threeballot vav and twin
play

ThreeBallot, VAV, and Twin Ronald L. Rivest MIT CSAIL Warren D. - PowerPoint PPT Presentation

Feb 28, 2024 •438 likes •827 views

Ballot + G - B Ballot Box Mixer + B Receipt ThreeBallot, VAV, and Twin Ronald L. Rivest MIT CSAIL Warren D. Smith - CRV Talk at EVT07 (Boston) August 6, 2007 Outline End-to-end voting systems ThreeBallot VAV

  1. Ballot + G - B Ballot Box Mixer + B Receipt ThreeBallot, VAV, and Twin Ronald L. Rivest – MIT CSAIL Warren D. Smith - CRV Talk at EVT’07 (Boston) August 6, 2007

  2. Outline  End-to-end voting systems  ThreeBallot  VAV  Twin

  3. “End-to-end” voting systems  Voter composes and casts ballot as usual, except cast ballot may be encrypted .  Cast ballots posted on public bulletin board (PBB).  Voter gets “receipt” allowing her to confirm & correct posting of her ballot; receipt is typically copy of cast ballot as it should be posted.  Tally is computed by election officials from ballots on PBB (proof of correctness also computed and posted).

  4. End-to-end voting systems VM Result PBB EO Receipt Receipt Voter Cast Ballot Confirm Posting Verify Tally

  5. End-to-end voting systems VM Result PBB EO Receipt Receipt Voter Cast Ballot Confirm Posting Verify Tally “Posted as cast?” “Counted as posted?” “Cast as intended?”

  6. Crypto end-to-end voting systems  Cast ballots are encrypted.  With encrypted ballots, need to ensure they are “ cast as intended” [challenging].  With receipts, need to ensure that they don’t reveal how voter voted [not so hard].  With tally, need to ensure that election result is publicly verifiable [manageable].  Examples: Punchscan, PretAVoter, Scratch&Vote, …

  7. Crypto-free end-to-end systems  Is it possible to have an end-to-end voting system without using cryptography?? cryptography ?

  8. Crypto-free end-to-end systems  Is it possible to have an end-to-end voting system without using cryptography??  Yes. ThreeBallot. cryptography ?  Yes. VAV.  Yes. Twin.

  9. ThreeBallot

  10. Voting w/o crypto -- ThreeBallot  Each voter casts three plaintext ballots  All three cast ballots go on PBB.  Voter takes home copy of arbitrarily- chosen one as receipt.  Receipt does not indicate how she voted, but serves as integrity check on PBB.

  11. ThreeBallot Ballot Ballot Ballot President President President Alice Alice Alice Bob Bob Bob Charles Charles Charles Vice President Vice President Vice President David David David Erica Erica Erica r9>k*@0e!4$% *t3]a&;nzs^_= u)/+8c$@.?(  Each row has 1 or 2 marks. Not 0, not 3.  All three ballots cast and posted on PBB.  Voter takes home copy of one as “receipt”.

  12. ThreeBallot Ballot Ballot Ballot President President President Alice Alice Alice Bob Bob Bob Charles Charles Charles Vice President Vice President Vice President David David David Erica Erica Erica r9>k*@0e!4$% *t3]a&;nzs^_= u)/+8c$@.?(  Each row has 1 or 2 marks. Not 0, not 3.  All three ballots cast and posted on PBB.  Voter takes home copy of one as “receipt”.

  13. Tallying in ThreeBallot  Tally as usual: each candidate receives n extra votes ( n = number of voters), but election outcome is unchanged.  Works for (or can be adapted for) ordinary plurality voting, approval voting, and range voting, but not for IRV or other schemes where voter must rank-order choices.  Also doesn’t work for write-in votes.

  14. Casting ballots  Votes are cast in a physical ballot box; order of casting is lost, and it is should be impossible to figure out which three ballots originally formed a ballot triple.

  15. Ensuring valid votes  Need way to ensure that votes are valid -- voter doesn’t vote zero or three times for anyone.  Voter casts ballots through a checker machine that checks validity of ballot triple before allowing them to be cast. Ballot Ballot Ballot Checker Machine Ballot Box

  16. Making receipts  Voter may arbitrarily choose one ballot to be copied as her receipt.  No record kept of which was copied.  Can integrate copying with checker (Shamos checker).  Receipts should be “unforgeable”. Ballot Ballot Ballot Checker Machine Receipt Ballot Box

  17. Confirming Posting  Ballots aren’t posted on PBB until polls are closed.  Each ballot should have a unique ID (matching ID on receipt copy), so that ID can be looked up on PBB.  Voters should not see (and/or not be able to memorize) ID’s for ballots that were not copied (to prevent vote-selling).

  18. Short Ballot Assumption (SBA)  Since ballots are published in plaintext , voters must not be able to identify their ballots by the selection of choices made.  Short Ballot Assumption: ballot is short enough so that each possible arrangement of choices likely to have been made by several voters.  Can separate ballot into several short ones to ensure SBA.  SBA also prevents reconstruction attacks.

  19. Integrity of PBB  Since no one knows which ballots posted on PBB have been copied for receipts, any significant tampering with PBB is likely to be detectable.

  20. Coercion-freeness  Voter can bring home an arbitrary- looking receipt, independent of her choices. Thus, voter can’t sell vote using her receipt.  Adversary (or voter) can’t determine which three ballots were in original triple from PBB and receipt.

  21. Usability  Not so good! Voting three ballots would be confusing to many!  Note: Can mix “OneBallot” (ordinary ballots) with ThreeBallot: – OneBallot voters don’t get receipts. – But their ballots posted on PBB are protected along with ThreeBallots.

  22. ThreeBallot is end-to-end  ThreeBallot provides end-to-end security: – Voter is confident her ballot is cast as intended. – Voter can check that her ballot is included in collection of ballots being tallied. – Voters can check that tampering with collection has not occurred. – Anyone can add up ballots on PBB to obtain correct election result.

  23. + G - B + B VAV (Vote // Anti-Vote // Vote)

  24. VAV = ThreeBallot Variation  Like ThreeBallot: each voter casts three ballots and takes home copy of one as a receipt.  But VAV works for any vote-tallying system (e.g. IRV), not just plurality, approval, and range-voting.  Key idea: one ballot may cancel another ballot. Of three ballots cast, two of them must cancel each other.

  25. VAV Example Ballots (Blank) V A V Ballot Ballot Ballot President President President Alice Alice _ Alice _ _ Bob Bob Bob _ _ _ _ _ _ Charles Charles Charles Vice President Vice President Vice President _ _ _ David David David _ _ _ Erica Erica Erica 4765239014119052 155236349001341 144578232133782

  26. VAV Example Ballots V A V Ballot Ballot Ballot President President President Alice Alice 1 Alice 3 1 Bob Bob Bob 3 3 1 2 2 2 Charles Charles Charles Vice President Vice President Vice President 2 2 1 David David David 1 1 2 Erica Erica Erica 4765239014119052 155236349001341 144578232133782  Second ( A nti-) ballot cancels first ballot, since they are identical except for A/V notations.  As in ThreeBallot, voter can take home copy of any one ballot as her receipt.

  27. Tallying VAV ballots  Tallier finds pairs of V/A ballots that cancel, and removes such pairs from further consideration. (The ballots in a pair don’t need to have originated with the same voter.)  Remaining ballots are tallied to determine election results.  VAV handles any voting system.  VAV also provides end-to-end security.

  28. Ballot twin original Ballot Box Mixer Twin Receipt

  29. Key Idea for Twin  With ThreeBallot, voter could not use take-home receipt to sell her vote, because it copied only a part of her ballot.  With Twin, voter can not use take-home receipt to sell her vote, because it is copy of some other voter’s ballot.  Single original may be copied more than once, or not at all.  Simple!

  30. “Mixing up” voter receipts  Voter places her receipt into the bin, and receives a copy of some previous voter’s receipt from the bin.  First 10 voters don’t Receipt get take-home receipt.  Voter checks PBB with her take-home receipt.  At end of day, bin has all original receipts; enables additional check on PBB.

  31. “Mixing up” voter receipts  Voter places her receipt into the bin, and receives a copy of some previous voter’s receipt Previous from the bin. Voter’s  First 10 voters don’t Receipt Receipt get take-home receipt.  Voter checks PBB with her take-home receipt.  At end of day, bin has all original receipts; enables additional check on PBB.

  32. “Mixing up” voter receipts  Voter places her receipt into the bin, and Take-home copy receives a copy of some Receipt previous voter’s receipt Previous from the bin. Voter’s  First 10 voters don’t Receipt Receipt get take-home receipt.  Voter checks PBB with her take-home receipt.  At end of day, bin has all original receipts; enables additional check on PBB.

  33. “Mixing up” voter receipts  Voter places her receipt into the bin, and Take-home receives a copy of some Receipt previous voter’s receipt Previous from the bin. Voter’s  First 10 voters don’t Receipt Receipt get take-home receipt.  Voter checks PBB with her take-home receipt.  At end of day, bin has all original receipts; enables additional check on PBB.

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Short Ballot Assumption and Threeballot E-voting Voting Protocol Threeballot Strauss Attack

Short Ballot Assumption and Threeballot E-voting Voting Protocol Threeballot Strauss Attack

Threeballot and SBA Cicho n, Kutyowski, We glorz Short Ballot Assumption and Threeballot E-voting Voting Protocol Threeballot Strauss Attack SBA Jacek Cicho n Mirosaw Kutyowski Bogdan We glorz Results 2

653 views • 44 slides
Libertarianism at Twin Harvard Capitalism University of Virginia Matthias Brinkmann Boston,

Libertarianism at Twin Harvard Capitalism University of Virginia Matthias Brinkmann Boston,

Libertarianism at Twin Harvard Capitalism University of Virginia Matthias Brinkmann Boston, Mount Auburn Cemetery 2 22/10/2019 Twin Harvard Contents 1. Rawlss argument for the difference principle 2. Twin Rawls 3. Twin Nozick Twin

532 views • 15 slides
Digital Twin FUTURE PLM TRENDS IN ENGINEERING Digital Twin IoT The Digital Twin closes the

Digital Twin FUTURE PLM TRENDS IN ENGINEERING Digital Twin IoT The Digital Twin closes the

Engineering of the Future Focus: Digital Twin FUTURE PLM TRENDS IN ENGINEERING Digital Twin IoT The Digital Twin closes the circle from reality back to engineering (and within engineering), enabling deeper insights faster and helping to

471 views • 18 slides
OCTO-TWIN The OCTO- Twin Study (Origins of Variance in the Old - Old) was planned in the late

OCTO-TWIN The OCTO- Twin Study (Origins of Variance in the Old - Old) was planned in the late

OCTO-TWIN The OCTO- Twin Study (Origins of Variance in the Old - Old) was planned in the late 80s and became the first major population-based longitudinal twin study directed to the oldest old when the data collection started in 1991. On

237 views • 3 slides
Corporate Team Challenge About Twin Cities In Motion Twin Cities In Motion (TCM) has been the

Corporate Team Challenge About Twin Cities In Motion Twin Cities In Motion (TCM) has been the

Corporate Team Challenge About Twin Cities In Motion Twin Cities In Motion (TCM) has been the regions premier running event company since 1982. Its mission is simple - ignite everyones inner athlete. TCM is a 501 (c) 3 nonprofit that

339 views • 9 slides
Corporate Team Challenge About Twin Cities In Motion Twin Cities In Motion (TCM) has been the

Corporate Team Challenge About Twin Cities In Motion Twin Cities In Motion (TCM) has been the

Corporate Team Challenge About Twin Cities In Motion Twin Cities In Motion (TCM) has been the regions premier running event company since 1982. Its mission is simple - ignite everyones inner athlete. TCM is a 501 (c) 3 nonprofit that

606 views • 16 slides
Twin Gestations Twice the Fun, or Double Trouble? BIOL 6505 Stephen R. Carr, MD Program in

Twin Gestations Twice the Fun, or Double Trouble? BIOL 6505 Stephen R. Carr, MD Program in

Twin Gestations Twice the Fun, or Double Trouble? BIOL 6505 Stephen R. Carr, MD Program in Fetal Medicine Brown University Women & Infants Hospital Twin Gestations Introduction Types of Twins Causes of Twin Gestation

695 views • 46 slides
Twin Valley Roundtable April 9, 2020 Twin Valley Calendar Updated from June on.

Twin Valley Roundtable April 9, 2020 Twin Valley Calendar Updated from June on.

Email for me for a copy of this presentation. Note: Please keep your mic muted unless asking a question. Twin Valley Roundtable April 9, 2020 Twin Valley Calendar Updated from June on. Earlier dates are still being decided on.

533 views • 25 slides
General Information June, 2009 About TWIN About TWIN Facility is located in South Windsor,

General Information June, 2009 About TWIN About TWIN Facility is located in South Windsor,

General Information June, 2009 About TWIN About TWIN Facility is located in South Windsor, Connecticut USA, near Pratt & Whitney and IAE Headquarters. Independently owned and operated: Paul D'arcy (former President, Windsor

649 views • 16 slides
Twin Cities Sustainable Harbor Strategy Project Goal The goal of the Twin Cities Sustainable

Twin Cities Sustainable Harbor Strategy Project Goal The goal of the Twin Cities Sustainable

Twin Cities Sustainable Harbor Strategy Project Goal The goal of the Twin Cities Sustainable Harbors Initiative is to facilitate the development of long-term, sustainable strategies that enable Michigans Great Lakes coastal communities to

215 views • 10 slides
Twin Cities Sustainable Harbor Strategy Project Goal The goal of the Twin Cities Sustainable

Twin Cities Sustainable Harbor Strategy Project Goal The goal of the Twin Cities Sustainable

Twin Cities Sustainable Harbor Strategy Project Goal The goal of the Twin Cities Sustainable Harbors Initiative is to facilitate the development of long-term, sustainable strategies that enable the communities to maximize the benefits of

555 views • 16 slides
Aflatoxin Risk Management: Value Chain Partnerships Forum for Agricultural Risk Management in

Aflatoxin Risk Management: Value Chain Partnerships Forum for Agricultural Risk Management in

Aflatoxin Risk Management: Value Chain Partnerships Forum for Agricultural Risk Management in Development 19 th November 2013 Andrew Emmott Twin & Twin Trading Twin & Twin Trading: Value Chain Partnerships Introduction: Twin &

318 views • 12 slides
Kagome / Netafim Twin Lateral Trial Kagome / Netafim Twin Lateral Trial The Problem

Kagome / Netafim Twin Lateral Trial Kagome / Netafim Twin Lateral Trial The Problem

Kagome / Netafim Twin Lateral Trial Kagome / Netafim Twin Lateral Trial The Problem Application of technology the Israel trip What we are hoping to achieve New dripper technology Low flow Concept Trial System Design

349 views • 15 slides
DIGITAL TWIN CITIES CENTRE (DTCC) DESIGN DIGITAL TWIN CITIES DECISION MODEL ARCHITECTURAL

DIGITAL TWIN CITIES CENTRE (DTCC) DESIGN DIGITAL TWIN CITIES DECISION MODEL ARCHITECTURAL

HGANS KOMMUN OCH DIGITAL TWIN CITIES CENTRE (DTCC) DESIGN DIGITAL TWIN CITIES DECISION MODEL ARCHITECTURAL DESIGN & CONSTRUCTION URBAN PLANNING & DESIGN MAINTENANCE & MONITORING VISUALISE SIMULATE

463 views • 22 slides
2015 H2020 H2020 INN -2015 EXCELL TWIN FOR E SERBIA F CALL FOR TWIN INNING - Call

2015 H2020 H2020 INN -2015 EXCELL TWIN FOR E SERBIA F CALL FOR TWIN INNING - Call

Cooperation Meeting, July 2018 Thai Nguyen University, Vietnam Technical University, Ho Chi Minh City, Vietnam 2015 H2020 H2020 INN -2015 EXCELL TWIN FOR E SERBIA F CALL FOR TWIN INNING - Call identifier: H2020 H2020-TWINN-2015

530 views • 7 slides
Be-TWIN This project has been funded with support from the European Commission. This presentation

Be-TWIN This project has been funded with support from the European Commission. This presentation

Be-TWIN Be-TWIN This project has been funded with support from the European Commission. This presentation reflects the views of the author(s) and the Commission cannot be held responsible for any use which may be made of the information

631 views • 39 slides
First Quarter 2016 Earnings Teleconference May 6, 2016 One of North Americas largest electric

First Quarter 2016 Earnings Teleconference May 6, 2016 One of North Americas largest electric

First Quarter 2016 Earnings Teleconference May 6, 2016 One of North Americas largest electric utilities TSX: H Hydro One Limited First Quarter Financial Summary First Quarter ($ millions) 2016 2015 Change Revenue Transmission $386

159 views • 11 slides
2017 HUD Preservation Workbook and Recapitalization Excel Tool Webinar Conceiving a

2017 HUD Preservation Workbook and Recapitalization Excel Tool Webinar Conceiving a

2017 HUD Preservation Workbook and Recapitalization Excel Tool Webinar Conceiving a Recapitalization Strategy Using HUDs Support Tools Presented Thursday, December 7 th , 2017, 3:00 p.m., EST. Introductions Moderator Minnie Monroe

619 views • 42 slides
QA Lab-PoliInfo Classification Task Minoru Sasaki and Tetsuya Nogami Ibaraki University 1

QA Lab-PoliInfo Classification Task Minoru Sasaki and Tetsuya Nogami Ibaraki University 1

Ibrk at the NTCIR-14 QA Lab-PoliInfo Classification Task Minoru Sasaki and Tetsuya Nogami Ibaraki University 1 Introduction Stance Classification automatically identify speaker's position on a specific target of topic from text.

322 views • 17 slides
Test progress monitoring and control Chapter 5 Part 2 3. Test progress monitoring and control

Test progress monitoring and control Chapter 5 Part 2 3. Test progress monitoring and control

INF 3121 Software Testing Test progress monitoring and control Chapter 5 Part 2 3. Test progress monitoring and control 4. Configuration management 5. Risk and testing 6. Incident management Test progress monitoring and 1. Test

665 views • 41 slides
Gender and Americas Safety Net Reach Linda Burton, Marybeth Mattingly, Juan Pedroza, and

Gender and Americas Safety Net Reach Linda Burton, Marybeth Mattingly, Juan Pedroza, and

Gender and Americas Safety Net Reach Linda Burton, Marybeth Mattingly, Juan Pedroza, and Whitney Welsh CENTER ON POVERTY AND INEQUALITY TWO QUESTIONS Four key social insurance programs of disadvantaged Americans (safety net): public

416 views • 10 slides
Building Java Programs Chapter 2 Variables and For Loops reading: 2.2 - 2.3 1 2 Variables

Building Java Programs Chapter 2 Variables and For Loops reading: 2.2 - 2.3 1 2 Variables

Building Java Programs Chapter 2 Variables and For Loops reading: 2.2 - 2.3 1 2 Variables reading: 2.2 3 Receipt example What's bad about the following code? public class Receipt { public static void main(String[] args) { // Calculate

527 views • 30 slides
Remittance Receipts by Ghanas Households: Understanding Their Distribution and the Impact on

Remittance Receipts by Ghanas Households: Understanding Their Distribution and the Impact on

Remittance Receipts by Ghanas Households: Understanding Their Distribution and the Impact on Investment in Basic Education Louis Boakye-Yiadom Monica Lambon-Quayefio Paper Presented at the WIDER/ARUA Conference on Migration and Mobility 5-6

1.39k views • 19 slides
Serving Students with Disabilities during Periods of Remote or Blended Learning Technical

Serving Students with Disabilities during Periods of Remote or Blended Learning Technical

Serving Students with Disabilities during Periods of Remote or Blended Learning Technical Assistance Session 3: Developing Data-driven Supports Summer 2020 | Jennifer Carpenter and Kelley Scholl No Computer Audio? Check connections WebEx

734 views • 38 slides

More recommend