References of "Zollinger, Marie-Laure 50027884"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detail"Just for the sake of transparency": Exploring Voter Mental Models Of Verifiability
Zollinger, Marie-Laure UL; Estaji, Ehsan UL; Ryan, Peter Y A UL et al

in Electronic Voting, Sixth International Joint Conference, E-Vote-ID 2021, Bregenz, Austria, October 5-8 (2021, October)

Verifiable voting schemes allow voters to verify their individual votes and the election outcome. The voting protocol Selene offers verification of plaintext votes while preserving privacy. Misconceptions ... [more ▼]

Verifiable voting schemes allow voters to verify their individual votes and the election outcome. The voting protocol Selene offers verification of plaintext votes while preserving privacy. Misconceptions of verification mechanisms might result in voters mistrust of the system or abstaining from using it. In this paper, we interviewed 24 participants and invited them to illustrate their mental models of Selene. The drawings demonstrated different levels of sophistication and four mental models: 1) technology understanding, 2) meaning of the verification phase, 3) security concerns, and 4) unnecessary steps. We highlight the misconceptions expressed regarding Internet voting technologies and the system design. Based on our findings, we conclude with recommendations for future implementations of Selene as well as for the design of Internet voting systems in general. [less ▲]

Detailed reference viewed: 170 (21 UL)
Full Text
Peer Reviewed
See detailInvestigating Usability and User Experience of Individually Verifiable Internet Voting Schemes
Marky, Karola; Zollinger, Marie-Laure UL; Roenne, Peter et al

in ACM Transactions on Computer-Human Interaction (2021), 28(5), 1-36

Internet voting can afford more inclusive and inexpensive elections. The flip side is that the integrity of the election can be compromised by adversarial attacks and malfunctioning voting infrastructure ... [more ▼]

Internet voting can afford more inclusive and inexpensive elections. The flip side is that the integrity of the election can be compromised by adversarial attacks and malfunctioning voting infrastructure. Individual verifiability aims to protect against such risks by letting voters verify that their votes are correctly registered in the electronic ballot box. Therefore, voters need to carry out additional tasks making human factors crucial for security. In this article, we establish a categorization of individually verifiable Internet voting schemes based on voter interactions. For each category in our proposed categorization, we evaluate a voting scheme in a user study with a total of 100 participants. In our study, we assessed usability, user experience, trust, and further qualitative data to gain deeper insights into voting schemes. Based on our results, we conclude with recommendations for developers and policymakers to inform the choices and design of individually verifiable Internet voting schemes. [less ▲]

Detailed reference viewed: 64 (8 UL)
Full Text
See detailFrom Secure to Usable and Verifiable Voting Schemes
Zollinger, Marie-Laure UL

Doctoral thesis (2020)

Elections are the foundations of democracy. To uphold democratic principles, researchers have proposed systems that ensure the integrity of elections. It is a highly interdisciplinary field, as it can be ... [more ▼]

Elections are the foundations of democracy. To uphold democratic principles, researchers have proposed systems that ensure the integrity of elections. It is a highly interdisciplinary field, as it can be studied from a technical, legal or societal points of view. While lawyers give a legal framework to the voting procedures, security researchers translate these rules into technical properties that operational voting systems must satisfy, notably privacy and verifiability. If Privacy aims to protect vote-secrecy and provide coercion-resistance to the protocol, Verifiability allows voters to check that their vote has been taken into account in the general outcome, contributing to the assurance of the integrity of the elections. To satisfy both properties in a voting system, we rely on cryptographic primitives such as encryption, signatures, commitments schemes, or zero-knowledge proofs, etc. Many protocols, paper-based or electronic-based, have been designed to satisfy these properties. Although the security of some protocols, and their limits, have been analysed from a technical perspective, the usability has often been shown to have very low rates of effectiveness. The necessary cryptographic interactions have already shown to be one contributor to this problem, but the design of the interface could also contribute by misleading voters. As elections typically rarely happen, voters must be able to understand the system they use quickly and mostly without training, which brings the user experience at the forefront of the designed protocols. In this thesis, the first contribution is to redefine privacy and verifiability in the context of tracker-based verifiable schemes. These schemes, using a so-called tracking number for individual verification, need additional user steps that must be considered in the security evaluation. These security definitions are applied to the boardroom voting protocol F2FV used by the CNRS, and the e-voting protocol Selene, both use a tracker-based procedure for individual verifiability. We provide proofs of security in the symbolic model using the Tamarin prover. The second contribution is an implementation of the Selene protocol as a mobile and a web application, tested in several user studies. The goal is to evaluate the usability and the overall user experience of the verifiability features, as well as their understanding of the system through the evaluation of mental models. The third contribution concerns the evaluation of the voters' understanding of the coercion mitigation mechanism provided by Selene, through a unique study design using game theory for the evaluation of voters. Finally, the fourth contribution is about the design of a new voting scheme, Electryo, that is based on the Selene verification mechanisms but provides a user experience close to the standard paper-based voting protocols. [less ▲]

Detailed reference viewed: 311 (48 UL)
Full Text
Peer Reviewed
See detailShort paper: Mechanized Proofs of Verifiability and Privacy in a paper-based e-voting Scheme
Zollinger, Marie-Laure UL; Roenne, Peter UL; Ryan, Peter UL

in International Conference on Financial Crypto Workshop on Advances in Secure Electronic Voting (2020, February)

Detailed reference viewed: 137 (13 UL)
Full Text
Peer Reviewed
See detailUser Experience Design for E-Voting: How mental models align with security mechanisms
Zollinger, Marie-Laure UL; Distler, Verena UL; Roenne, Peter UL et al

in Electronic Voting (2019, October)

This paper presents a mobile application for vote-casting and vote-verification based on the Selene e-voting protocol and explains how it was developed and implemented using the User Experience Design ... [more ▼]

This paper presents a mobile application for vote-casting and vote-verification based on the Selene e-voting protocol and explains how it was developed and implemented using the User Experience Design process. The resulting interface was tested with 38 participants, and user experience data was collected via questionnaires and semi-structured interviews on user experience and perceived security. Results concerning the impact of displaying security mechanisms on UX were presented in a complementary paper. Here we expand on this analysis by studying the mental models revealed during the interviews and compare them with theoretical security notions. Finally, we propose a list of improvements for designs of future voting protocols. [less ▲]

Detailed reference viewed: 215 (17 UL)
Full Text
Peer Reviewed
See detailSecurity – Visible, Yet Unseen? How Displaying Security Mechanisms Impacts User Experience and Perceived Security
Distler, Verena UL; Zollinger, Marie-Laure UL; Lallemand, Carine UL et al

in Proceedings of ACM CHI Conference on Human Factors in Computing Systems (CHI2019) (2019, April)

An unsolved debate in the field of usable security concerns whether security mechanisms should be visible, or blackboxed away from the user for the sake of usability. However, tying this question to ... [more ▼]

An unsolved debate in the field of usable security concerns whether security mechanisms should be visible, or blackboxed away from the user for the sake of usability. However, tying this question to pragmatic usability factors only might be simplistic. This study aims at researching the impact of displaying security mechanisms on user experience (UX) in the context of e-voting. Two versions of an e-voting application were designed and tested using a between-group experimental protocol (N=38). Version D displayed security mechanisms, while version ND did not reveal any security-related information. We collected data on UX using standardised evaluation scales and semi-structured interviews. Version D performed better overall in terms of UX and need fulfilment. Qualitative analysis of the interviews gives further insights into factors impacting perceived security. Our study adds to existing research suggesting a conceptual shift from usability to UX and discusses implications for designing and evaluating secure systems. [less ▲]

Detailed reference viewed: 652 (63 UL)
Full Text
Peer Reviewed
See detailHow to Assess the Usability Metrics of E-Voting Schemes
Marky, Karola; Zollinger, Marie-Laure UL; Funk, Markus et al

in Lecture Notes in Computer Science (2019, February)

Detailed reference viewed: 238 (21 UL)
Full Text
Peer Reviewed
See detailElectryo, In-person Voting with Transparent Voter Verifiability and Eligibility Verifiability
Roenne, Peter UL; Ryan, Peter UL; Zollinger, Marie-Laure UL

E-print/Working paper (2018)

Selene is an e-voting protocol that allows voters to directly check their individual vote, in cleartext, in the final tally via a tracker system, while providing good coercion mitigation. This is in ... [more ▼]

Selene is an e-voting protocol that allows voters to directly check their individual vote, in cleartext, in the final tally via a tracker system, while providing good coercion mitigation. This is in contrast to conventional, end-to-end verifiable schemes in which the voter verifies the presence of an encryption of her vote on the bulletin board. The Selene mechanism can be applied to many e-voting schemes, but here we present an application to the polling station context, resulting in a voter-verifiable electronic tally with a paper audit trail. The system uses a smartcard-based public key system to provide the individual verifica- tion and universal eligibility verifiability. The paper record contains an encrypted link to the voter’s identity, requiring stronger assumptions on ballot privacy than normal paper voting, but with the benefit of pro- viding good auditability and dispute resolution as well as supporting (comparison) risk limiting audits. [less ▲]

Detailed reference viewed: 212 (15 UL)
See detailSelene User Interface
Zollinger, Marie-Laure UL

Software (2018)

The goal of this application is to provide a user interface of the Selene e-voting protocol in order to test the user experience. This project must be seen as a mock up interface for users. We provide a ... [more ▼]

The goal of this application is to provide a user interface of the Selene e-voting protocol in order to test the user experience. This project must be seen as a mock up interface for users. We provide a mobile app and an administration page. The application runs on Android (API 23+), the back-end server is developed in php and run through an Apache server. [less ▲]

Detailed reference viewed: 114 (14 UL)