Ensuring vote secrecy is crucial in any voting system. In the case of electronic voting—and especially with EVoting—this is achieved through the use of advanced cryptography, which protects the confidentiality of each voter's preference. Here’s a simple explanation of how this works.
To get straight to the point: vote secrecy in electronic voting is protected through cryptography. This technology ensures that each preference is encrypted and cannot be discovered. Once the tally is complete, and without revealing anyone’s identity, the results are made known. This ensures that every vote remains personal and confidential.
At EVoting in particular, the Paillier algorithm is used—a cryptographic technique that securely encrypts votes. What makes this algorithm interesting is that it allows mathematical operations to be performed on encrypted data without needing to decrypt it. This characteristic is known as homomorphic encryption, and it makes the algorithm ideal for preserving vote secrecy even during the counting process.
The keys that protect an electronic vote
Believe it or not, here’s the simplest way to explain it:
The first step in this algorithm is the generation of two types of keys: a public key and one or more private keys. The public key is known to everyone and is used to encrypt the data—in our case, the voting preferences.
The private key or keys, on the other hand, are used to decrypt the data and must be kept secret. Without them, it’s impossible to know the outcome of the vote. In our system, a certain number of private keys are generated and distributed among members of the electoral board chosen by the client. To reveal the results of an election, a simple majority of the private keys is required.
Using multiple private keys enhances the security of the process. It ensures that the results can still be accessed even if one of the keys is lost, as long as a majority is available to decrypt the information.
This is where the homomorphic property of the algorithm comes into play, as it allows encrypted data to be summed without decrypting each individual vote. In a voting process, this means the results can be known without knowing who voted for what.
A simple example
To bring this into everyday language, I asked artificial intelligence to compare it to a traditional paper-based vote, and here’s the explanation it gave:
The public key would be like a locked ballot box that everyone can see and where people deposit their votes, but no one can see what’s written on each ballot.
Once voting is over, the private key comes into play. In this metaphor, it would be the key that opens the lock on the ballot box and allows the votes to be counted—without revealing what each individual voter marked.
Why is this method so secure?
In short, the Paillier algorithm uses two enormous prime numbers to generate the keys—both public and private. The current recommended size for these prime numbers is 617 digits each, which equals 2048 bits, a measure used in computing to represent how much information a key can contain. The product of these numbers, along with additional calculations, forms the basis for all subsequent encryption.
To break this level of encryption would require hundreds of thousands of years of computing, something that has not yet been achieved. The current record for breaking encryption through factorization is 829 bits, and it took tens of thousands of computers working for months. That’s why using a minimum key size of 2048 bits is now recommended.
In short, the secrecy of the vote at EVoting is guaranteed by a complex algorithm—hard to understand or explain—but one that successfully keeps each voter’s preference completely confidential.