I'm a cryptographer living and working on Wurundjeri land in Southeastern Australia (near Melbourne). I am interested in cryptographic protocols that support a free and democratic society. I work on openly-available research and open source software for supporting democratic decisionmaking and empowering ordinary people to make choices about their own data.

Some highlights and favourite papers are:

Cryptographic analysis of e-voting systems

We've shown serious errors and security problems in e-voting and e-counting systems in Western Australia, New South Wales and Switzerland. The problems we identified allowed for undetectable privacy breach or election manipulation. We hope that we have made that a little harder. Our talk for IEEE Security and Privacy (Oakland) is here. The same attack applies also to the NSW iVote system, with a slight modification described here.

See also this nontechnical article from the IEEE Security and Privacy magazine, which explains the main ideas of electronic election verification.

Joint work with Andrew Conway, Chris Culnane, Mark Eldridge, Aleks Essex, Alex Halderman, Thomas Haines, Sarah Jamie Lewis and Olivier Pereira.

Auditing complex elections

We've developed a number of new tools and techniques, most supported by open source software, for auditing complex elections. This culminated in a world-first pilot Risk-Limiting Audit of Instant Runoff Votes in San Francisco in November 2019. You can do RLA's for IRV!

See also our proposal for auditing Parliamentary elections such as India's.

Joint work with Andrew Conway, Michelle Blom, Chris Culnane, Dan King, Laurent Sandrolini, Philip B. Stark and Peter J. Stuckey.

Privacy and open data

Chris Culnane, Ben Rubinstein and I demonstrated the easy re-identifiability of doctors and patients in open Australian Medicare-PBS data and of ordinary commuters in open Victorian Public Transport data. We were hoping this would encourage the enlightened view that a person's detailed personal data is still theirs, even when their name has been removed.  

Exposure Notification and contact tracing

See https://github.com/vteague/contactTracing repo for analysis of COVIDSafe and other exposure notification options. 

Verifiable voting from overseas voting centres

I'm working with Arash Mirzaei and VotingWorks on a project for verifiable voting from overseas polling places. 

Draft paper available here.

Outside ANU

I'm also the CEO of Thinking Cybersecurity Pty. Ltd. (https://www.thinkingcybersecurity.com) and the chairperson of Democracy Developers Ltd. (https://www.democracydevelopers.org.au)