EVT/WOTE 2009, Day 1, Afternoon

I had to miss the first afternoon session of EVT/WOTE to attend WOOT (Workshop on Offensive Technologies) where Adam was presenting a paper Collin and I co-authored on hijacking bookmarklets (I wrote about this work a few months ago).

Sadly, I missed what I hear were two great talks. Oh well, hopefully they’ll be on video.

I’m back in EVT/WOTE now.

Eric Rescorla revisits the idea of ballot-based auditing (as opposed to precinct-based). But really, Eric, this stuff works best when you sprinkle in some crypto🙂

Ersin Öksüzoǧlu explores how to implement VoteBox on FPGA, aka. VoteBox Nano. Interesting attempt to minimize the requirements of a voting machine.

Joseph Calandrino explores how the recent paper fingerprinting techniques affect voting. Paper fingerprinting looks at the structure of tangled paper fibers. Obviously bad: privacy. Could be useful for auditing to validate real ballots. Fingerprints can be generated… interesting parallel with cryptographic voting schemes.

Invited Talk: Rush Holt

Making sure that votes are counted as intended. 485 experts in elections in Congress. Congress has some difficulty dealing with technological issues. Memories of whether the stolen votes were enough to throw the election. 1965, one of the most dramatic pieces of legislation, took a state/local issue and made it a federal issue: voting rights act. Would argue that the greatest invention of mankind is our Constitutional system of government. Great challenge is overseas balloting. Absentee Ballot Track, Receive, and Record Act passed last month. Don’t think need to explain the risks of delivering votes over the Internet. Paper records required by latest bill in 2010, migrate VVPAT to voter-marked paper ballot by 2014. Routine random audits, hand-count, all federal elections. 3%, 5%, 10% depending on closeness of race. Alternative mechanisms okay if NIST approves. Undisclosed software banned. Arms-length relationship between testing labs and vendors. Talk of “risk-limiting audits.” This is not just an exercise. The way we vote needs to be realistic, practical, and resilient.

Josh Benaloh brings up concern of “confounding paper and verifiability.” Wrong time to mandate *paper* vs. verifiability.

Holt wants each voter to verify her vote, in secret, at the time of casting. I think the only way to do this now is to use paper. David Dill talks about cryptographic end-to-end voting being a “thorn in my side.” Different time scales. Need something in the interim.

Holt: It’s a societal failing that we say science is for scientists, that others don’t need to learn or think about the logic of computers.

Alex Halderman asks about how legislation complicates code because of many requirements.