Over the last four decades, information technology has begun to transform the electoral process---perhaps the most foundational process upon which democratic societies are built. Computers are gradually replacing manual parts of the democratic process by, for example, tallying results in Excel spreadsheets, predicting exit polls, or by computing seat assignments to parties in parliament (since 1962 in Denmark). With every such transformation, the overall process becomes more efficient, informative, and economical. However, there is a risk of the process becoming less trustworthy. The deployed technology tends to be complex and therefore prone to programming error and vulnerable to malicious attacks. These problems have an adverse effect on the very foundations of democracy. Voters are less likely to trust the electoral process, which inevitably leads to lower voter participation and cynicism.

In order to provide evidence in support of this hypothesis, we propose first to design a rigorous software engineering principle, which we call trust by design that reproduces the trust-instilling elements of the conventional process in an electronic infrastructure. Second, we develop electronic election technology based on the trust by design principle. Third, the municipalities of Frederiksberg, Aarhus, and Copenhagen will help us evaluate the technology empirically in order to analyze the social, political and cultural implications inherent in digitally transforming the democratic process. The results of this project will provide KL and other decision makers important and invaluable insights into how to modernize the democratic process without jeopardizing the fundamental principles upon which democracies rest.

The DemTech project if financed through a generous grant from ​The Danish Council for Strategic Research by the ​Programme Commission on Strategic Growth Technologies.


Our mission is to assist electoral management bodies with the development of digital election systems, the evaluation of threats and challenges, and the analysis and management of risks.


October 2015
The call for papers for E-Voting PhD Seminar, October 8-9, 2015, Copenhagen, Denmark
is published.

May 2015 DemTech and Critical Systems Talk
Speaker: Alex Halderman, University of Michigan
Date: Friday, 22.05.2015
Time: 11:00 - 12:00
Address: IT University of Copenhagen, Rued Langgards Vej 7, Room 3A08
Title: Logjam
Abstract: Prof Alex Halderman is one of the people behind the discovery of the logjam attack that was published today. https://weakdh.org. He will give a brief overview about how the attack works, and discuss its implications for example, for national security.
RSVP: if you plan to attend. Carsten Schürmann, carsten@demtech.dk
Bio: Alex Halderman is Morris Wellman Faculty Development Assistant Professor of Computer Science and Engineering at the University of Michigan and Director of the Center for Computer Security and Society at University of Michigan. His research focuses on computer security and privacy, with an emphasis on problems that broadly impact society and public policy.

May 2015
Lorena Ronquillo gave a guest lecture in ITU's security course. You can find her slides here .

May 2015
Alex Halderman and Carsten Schürmann will give a Science and Cocktails talk on Securing Digital Democracy. All are welcome. Date: 19. May, 2015. Time: 20:00. Location: Byens Lys Christiania (Carsten's slides pdf, powerpoint).

April 2014
DemTech has published its 2014 Newsletter. Read it here.

April 2015 DemTech talk
Speaker: Douglas Wikström, KTH Stockholm, Sweden
Title: A Mix-Net From Any CCA2 Secure Cryptosystem
Abstract: We construct a provably secure mix-net from any CCA2 secure cryptosystem. The mix-net is secure against active adversaries that statically corrupt less than l out of k mix-servers, where l is a threshold parameter, and it is robust provided that at most min(l-1,k-l) mix-servers are corrupted.
The main component of our construction is a mix-net that outputs the correct result if all mix-servers behaved honestly, and aborts with probability 1-O(M^{-(t-1)}) otherwise (without disclosing anything about the inputs), where t is an auxiliary security parameter and M is the number of honest parties. The running time of this protocol for long messages is roughly 3tc, where c is the running time of Chaum's mix-net (1981).

April 2015
Carsten Schürmann gave a talk on mathematical models. Slides.

March 2015
Carsten Schürmann was invited and attended the 12th European Conference of the Electoral Management Bodies addressing the following topics: ENSURING NEUTRALITY, IMPARTIALITY AND TRANSPARENCY IN ELECTIONS and THE ROLE OF ELECTORAL MANAGEMENT BODIES.

March 2015
DemTech is organizing a Workshop on Democracy in the Digital Age from March 16 - March 20, 2015. For more information click here.

March 2015 DemTech talk
Speaker: Christian Probst, DTU, Denmark
Title: Insider Threats and Social Engineering
Abstract:Insider threats are a major threat against organisations and IT systems. In most cases, insiders have better knowledge about an organisaton's assets, policies, and workflows, and have authorized access to many of these. Therefore, actions by a malicious insider are usually hard to detect. Social engineering is often used by attackers to get insiders to perform actions, which they should not perform but are authorized to do. In this talk I will give examples for insider threats and social engineering, discuss different definitions of insiders, and present some models of how to deal with insider threats.

February 2015
On mission to Estonian Parliamentary election. Olivier Belanger, Lorena Ronquillo and Carsten Schürmann observed the Riigikogu (Parliamentary) Elections in Tallinn, Estonia on March 1st. Olivier Belanger attended the E-voting PhD Seminar preceeding the event as well. For more information click here.

February 2015 DemTech talk Speaker: Yvonne Dittrich
IT University of Copenhagen
Title: What does it mean to use method? Towards a Practice Theory for Software Engineering
Abstract: Methods, processes and tools and tools to support them are at the heart of Software Engineering as a discipline. However, as we all know, their use does not necessarily result in homogeneous, predictable software projects. What is lacking is an understanding of how methods inform software development. In the talk, I will apply and develop the set of concepts based on the practice-concept in philosophy of sociology to describe and understand methods and their application. Practice here is not understood as opposed to theory, but as a commonly agreed on way of acting, which is acknowledged by the team. The results and steps in the philosophical argumentation are exemplified using published empirical research. Methods are defined as practice patterns that need to be related to and integrated in an existing development practice. The application of a method is developed as a 'development of practice'. This practice is in certain aspects aligned with the description of the method, but a method always under-defines practice. The implication for research, industrial software development and teaching are outlined. The theoretical/philosophical concepts allow explaining the heterogeneity in application of software engineering methods and are in line with empirical research results.

January 2015
Carsten Schürmann joined IEEE 1622.6, Voting Systems Standards Committee (VSSC) Voting Methods Mathematical Models Working Group.

January 2015
Carsten Schürmann attended a talk on Perspectives on Crisis and Conflicts in the World at UN-City, Copenhagen. The talk was given by Grete Faremo, Under-Secretary General of the United Nations and Executive Director of UNOPS.

December 2014
Carsten Schürmann is lecturing on logical frameworks at the ANU Logic Summer School in Canberra, ACT, Australia.

November 2014
DemTech's Carsten Schürmann and Jari Kickbusch attended the shuffling and decryption ceremony at the Victoria Electoral Commission (VEC), Melbourne, Australia, today. More than a 1000 electronic votes were shuffled, decrypted and printed to be included in the count for the Victoria State Election. Read more here.

November 2014
The DemTech Group examined the electronic voting system of the Victorian Electoral Commission (VEC). Our report can be accessed from the EAV-detailed information page of the VEC.

November 2014
The International IDEA publication on The Use of Open Source Technology in Elections is now online.

October 2014
Carsten Schürmann participated at the ICT Proposals' Day and event organized by the European Commission that focuses on the Horizon 2020 Work Programme 2015 in the field of Information & Communication Technologies.

October 2014
Several members of DemTech participated in October 29-31 in the 6th International Conference on Electronic Voting. EVOTE is considered one of the leading international events for e-voting experts, which provides a forum for interdisciplinary and open discussion of all issues related to electronic voting, from both a theoretical perspective and a practical one. The conference was held in the beautiful renaissance castle of Hofen, at Lochau/Bregenz, on the shores of the Lake Constance in Austria.
This edition gathered around 100 participants from 33 different countries, including practitioners, decision makers, vendors and researchers. In a session devoted to Trust in Electronic Elections, Randi, Lorena and Carsten presented their interdisciplinary work “Trust in Internet Election: Observing the Norwegian Decryption and Counting Ceremony”. The paper, published in the corresponding proceedings, discusses from a pragmatic approach to trust how witnessing is brought about in the public event that took place within the internet voting trial of the Norwegian parliamentary elections of 2013, in which the electronic votes were decrypted and counted in front of an audience.
Prior to the main conference, a one-day PhD Colloquium also took place in the same venue, where Olivier had the opportunity to discuss his ongoing research on the relation between e-voting and election observation.

September 2014
Carsten Schürmann together with Michael Clouser, Robert Krimmer, Henrik Nore, and Peter Wolf wrote an International IDEA publication on The Use of Open Source Technology in Elections.

August 2014
Carsten Schürmann was one of four experts invited to the NemId Visionarium at Version2, discussing the next generation of Denmark's national ID infrastructure.

June 2014
DemTech organized a scientific session at ESOF 2014 on the topic Democracy in the digital age: computational aspects of voting systems

June 2014
Robert Krimmer is visting DemTech. He will give a talk about the challenges of observing new voting technologies. The talk will take place on Friday, June 20, 2014, 12:00 in 2A08.

June 2014
Democracy and technology seminar: Center for Health and Society (CSS) in Copenhagen is arranging a seminar today on democracy and technology. Alex Haldermann, who is known for his work on election security, and Carsten Schürmann from DemTech will give talks about Estonian internet voting and risk limiting audits respectively. Kasper Møller Hansen and Jonas Hedegaard Hansen from the Political Science faculty at Copenhagen University will give a presentation on applying information from digital voting lists in turnout studies.

May 2014
DemTech is running a pilot on risk-limiting audits during the European Parliament election.
More information.

May 2014
In May 2014, DemTech organized the third DemTech Workshop on Danish Elections, Trust, and Technology for the Mongolian Election Commission Meeting 2014. We had presentations by Associate Prof. Carsten Schürmann (Principal Investigator DemTech), Mrs. Altanjargal Batnyam, (Member and General Secretary, General Election Commission of Mongolia), Assistant Prof. Nina Boulus-Rødje (ITU), Associate Prof. Randi Markussen (ITU), Prof. David Basin (ETH Zurich), and Prof. Philip Stark (University of California, Berkeley).
For more information, click here.

April 2014
DemTech organized a PhD course on Code Scanning. This course was intended for PhD students and advanced Master students and it was designed to give an introduction to formal methods, teach the basics of code scanning theory, and allow students to gain first-hand experience with the state of the art code scanners. Code scanners are tools that inspect source code automatically for bugs, security problems and other issues. They are often used to evaluate software used in safety critical systems. Contingent on our ability to secure licenses, we discussed five different tools, such as Coverity, Fortify, Code Sonar, AppScan, and FindBugs. The course was organized in two parts. The first part took place in April, where the organizers gave several lectures about the formal underpinnings of code scanners. During the last lecture we presented some sample code, and assigned (groups of) students to tools.
Read more here

December 2013
We are looking for a postdoctoral researcher in formal methods, software engineering or related topics such as programming languages and distributed systems.

Application closed.

April 2014
DemTech Distinguished Lecture
Speaker: Prof. Stark, Professor and Chair of Statistics, University of California, Berkeley.
Title: Risk Limiting Audits of Parliamentary Elections
Abstract: Risk-limiting audits have a pre-specified minimum probability of correcting incorrect electoral outcomes. The risk limit is the maximum chance that an incorrect outcome is not corrected by the audit. Risk-limiting audits have been conducted in the USA for plurality contests in Ohio and Colorado, and for plurality, majority, super-majority, and "vote-for-n" contests in California. There are two basic approaches to risk-limiting audits, both of which involve inspecting randomly selected records from an audit trail in search of strong statistical evidence that the apparent outcome is correct. Absent strong evidence, they lead to a full hand count, which reveals the correct outcome. Ballot-polling audits use the audit trail alone; comparison audits compare hand counts of randomly selected groups of ballots to reported results for those ballots. Comparison audits are more complex and make more demands on the voting system, but--if the groups for which reported results are available are sufficiently small--can require inspecting fewer ballots than ballot-polling audits when the apparent outcome is indeed correct. Quite recently, the theory of risk-limiting audits was extended to ballot-polling and comparison audits of parliamentary elections like those in Denmark. The calculations required to conduct such audits involve only simple arithmetic, but there can be a fair amount of bookkeeping if there are many parties and many seats.

September 2013
We are looking for enthusiastic students to work on student projects that are directly relevant to DemTech research. You offer an international and exciting working environment and access to real-world data, and real world systems. Help us make a difference!

September 2013
DemTech in Norway to follow internet election trials. Carsten Schürmann, Randi Markussen and Lorena Ronquillo were present when online votes were decrypted and counted for Norwegian Parliamentary Election. The day before Election Day, the three researchers attended a Seminar on internet voting and the Norwegian electoral system.
12 municipalities with a total of 250.000 eligible voters participated in the trails. The voters in the 12 municipalities were also given the opportunity to vote with a paper ballot in a regular polling station.
70.622 of the 250.000 eligible voters cast their vote online.

September 2013
DemTech Reading Group: Cryptographic Voting Protocols
This semester we will discuss foundations and aspects of cryptographic voting protocols in the DemTech Reading Group.

September 2013
DemTech Distinguished Lecture
Speaker: Ian Brightwell, Director IT and CIO, New South Wales Electoral Commission, Australia
Title: Why is Internet Voting a Governance Project and not a Technology Project?

September 2013
DemTech Distinguished Lecture
Speaker: Prof. David Basin, ETH Zurich
Title: Developing Security Protocols by Refinement?
Abstract: We describe an approach to developing security protocols by step-wise refinement. Its core is a refinement strategy that guides the transformation of abstract security goals into protocols that are secure when operating over an insecure channel. The refinement steps successively introduce local states, an adversary, communication channels with security properties, and cryptographic operations realizing these channels. The abstractions we use provide insights on how the protocols work and foster the development of families of protocols sharing a common structure and properties. In contrast to post-hoc verification methods, we develop protocols together with their correctness proofs. We have implemented our approach in Isabelle/HOL and used it to develop a number of entity authentication and key transport protocols.
(Joint work with Christoph Sprenger, ETH Zurich)

June 2013
Starting September 2013 Steffen Dalsgaard will be a member of The Young Academy of Denmark (Det Unge Akademi). The Young Academy is a section for young talented scholars under the Royal Danish Academy of Science and Letters. Its purpose is to strengthen basic research and the interdisciplinary exchange, bridging the gap between science and society - and to give a united voice to some of the most excellent young scientists in Denmark.

June 2013
Carsten Schürmann gave a talk at CADE 2013 in Lake Placid, USA. Carsten presented a joint paper with Bernhard Beckert (KIT) and Rajeev Gore (ANU) on Analysing Vote Counting Algorithms Via Logic at CADE-13 in Lake Placid, USA]. Click here for the slides.

June 2013
The wait is over. Finally another Twelf tutorial, this time collocated with CADE 2013 in Lake Placid, NY.

June 2013
Carsten Schürmann gave his talk on Certifying Voting Protocols at the AR-SEC 2013 workshop in Lake Placid, USA. Click here for the slides.

May 2013
Carsten Schürmann to talk at the Egypt-US Cyber Security workshop in Cairo, Egypt. Carsten gave a talk on Certifying Voting Protocols at the Egypt-US Cyber Security Workshop. Click here for the slides.

April 2013
Distinguished DemTech Lecture
Speaker: Sherif El Tokali, Assistant Resident Representative of the UNDP-Egypt
Abstract: Throughout the past decade United Nations Development Programme (UNDP) has collaborated with the Government of Egypt (GOE) represented by its different ministries, Non-governmental Organizations (NGOs) as well as the Private Sector to positively contribute to a sustainable socioeconomic development in Egypt through the use of the Information and Communication Technologies (ICTs). In specific, the collaboration between UNDP and the Ministry of Communications and Information Technology (MCIT) is considered one of the most successful partnerships which resulted in the formulation and implementation of a number of nationally executed ICT projects in Egypt. Many of these projects did spin-off successfully. Today, the collaboration between UNDP and MCIT is geared towards improving the overall electronic readiness of the youth, women, people with special needs, and civil society organizations and increasing entrepreneurship, Education and Innovation, E- Health. Click here for the slides.

April 2013
Joseph Kiniry, DTU Compute, guest professor at ITU will debate Jacob Scjødt Nielsen, The Danish Board of Technology, at TEKNOFO on Saving Democracy from Technology. eVote – a choice for the future?
Read the full talk descriptions.

See previous news items