School of Computing and Information Systems
I am interested in cryptographic protocols that support a free and democratic society. My research group fills a gap between what governments need to know or build and what commercial operators have an incentive to tell or sell to them.
Our research has two main themes: verifiable and transparent electronic elections, and privacy and big data. In each case, understanding the limitations of existing solutions is part of designing better ones.
In each case, openness about the algorithms and processes is good for security, privacy and public trust.
I did my B.Sc. (hons) at The University of Melbourne and my Ph.D. with Prof. John Mitchell at Stanford University. I wrote my thesis on the economic analysis of multiparty cryptographic protocols, the sort of mathematics that now underpins digital currencies and public ledgers.
Chris Culnane former Research Fellow, now Lecturer at unimelb.
Leyla Roohi - Secure storage and private querying of telecommunications metadata
Nicholas Akinyokun - Secure voter registration and eligibility checking for Nigerian elections
Amy Corman (PhD) Secure network protocols for Peer-to-peer applications
Kim Ramchen (PhD) Privacy preserving computations on genomic data
Kim Ramchen (Masters) Parallel Shuffling and its Application to Prêt à Voter
I am on the board of advisors of Verified Voting, a non-partisan organization working for accuracy, integrity, and verifiability of elections.
In 2016 I was awarded the Election Verification Network's election integrity research excellence award.
For publications, see my Google Scholar page
I have some space to take on PhD students in areas related to electronic voting and broader areas of applied cryptography, security and privacy. Please email me your academic transcript and a brief summary of what you are interested in working on. The size and focus of the project could be tailored to suit the students' interests and aptitudes.
Tools for election counting and auditing
One aim of our research program is to expand the set of open source tools available for ordinary citizens to audit, recount, or assess their electronic voting systems.
Andrew Conway has written an open-source calculator of Senate recounts, with easy checkboxes for selecting Senators to exclude before you count.
Research project: Electronic voting for Australia
Electronic voting in a polling place could be more secure and transparent than paper-based voting, because recent advances in cryptography allow voters to verify that their vote is cast as they intended, included in the count, and tallied correctly, without compromising privacy. Computers could also prevent people from accidentally voting informally and produce almost-instant Senate results. However, international research generally overlooks complex voting systems like Australia's, so Australian electoral authorities have had to resort to software systems that are not verifiable, and hence not trustworthy.
The aim of our research agenda is to design a secure and verifiable system suitable for Australian elections. For pollsite electronic voting, end-to-end verifiable techniques are now practical. For remote (Internet) voting, significant open problems remain, including usable verifiabilty, coercion-resistance, voter authentication, and many other issues. An important theme is using the Internet for disseminating information or connecting voters, without having to trust it for the return of votes.
The most significant product so far is a design for an end-to-end verifiable voting system used in polling places in the 2014 state election here in Victoria. See the vVote Tech Report. This is joint work with an international team including Craig Burton, Chris Culnane, Steve Schneider'sTrustworthy voting systems group at Surrey. and Peter Ryan's Secure, reliable and trustworthy voting systems project at Luxembourg.
NSW Local Council count analysisOur article (with Andrew Conway et al.) about finding and fixing an error in the NSW local council count software is here. For more detail, see the Tech Report
Senate AuditingIn order to permit meaningful scrutiny of the new Senate counting process, we developed a new method for statistical auditing of Australian Senate votes. Joint work with Berj Chilingirian, Zara Perumal, Ronald L. Rivest, Grahame Bowland, Andrew Conway, Philip B. Stark, Michelle Blom, Chris Culnane.
Alex Halderman and I completed a security analysis of the iVote Internet voting system, which ran in the 2015 New South Wales state election. We found that the system suffered from serious security problems, including opportunities to violate vote privacy, manipulate votes and circumvent the verification mechanism. The paper is now available on ArXiv. The same system was used in Western Australia's 2017 state election - see a brief explanation of why TLS proxying is not appropriate for elections, joint work with Chris Culnane, Mark Eldridge, Aleksander Essex, Dr Yuval Yarom
Computing the margin of victory in STV elections
Co-supervised with Peter Stuckey
Australia's preferential voting system has the advantage that with only a single election a winner (or multiple winners) can be determined. But given that votes can be lost or miscounted it is interesting to know how many votes would need to be changed to modify the result of an election. This is a challenging combinatorial problem. While some approaches are known for the single electorate case, the current technology to solve this problem does not scale well. And we are unaware of any modelling of the case for multi-position preferential voting (the Australian Senate). The aim of this project is to develop algorithms and software to determine how many votes would be need to modified to change the results of a preferential election.
Research project: Privacy and open data
Our privacy analysis, demonstrating easy supplier and patient re-identification of the MBS/PBS billing dataset, is available here.
Conferences and boards
I was co-editor with Josh Benaloh, Steve Schneider and Peter Ryan of the IEEE Security and Privacy Magazine's Special Issue on e-voting.
I am co-chair with Jeremy Clark of Voting '18, a workshop on secure e-voting associated with the Financial Cryptography conference.
In 2016 I was co-chair with Josh Benaloh and Peter Ryan of the Track on Security, Usability, and Technical Issues at E-Vote-ID, the new union of Europe's two academic e-voting conferences.
In 2013 I was co-chair with Steve Schneider and James Heather of Vote ID 2013.
I am on the editorial board of the USENIX Journal of Election Technology and Systems.
We are available for research and consulting in applied cryptography, cybersecurity and privacy. Usually our reports are public. We aim to solve a problem, analyze an existing solution, or explain the options and their tradeoffs. We specialize in explaining complex technical issues in an accessible way. A recent example is our Privacy Assessment of de-identified Opal data for Transport for NSW with Ben Rubinsten.
Submissions and Hearings
Our Submission to the Australian government's consultation on the Telecommunications Assistance and Access Bill.
Our Submission to the NSWEC's inquiry into iVote.
Parliamentary submissions are available at the relevant inquiry's webpage.