Category: voting

  • Voting Security by Example: Voatz

    Voting Security by Example: Voatz

    West Virginia is running an experiment: they’re using Voatz, a mobile-phone based voting system, to help overseas soldiers vote. It’s commendable to try new voting ideas in limited pilot settings, and it’s really commendable to help our military vote. However, there’s one really concerning thing about this proposal: there’s no real technical explanation about how…

  • Blockchain and Voting

    Blockchain and Voting

    Blockchain and Bitcoin may prove to be amazing innovations that change our daily lives, but I doubt they will materially impact how we vote. Here’s why. What Blockchain Is and Isn’t The common way to describe Blockchain is something like: it’s a database, only instead of being run by one central computer you have to…

  • Wombat Voting: Open Audit Elections in Israel

    My friend Alon Rosen is leading an effort with colleagues Amon Ta-Shma, Ben Riva, and Yoni Ben-Nun in Israel to implement and deploy in-person open-audit voting. The project is called Wombat Voting. It combines a number of existing cryptographic techniques in a very nice package. Oh, and they’ve implemented it and used it to run…

  • Online Voting is Terrifying and Inevitable

    Voting online for public office is a terrifying proposition to most security experts. The paths to subversion or failure are many: the server could get overwhelmed by attackers, preventing voting altogether the server could get hacked and the votes changed surreptitiously the users’ machines could get compromised by a virus, which would then flip votes…

  • everything I know about voting I learned from American Idol

    Tonight, American Idol began online voting. Yes, I’m a fan of American Idol, but don’t let that fool you: I’m still a bitchin’ cryptographer. I suspect that American Idol online voting will give rise to many questions such as “wow, awesome, now when can I vote in US Elections with my Facebook account?” and “Why…

  • Crisis in the Java Community… could they have used a secret-ballot election?

    There is a bit of a crisis in the Java community: the Apache Foundation just resigned its seat on the Java Executive Committee, as did two individual members, Doug Lea and Tim Peierls. From what I understand, the central issue appears to be that Oracle, the new Java “owner” since they acquired Sun Microsystems, is…

  • faulty logic, even for good, is still faulty

    So Alex Halderman and team hacked the DC Internet Voting pilot. The voting system they attacked was not particularly well secured, and the type of attack used is a fairly simple web input corruption attack with little novelty. This hack, however, performs a very useful task: educating election officials and the public about what hacks…

  • Fort Knox vs. the Barking Dog

    Over the last few days, Alex Halderman and his team at the University of Michigan hacked an Internet Voting System being field-tested by the DC Board of Elections. First, we need to commend both Alex’s team for their dutiful analysis of this system, and, more importantly, the DC Board of Elections for running an open…

  • Usenix Security, voting and health security

    I’m at Usenix Security 2010 in DC, starting with the EVT/WOTE Workshop on voting where I’ll be presenting an update on Helios, then the HealthSec workshop where I’ll be on a panel discussing my paper with Zak Kohane and Ken Mandl on using a Personally Controlled Health Record for health-information exchange [PDF]. The voting crowd…

  • What the Oscars teach us about voting

    This year, the voting process for the Oscars has changed. Rather than indicating a single choice as they have done since 1946, members of the Academy will provide a first choice, a second choice, etc.. potentially ranking all 10 nominees for Best Picture if so desired. Some are speculating that this will affect the results.…

  • For deniability, faking data even the owner can’t prove is fake

    I was speaking with a colleague yesterday about Loopt, the location-based social network, the rise of location-based services and the incredible privacy challenges they present. I heard the Loopt folks give a talk a few months ago, and I was generally impressed with the measures they’re taking to protect their users’ data. I particularly enjoyed…

  • Takoma Park 2009: the conclusion

    Well, it’s been a few weeks of craziness at home and catching up on other work, but I’ve finally wrapped up the Takoma Park 2009 audit. The final step: letting you, dear reader, run the audit all on your own. You’ll find the complete instructions here on the auditing site. I haven’t tested this on…

  • Takoma Park: verifying the shuffle and the unopened ballots

    So the votes have been cast, the uncertified tally has been released, and the confirmation codes have been published for all voters to check. Now, it’s time to make sure that the coded votes, which were shuffled via the Shuffle Tables into the decoded votes in the Results table, were indeed shuffled and decoded correctly.…

  • Takoma Park: auditing the auditor

    Rick Carback from the Scantegrity team just pointed out to me that my totals are not quite the same as theirs, and he surmises that I may have read the Instant Runoff rules incorrectly. Specifically, my code considers that ballots that skip a rank, i.e. that go directly to choice #2 and never indicate a…

  • Takoma Park: so can I see my confirmation code already?

    [This post is part of my Auditing the Takoma Park Municipal Election series.] So the votes have been cast, and voters went home. Some of them wrote down their confirmation codes. They probably checked those codes against the official Scantegrity web site. But why would they trust that web site to do all of the…

  • Takoma Park: Meeting 2

    [This post is part of my Auditing the Takoma Park Municipal Election series.] OK, so a couple of days ago we verified the initial P table and D tables for all 6 wards in tomorrow‘s Takoma Park election. Now comes Meeting 2, which was held a couple of weeks ago to open up a random…

  • Takoma Park Election: the 7 steps of auditing

    [This post is part of my Auditing the Takoma Park Municipal Election series.] If you’ve been following, we know what the voter experience is going to be like on Tuesday, and we know what the auditing process is going to be like. So, can we audit this thing already? Yes, we can. Here are the…

  • Source Code and Voting: what’s really on that machine?

    Let’s say someone’s trying to sell you a house. It’s a beautiful house. You visit it. You have it inspected and re-inspected, and it’s perfect. You get a loan approved, and you’re about to sign the papers when you’re told: wait, actually, that house is no longer available, but why don’t you just sign here…

  • Takoma Park 2009: Verifying the Tally from the Confirmation Codes

    [This post is part of my Auditing the Takoma Park Municipal Election series.] We’ll now consider the auditing portion of the Takoma Park election. This is a little bit involved, so we’ll take our time. Importantly, the typical voter does not need to burden themselves with this complexity. All that Valerie, our voter, needs to…

  • Takoma Park 2009: the voter experience

    For background on this post, check out the Auditing Takoma Park 2009 Election. I’m gathering all documentation on a Google Site. This blog will continue to serve as the narrative, while the datasets and documentation will live on the Google Site, and I’ll refer to them as needed from this blog. Let’s begin with an…

  • Auditing the Takoma Park Election

    In November of this year, citizens of Takoma Park, Maryland will use the Scantegrity voting system in their municipal election. This is a significant milestone for open-audit voting systems: the first time a government official is elected using a voting system that is verifiable from start to finish by any observer, even resistant to insider…

  • Schneier on self-enforcing protocols and voting

    Bruce Schneier pens another great article on how certain protocols between people who do not trust one another can be set up to prevent cheating without third-party oversight. Of course, the gem of the article pertains to voting: Modern voting systems are rife with the potential for cheating, but an open show of hands in…

  • Quick Thoughts from EVT Day #2

    I gave an invited talk on crypto voting. Ran out of time, as usual. I need to find a way to describe this stuff more efficiently. Later, I also presented MarkPledge2, joint work with Andy Neff. Olivier de Marneffe presented the UCL/Helios implementation. So much material to present there, he did a fantastic job of…

  • EVT/WOTE 2009, Day 1, Afternoon

    I had to miss the first afternoon session of EVT/WOTE to attend WOOT (Workshop on Offensive Technologies) where Adam was presenting a paper Collin and I co-authored on hijacking bookmarklets (I wrote about this work a few months ago). Sadly, I missed what I hear were two great talks. Oh well, hopefully they’ll be on…

  • EVT/WOTE 2009, Day 1, Morning

    I’m at the Electronic Voting Technology / Workshop on Trustworthy Elections get-together (in Montreal). A few thoughts about the day and talks. Keynote Larry Norden from the Brennan Center is proposing a few ideas about what the voting community should focus on. Voting machine security, including forensics. Thinks statistical analyses to detect fraud is going…

  • Back from Israel – talks and press

    Just got back from a trip to Israel, mostly vacation but a couple of very fun days at the Electronic Voting Workshop organized by IDC Herzliya and Tel Aviv University. A great group of folks, some very lively discussion, and a very productive workshop in Israel before they deploy electronic voting machines (imagine that, debating…

  • Voting Workshop in Israel

    In a couple of weeks, I’ll be in Israel at a voting workshop organized by Ran Canetti, Alon Rosen, Ronitt Rubinfeld, and Assaf Jacob. I’ll be giving a talk on voting security and a second talk on Helios. The workshop will be free and open to the public, and it should be an interesting mix…

  • Helios @ CodeCon

    I’m at CodeCon presenting my Helios voting system in a little bit. But first, there’s a talk on sequencing your own genome at home using basic kitchen equipment. It’s quite rare for me to be at one conference that combines most of my interests in one afternoon! Should be fun.

  • What Verifying an Election Means

    The election at the Université Catholique de Louvain is over, the winner has been declared. So, what does it mean that this was, supposedly, a verifiable election? It means that you can go to the audit web site. There, you’ll find a detailed specification that describes the file formats, encryption mechanisms, and process by which…

  • Open-Audit Voting means a Single Vote Counts

    After an incredibly long and busy week of work for my colleagues Olivier Pereira and Olivier de Marneffe, the UCL election, based on Helios, has been verified and tallied. The trustees arrived earlier today and successfully decrypted the result. Students each got approximately 1/10 of a vote, while Faculty got a full vote. 4000 people…