Abstract
An election is a process through which citizens in liberal democracies select their governing bodies, usually through voting. For elections to be truly honest, people must be able to vote freely without being subject to coercion; that is why voting is usually done in a private manner. In this paper we analyze the security offered by a paper-ballot voting system that is used in Israel, as well as several other countries around the world. We provide an algorithm which, based on publicly-available information, breaks the privacy of the voters participating in such elections. Simulations based on real data collected in Israel show that our algorithm performs well, and can correctly recover the vote of up to 96% of the voters.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
The Inter-Parliamentary Union (IPU) is an international organization of 162 state parliaments and 10 regional parliaments. This union, which was established in 1889, has a permanent observer status at the United Nations and general consultative status with the Economic and Social Council.
- 2.
The Knesset is the name of the Israeli parliament.
- 3.
We stress that the count is done locally, and the votes of each ballot box are not mixed with other boxes.
- 4.
Absentee votes (that is, voters who do not vote in their assigned ballot, such as diplomats, soldiers, and seamen), which account to about 5% of the votes, are excluded for simplicity.
- 5.
This independence implies that an adversary can focus their effort on subsets of polling stations which are of interest, or where they expect to achieve a high success rate.
- 6.
When \(T=7\) the first count is done after 3 h.
- 7.
Sometimes referred to as “secular”.
- 8.
Due to the somewhat unstable political system of Israel, a large amount of people cannot find their political home in any of the existing parties, and tend to vote in every elections cycle to a newly “trending” party. Moreover, parties often split, merge, or change their names.
References
Agrawal, D., Kesdogan, D.: Measuring anonymity: the disclosure attack. IEEE Secur. Priv. 1(6), 27–34 (2003)
Arian, A., Shamir, M.: The 2009 Israel National Elections Data (2009). http://www.ines.tau.ac.il/2009.html
Ashur, T., Dunkelman, O.: On the anonymity of Israel’s general elections. In: Sadeghi, A.-R., Gligor, V.D., Yung, M. (eds.) 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS 2013, Berlin, Germany, 4–8 November 2013, pp. 1399–1402. ACM, New York (2013)
Basic Law. The Knesset - 1958. https://www.knesset.gov.il/laws/special/eng/basic2_eng.htm
Nyman, B.: Valsedlar För Europaparlamentet 2009. https://commons.wikimedia.org/wiki/Category:Ballot_papers_in_Sweden#mediaviewer/File:Valsedlar_Europaparlamentet_2009.jpg
Bernhard, D., Cortier, V., Pereira, O., Warinschi, B.: Measuring vote privacy, revisited. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp. 941–952. ACM (2012)
Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Commun. ACM 24(2), 84–88 (1981)
Claude Truong-Ngoc. France Présidentielles 6 Mai 2012 Bulletins de Vote Second Tour. https://commons.wikimedia.org/wiki/File:France_%C3%A9lections_pr%C3%A9sidentielles_6_mai_2012_bulletins_de_vote_second_tour.JPG
The Inter-Parliamentary Council. Declaration on criteria for free and fair elections. Unanimously adopted by the Inter-Parliamentary Council at its 154th session, March 1994. http://www.ipu.org/cnl-e/154-free.htm
Danezis, G.: Statistical disclosure attacks. In: Gritzalis, D., Capitani di Vimercati, S., Samarati, P., Katsikas, S. (eds.) SEC 2003. IFIP, vol. 122, pp. 421–426. Springer, Heidelberg (2003). doi:10.1007/978-0-387-35691-4_40
Delaune, S., Kremer, S., Ryan, M.: Verifying privacy-type properties of electronic voting protocols: a taster. In: Chaum, D., Jakobsson, M., Rivest, R.L., Ryan, P.Y.A., Benaloh, J., Kutylowski, M., Adida, B. (eds.) Towards Trustworthy Elections. LNCS, vol. 6000, pp. 289–309. Springer, Heidelberg (2010). doi:10.1007/978-3-642-12980-3_18
Correo, E.: Las Papeletas de Bildu, Protagonistas de la Jornada de Reflexión. http://www.elcorreo.com/especiales/elecciones/vizcaya/2011/noticias/papeletas-bildu-protagonistas-jornada-201105211924.html
Facebook TV. Le président algérien Abdelaziz Bouteflika Élections en Algérie 17 Avril 2014. https://www.youtube.com/watch?v=FXVXtIdTz7w&t=1m07s
Kesdogan, D., Agrawal, D., Penz,S.: Limits of anonymity in open environments. Inf. Hiding, 53–69 (2002)
Kesdogan, D., Pimenidis, L.: The hitting set attack on anonymity protocols. Inf. Hiding, 326–339 (2004)
Küsters, R., Truderung, T., Vogt, A.: A game-based definition of coercion-resistance and its applications. In: 2010 23rd IEEE Computer Security Foundations Symposium, pp. 122–136. IEEE (2010)
Küsters, R., Truderung, T., Vogt, A.: Verifiability, privacy, and coercion-resistance: new insights from a case study. In: 2011 IEEE Symposium on Security and Privacy (SP), pp. 538–553. IEEE (2011)
Tianbo, L., Yao, P., Zhao, L., Li, Y., Xie, F., Xia, Y.: Towards attacks and defenses of anonymous communication systems. Int. J. Secur. Appl. 9(1), 313–328 (2015)
Shamir, M.: The 2013 Israel National Elections Data (2013). http://www.ines.tau.ac.il/2013.html
The Central Elections Committee. Final Results of the Vote to the 19th Knesset, January 2013. http://www.votes-19.gov.il/nationalresults
The Knesset. Knesset Elections Law (1969). http://www.knesset.gov.il/elections16/heb/laws/elections/law.htm (Hebrew)
Troncoso, C., Gierlichs, B., Preneel, B., Verbauwhede, I.: Perfect matching disclosure attacks. Priv. Enhanc. Technol., 2–23 (2008)
Acknowledgment
The authors would like to thank Aviad Stier for bringing into our attention the fact that the parties collect the time of vote of all voters, Adv. Jonathan J. Klinger for assisting us with our petition to the Israeli general elections committee, Amihai Bannett for permitting us to use hit photos in this paper and in a poster that presented preliminary results of this work [3]. We thank Dubi Kanengisser for pointing us to good resources in the field of political studies. Special thanks are to colleagues with which the authors discussed this research, specifically to Gustavo Mesch, Claudia Diaz, Tamar Zondiner, Yair Goldberg, Atul Luykx, Alan Szepieniec, Shir Peled, as well as to the anonymous referees.
The first author was partially supported by the Research Fund KU Leuven, OT/13/071 and by European Union’s Horizon 2020 research and innovation programme under grant agreement No. 644052 HECTOR and grant agreement No. H2020-MSCA-ITN-2014-643161 ECRYPT-NET. The second author was supported in part by the Israeli Science Foundation through grant No. 827/12 and by the Commission of the European Communities through the Horizon 2020 program under project number 645622 PQCRYPTO. The third author is supported by a postdoctoral fellowship from I-CORE ALGO.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Ashur, T., Dunkelman, O., Talmon, N. (2017). Breaching the Privacy of Israel’s Paper Ballot Voting System. In: Krimmer, R., et al. Electronic Voting. E-Vote-ID 2016. Lecture Notes in Computer Science(), vol 10141. Springer, Cham. https://doi.org/10.1007/978-3-319-52240-1_7
Download citation
DOI: https://doi.org/10.1007/978-3-319-52240-1_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-52239-5
Online ISBN: 978-3-319-52240-1
eBook Packages: Computer ScienceComputer Science (R0)