Associate Professor Vanessa Teague

New: Our report on the use of trapdoor commitments in the SwissPost/Scytl e-voting system.

A second report identifying a weakness in the zero knowledge proof implementation

and an addendum showing this can be used to break cast-as-intended verification.

Brief Summary

I am interested in cryptographic protocols that support a free and democratic society. My research group fills a gap between what governments need to know or build and what commercial operators have an incentive to tell or sell to them.

Our research has two main themes: verifiable and transparent electronic elections, and privacy and big data. In each case, understanding the limitations of existing solutions is part of designing better ones.

In each case, openness about the algorithms and processes is good for security, privacy and public trust.

I did my B.Sc. (hons) at The University of Melbourne and my Ph.D. with Prof. John Mitchell at Stanford University. I wrote my thesis on the economic analysis of multiparty cryptographic protocols, the sort of mathematics that now underpins digital currencies and public ledgers.

The Group

Chris Culnane former Research Fellow, now Lecturer at unimelb.

PhD Students

Leyla Roohi - Secure storage and private querying of telecommunications metadata

Nicholas Akinyokun - Secure voter registration and eligibility checking for Nigerian elections

Past students

Amy Corman (PhD) Secure network protocols for Peer-to-peer applications

Kim Ramchen (PhD) Privacy preserving computations on genomic data

Kim Ramchen (Masters) Parallel Shuffling and its Application to Prêt à Voter

Thomas Haines

Tom Coleman

I am on the board of advisors of Verified Voting, a non-partisan organization working for accuracy, integrity, and verifiability of elections.

In 2016 I was awarded the Election Verification Network's election integrity research excellence award.

Research

For publications, see my Google Scholar page

Tools for election counting and auditing

One aim of our research program is to expand the set of open source tools available for ordinary citizens to audit, recount, or assess their electronic voting systems.

Our paper on Auditing Indian Elections is now available! Prototype tools to follow.

Andrew Conway has written an open-source calculator of Senate recounts, with easy checkboxes for selecting Senators to exclude before you count.

Research project: Electronic voting for Australia

Electronic voting in a polling place could be more secure and transparent than paper-based voting, because recent advances in cryptography allow voters to verify that their vote is cast as they intended, included in the count, and tallied correctly, without compromising privacy. Computers could also prevent people from accidentally voting informally and produce almost-instant Senate results. However, international research generally overlooks complex voting systems like Australia's, so Australian electoral authorities have had to resort to software systems that are not verifiable, and hence not trustworthy.

The aim of our research agenda is to design a secure and verifiable system suitable for Australian elections. For pollsite electronic voting, end-to-end verifiable techniques are now practical. For remote (Internet) voting, significant open problems remain, including usable verifiabilty, coercion-resistance, voter authentication, and many other issues. An important theme is using the Internet for disseminating information or connecting voters, without having to trust it for the return of votes.

The most significant product so far is a design for an end-to-end verifiable voting system used in polling places in the 2014 state election here in Victoria. See the vVote Tech Report. This is joint work with an international team including Craig Burton, Chris Culnane, Steve Schneider'sTrustworthy voting systems group at Surrey. and Peter Ryan's Secure, reliable and trustworthy voting systems project at Luxembourg.

NSW Local Council count analysis

Senate Auditing

Alex Halderman and I completed a security analysis of the iVote Internet voting system, which ran in the 2015 New South Wales state election. We found that the system suffered from serious security problems, including opportunities to violate vote privacy, manipulate votes and circumvent the verification mechanism. The paper is now available on ArXiv. The same system was used in Western Australia's 2017 state election - see a brief explanation of why TLS proxying is not appropriate for elections, joint work with Chris Culnane, Mark Eldridge, Aleksander Essex, Dr Yuval Yarom.

Auditing preferential (Instant Runoff, or Alternative-Vote) elections

with Michelle Blom and Peter Stuckey Code for simulating ballot-polling and ballot-level comparison risk-limiting audits for IRV elections (the kind of elections used to elect MPs to lower houses across Australia) is now available here. The full paper is here.

Computing the margin of victory in STV elections

with Michelle Blom and Peter Stuckey

Australia's preferential voting system has the advantage that with only a single election a winner (or multiple winners) can be determined. But given that votes can be lost or miscounted it is interesting to know how many votes would need to be changed to modify the result of an election. This is a challenging combinatorial problem. While some approaches are known for the single electorate case, the current technology to solve this problem does not scale well. And we are unaware of any modelling of the case for multi-position preferential voting (the Australian Senate). The aim of this project is to develop algorithms and software to determine how many votes would be need to modified to change the results of a preferential election.

Research project: Privacy and open data

Our privacy analysis, demonstrating easy supplier and patient re-identification of the MBS/PBS billing dataset, is available here.

Conferences and boards

I was co-editor with Josh Benaloh, Steve Schneider and Peter Ryan of the IEEE Security and Privacy Magazine's Special Issue on e-voting.

I am co-chair with Jeremy Clark of Voting '18, a workshop on secure e-voting associated with the Financial Cryptography conference.

In 2016 I was co-chair with Josh Benaloh and Peter Ryan of the Track on Security, Usability, and Technical Issues at E-Vote-ID, the new union of Europe's two academic e-voting conferences.

In 2013 I was co-chair with Steve Schneider and James Heather of Vote ID 2013.

In 2011 I was co-chair with Hovav Shacham of the USENIX/ACCURATE Electronic Voting Technologies workshop and Workshop on Trustworthy Elections, EVT/WOTE 2011, co-located with USENIX Security '11.

I was on the editorial board of the USENIX Journal of Election Technology and Systems.

Other PCs: IEEE Security and Privacy '19, USENIX Security '18, Euro-Security and Privacy '16, ACNS '15, RSA-Cryptographers' track '14, RSA-Cryptographers' track '15, EVOTE '14, Vote-ID 2011, Re-Vote 2011, and other years of EVT/WOTE.

Teaching

This semester I am teaching High Integrity Systems Engineering (SWEN 90010) with Toby Murray

Engagement

Consultancy

We are available for research and consulting in applied cryptography, cybersecurity and privacy. Usually our reports are public. We aim to solve a problem, analyze an existing solution, or explain the options and their tradeoffs. We specialize in explaining complex technical issues in an accessible way. A recent example is our Privacy Assessment of de-identified Opal data for Transport for NSW with Ben Rubinsten.

Submissions and Hearings

Our Submission to the Australian government's consultation on the Telecommunications Assistance and Access Bill.

Our Submission to the NSWEC's inquiry into iVote.

Parliamentary submissions are available at the relevant inquiry's webpage.

Public lectures

Media