needed]"

lower case "m" in masters

POPVOX makes the goal to improve ---> POPVOX aims to improve

it appears that time has come for POPVOX to gain enough credibility for this to occur - bias

Helios Voting

I plan to introduce Helios and its uses. I’ll present examples of when Helios was used in an election. I’ll present the most pressing issues about its encryption features because there are loopholes to its security. I will, then, present the ideas from others about how to improve the security of the system.

Google Scholar

Helios: Web-based Open-Audit Voting https://www.usenix.org/legacy/event/sec08/tech/full_papers/adida/adida.pdf •	Introduction of Helios as a public open-source voting system that is open to the public to vote in elections. It is written in Python programming language and encrypted using Sako-Kilian. This text will provide information of Helio’s uses.

Usability Analysis of Helios – An Open Source Verifiable Remote Electronic Voting System http://static.usenix.org/events/evtwote11/tech/final_files/Karayumak7-8-11.pdf •	There is a great need to ensure voter secrecy and a reinvent a better system of verifiability.

Electing a University President Using Open-Audit Voting: Analysis of Real-World Use of Helios https://www.usenix.org/legacy/event/evtwote09/tech/full_papers/adida-helios.pdf •	These are suggestions about how to improve Helios to be more accountable and reliable to ensure voter’s votes are counted for correctly.

Academic Search Complete

Attacking and Fixing Helios: An Analysis of Ballot Secrecy http://search.ebscohost.com.libproxy.berkeley.edu/login.aspx?direct=true&db=a9h&AN=87598197&site=ehost-live Cortier, Véronique and Ben Smyth. "Attacking and Fixing Helios: An Analysis of Ballot	Secrecy." Journal of Computer Security, vol. 21, no. 1, Jan. 2013, pp. 89-148. EBSCOhost, doi:10.3233/JCS-2012-0458. •	There are many vulnerabilities and loophole in Helio’s security program, where others are able to invade the privacy of voters. A solution to presented to end the threat.

ACM Digital Library Distributed ElGamal a La Pedersen: Application to Helios https://dl-acm-org.libproxy.berkeley.edu/citation.cfm?id=2517852 •	There is a vital need to protect voters’ information, so more voters use the platform. Ideas are presented about how to keep voters’ information confidential and private.

Implementation-Level Analysis of the JavaScript Helios Voting Client https://dl-acm-org.libproxy.berkeley.edu/citation.cfm?id=2851800

Security Proofs for Participation Privacy, Receipt-Freeness and Ballot Privacy for the Helios Voting Scheme https://dl-acm-org.libproxy.berkeley.edu/citation.cfm?id=3098990

IEEE Xplore Digital Library

Introducing Proxy Voting to Helios http://ieeexplore.ieee.org.libproxy.berkeley.edu/document/7784560/

A Taxonomy Refining the Security Requirements for Electronic Voting: Analyzing Helios as a Proof of Concept http://ieeexplore.ieee.org.libproxy.berkeley.edu/document/5438051/

Web of Science Machine-Checked Proofs of Privacy for Electronic Voting Protocols http://apps.webofknowledge.com.libproxy.berkeley.edu/full_record.do?product=WOS&search_mode=GeneralSearch&qid=5&SID=6FHqIyqOlWNjDeCLLif&page=1&doc=1&cacheurlFromRightClick=no

Apollo - End-to-End Verifiable Internet Voting with Recovery from Vote Manipulation http://apps.webofknowledge.com.libproxy.berkeley.edu/full_record.do?product=WOS&search_mode=GeneralSearch&qid=5&SID=6FHqIyqOlWNjDeCLLif&page=1&doc=2&cacheurlFromRightClick=no

Scopus Machine-Checked Proofs of Privacy for Electronic Voting Protocols https://www-scopus-com.libproxy.berkeley.edu/record/display.uri?eid=2-s2.0-85025167463&origin=resultslist&sort=plf-f&src=s&st1=helios+voting&st2=&sid=8f0a088cbb2fbdbbf980a20accee1e35&sot=b&sdt=b&sl=28&s=TITLE-ABS-KEY%28helios+voting%29&relpos=3&citeCnt=0&searchTerm=

Security proofs for participation privacy, receipt-freeness & ballot privacy for the Helios voting scheme https://www-scopus-com.libproxy.berkeley.edu/record/display.uri?eid=2-s2.0-85030328423&origin=resultslist&sort=plf-f&src=s&st1=helios+voting&st2=&sid=8f0a088cbb2fbdbbf980a20accee1e35&sot=b&sdt=b&sl=28&s=TITLE-ABS-KEY%28helios+voting%29&relpos=1&citeCnt=0&searchTerm=

Helios Voting is an online open-source voting system written by Ben Adida. Its browser is written in both JavaScript and HTML language, while the sever is written in python language. The Ballot Preparation System (BPS) is used to guide voters through the ballot and record voters’ choices. The process to create the ballot and process votes are based on Benaloh's Simple Verifiable Voting Protocol and Benaloh's challenge.

This web-based platform is accessible to the general public. Users can vote in elections and have the ability to create a personalized election poll. Anyone from the general public is able to cast a ballot, however, in order for the final vote to be accounted for, their identification will be verified.

Helios uses ballot secrecy and homomorphic encryption to protect the identity of the voter.

Creating an Election
A user must create a Helios account in order to create an election. Users create an account by registering with an email address, their name, and a password. Upon registration, a link is, then, sent to the registered email address allowing the user to finalize the activation of their account. The administrator, user who created the election, then, chooses the time period that the election is open and also have the ability to edit the entire content of the election. Multiple candidates can be listed in the election. Once the event is created, the Helios Voting platform provides a public key for the creator (administrator) of the election. The administrator can now edit and create their ballot in any way they want at any given time. They also have the ability to control who is able to vote in the election by adding and removing voters at their own preference.

Voting Process
A voter creates a Helios Voting account using their name, email address, and a random password generated by the platform itself. The voter selects an election to vote in and begins the voting process. The voter, then, submits their ballot, and the BPS in Helios Voting encrypts the voter’s choices’ as a ciphertext.

Voters have the option to either audit (review the process utilized in the encryption) or seal (encrypt) their votes in the ballot. The voter, who chooses to audit, have the opportunity to review the displayed ciphertext to verify that the Helios Voting platform correctly saved their votess. Upon review of their ballot, they are able to submit their current choices or seal their ballots using a different ciphertext. The voter, who chooses to seal their ballot, automatically publishes their ciphertext onto the platform without reviewing their votes.

The voter's identity is authenticated and, their vote is, then, accounted for. All votes are posted to the online bulletin board displayed with either a voter name or a voter ID number. The bulletin board is accessible for the general public to view.

After an election ends, the system shuffles the ballots and encrypts all the votes making them publicly accessible for voters to audit. Auditing allows voters to ensure their exact vote was posted successful on the bulletin board. After a certain time period allocated for auditing comes to an end, the system tallies all the ballots. An auditor can, then further, download the entire election to verify its authenticity. The votes are verified when there are enough auditors to ensure that the votes are tallied correctly.

Helios Users
The platform is intended to be utilized at low-coercive, small scale environments such as university student governments.

The platform was utilized for student governments at Princeton University and Universite Catholique de Louvain. The Universite catholique de Louvain with 25,000 eligible voters used Helios’ voting system in March 2009 to elect its university president. Helios has been utilized to elect new board directors at the International Association for Cryptographic Research in 2010, 2011, and 2012.

Security Weakness
The creator first prioritizes the integrity of the election ensuring the accuracy of ballots, and then, voter privacy. Research has identified loopholes in its security because replaying a users’ selection of candidates will reveal their vote. Through studies, researchers have discovered vulnerability of Helios to cyberattacks. The cyberattack discovered as an attack against privacy in the case that the attacker can resubmit a voter’s vote without being noticed.

Researchers have identified a major security breach called a cross-site scripting attack, and alerted Helios to fix problem. The cross-site script attacks works when the voter unknowningly clicks a specific link created by the attacker leading to the Helios sever, allowing the attacker to steal the voter’s information.

A corrupt router will cause the voting system to display a success message to the voter. The vote is not accounted for on the server’s end because it was interrupted.

A hacked election administrator account allows attacker(s) full control to the election.

Security Defenses
Helios server records all of the votes once it is submitted to the platform and leaves a trace of verified votes even in the event of a security breach making the system corrupt. The integrity of the ballots are ensured by many trustees and the Helios server itself. Auditors verify votes in the event of a breach. In the event that the Helios ballot becomes corrupt by displaying choices that in reality accounts for other candidates, the Ballot Encyrption Verification program is able to counter the attack. The Ballot Encryption Verification program is audited by auditors before voting in enabled on the sever.