What is homomorphic encryption and how can it help in elections?
Confidence in the electoral system is fundamental to a healthy democracy. But when a Gallup poll last year asked people if they had faith in the honesty of elections, 59% of Americans said they did not. The only five countries where confidence in elections is lower, according to Gallup, are Lithuania, Turkey, Latvia, Chile and Mexico.
Elections tend to be the point at which most people come into closest contact with their country’s political processes – when they cast their vote and have a say in who will represent them in local, regional or national bodies. The Gallup finding, that only 40% of Americans said they are “confident in the honesty of elections in the country,” relates to a number of factors, the poll says.
From fears of interference in the way an election is run, to failings in the way votes are counted, there is clearly an issue here waiting to be resolved. Data encryption could help to rebuild public trust in democracy by creating a greater sense of connection between the electorate and the results of the elections in which they take part.
[Read More: What is ElectionGuard?]
Using data without losing privacy
Encrypting data is commonplace. Emails, message platforms, e-commerce and online banking are just some of the everyday activities that are made safer and more secure because of it. There is also a role for encryption in helping foster greater trust in the democratic process.
Historically, however, encryption has not been used widely to protect voting data. That’s because data that’s been encrypted tends to be static; it isn’t possible to do much with static data, other than keep it safe and secure.
But what if it was possible to take that data in its encrypted form and perform calculations and computations without first decrypting it? All the encrypted votes could then be added together, counted, tallied and verified while still in their safe and protected state.
This is one of the things that can be done using what is known as homomorphic encryption.
Josh Benaloh, Senior Cryptographer at Microsoft Research, explains how it works: “The key thing is that this can help address the confidence shortfall,” he says. “With regular encrypted data, all you can do is decrypt it. It’s a little like putting something in a safe for transport or safekeeping. Eventually, all you’re going to do is take it out.
“But homomorphic encryption allows you to compute on encrypted data without the need to decrypt it first.”
In a wider context, it would allow an organization to do more than just store encrypted data in the cloud. It would be possible to perform computational tasks on it while keeping it completely secure, getting an encrypted result as the output.
Homomorphic encryption offers the ability to perform additions on encrypted data, which unlocks a number of potentially useful scenarios. It becomes possible to review salary data and calculate the average or the mean salary paid to an organization’s employees, for example – all while keeping the privacy of individual employees and their rates of pay safe and secure.
“If you think about what an election is, it all starts with ones and zeros,” Benaloh says. “One is ‘I selected that option’ and zero is ‘I didn’t select that option.’ Tallying the election is just adding how many selected one option, how many selected a different option – adding all the ones and zeros.
[Read More: Another step in testing ElectionGuard]
“Thanks to the homomorphic property, you take all the individual encrypted votes and aggregate them into an encrypted tally, and then you can decrypt to get the separated-out tallies without compromising the privacy of individual votes.”
This delivers a full record of how many votes were cast for each candidate while safeguarding the secrecy of the ballot. But it does something else. It makes it possible to offer voters end-to-end verifiability.
All of this was put to the test during the Microsoft ElectionGuard pilot in Fulton, Wisconsin in February 2020. The ElectionGuard software encrypted each voter’s choice before generating a ballot paper and tracking number for them. Voters received a unique code as part of their encrypted ballot, which enabled them to access a post-election verification platform. That platform would read the encrypted code and confirm that the vote associated with it was cast in a particular way.
Demonstrating to an individual voter that their vote is secure and their identity protected is clearly a necessary part of maintaining election confidence. If there were ever any doubts over those two factors, people would be forgiven for losing trust in the democratic process.
Homomorphic encryption now offers an undeniable way of verifying the accuracy of each vote cast, too. This may not be the silver bullet that restores faith in the electoral process, but it is an important part of demonstrating to people the robustness of the system to which they entrust their democratic right.
For more on Microsoft’s Defending Democracy Program, visit On the Issues. And follow @MSFTIssues on Twitter.