A Trust-Centric Approach To Quantifying Maturity and Security in Internet Voting Protocols

TL;DR

This paper introduces a trust-centric maturity scoring framework for internet voting protocols, enabling comprehensive evaluation of security, trust assumptions, and usability to aid decision-makers in selecting suitable systems.

Contribution

It proposes the Internet Voting Maturity Framework (IVMF), a novel, extendable toolkit for assessing and comparing internet voting systems based on security and socio-technical factors.

Findings

Evaluated 17 internet voting systems using the IVMF

Identified key trust and security gaps in existing protocols

Provided a standardized assessment approach for decision-makers

Abstract

Voting is a cornerstone of collective participatory decision-making in contexts ranging from political elections to decentralized autonomous organizations (DAOs). Despite the proliferation of internet voting protocols promising enhanced accessibility and efficiency, their evaluation and comparison are complicated by a lack of standardized criteria and unified definitions of security and maturity. Furthermore, socio-technical requirements by decision makers are not structurally taken into consideration when comparing internet voting systems. This paper addresses this gap by introducing a trust-centric maturity scoring framework to quantify the security and maturity of seventeen internet voting systems. A comprehensive trust model analysis is conducted for selected internet voting protocols, examining their security properties, trust assumptions, technical complexity, and practical usability. In this paper we propose the Internet Voting Maturity Framework (IVMF) which supports nuanced assessment that reflects real-world deployment concerns and aids decision-makers in selecting appropriate systems tailored to their specific use-case requirements. The framework is general enough to be applied to other systems, where the aspects of decentralization, trust, and security are crucial, such as digital identity, Ethereum layer-two scaling solutions, and federated data infrastructures. Its objective is to provide an extendable toolkit for policy makers and technology experts alike that normalizes technical and non-technical requirements on a univariate scale.