End-to-End Verifiability

Our system guarantees that:
1) Every voter can verify that his vote is correctly recorded on the ballot tracking web page.
2) All votes that appear on the ballot tracking web page are associated with a voter.
3) Anyone can verify that the election results are consistent with the content of the ballot tracking web page.

A voting scheme that has the above three properties is called end-to-end verifiable (or “open audit”). In such a system no one, not even the administrators of the voting system, can alter a vote without being detected. Wombat voting is one of several modern voting systems that enjoy end-to-end verifiability. Let us see why, by going over these properties one by one.

1. Every voter can verify that his vote is correctly recorded on the ballot tracking web page.

Recall that the ballot consists of two parts: a plain text part and an electronic encryption of the vote. The voter can verify that the plain text indeed matches his/her choice. Our worry is that the machine is cheating (or is bogus) and the plain text does not match the encrypted vote.
Ballot

However, notice that such a mismatch (if exists) would be detected in an audit if the voter chooses to audit the ballot. Also, a voting machine does not know in advance which ballot is going to be audited. Thus, a cheating (or bogus) machine is likely to be caught. A simple statistical calculation shows that very few audits (of about 1-2% of the votes) suffice for catching a cheating (or bogus) machine. If the machine passes all our audit tests, we can conclude with very high confidence that the voting machine functions properly, i.e., that it produces consistent ballots where the electronic encryption is consistent with the plain text data.

To summarize, our confidence in the correct recording of ballots is based on:

  1. The voter can verify with his/her own eyes that the plain text indeed matches his/her choice.
  2. The random audits ensure that the machine prints consistent ballots, where the electronic encryption of the vote matches the plain text.
  3. The voter can verify that the encrypted data that appears on the ballot tracking web page matches the electronic encryption of the vote that appears on the ballot (and is given to him as a receipt).

2. All votes that appear on the ballot tracking web page are associated with a voter.

Here we trust the polling station committee members to identify each voter, and let each voter vote only once.

3. Anyone can verify that the election results are consistent with the content of the ballot tracking web page.

In the tallying process the electronic ballots on the ballot tracking web page are first randomly shuffled in a mix-net and then decrypted. Anyone can verify the validity of the mixing and decryption steps by checking the accompanying proofs. Verifying the elections result is straightforward once all decryptions are known.