understanding the security properties of ballot based
play

Understanding the Security Properties of Ballot-Based Verification - PowerPoint PPT Presentation

Feb 10, 2024 •119 likes •284 views

Understanding the Security Properties of Ballot-Based Verification Techniques Eric Rescorla ekr@rtfm.com EVT/WOTE 2009 Understanding the Security Properties of Ballot-Based Verification 1 WARNING This talk contains no research content.

  1. Understanding the Security Properties of Ballot-Based Verification Techniques Eric Rescorla ekr@rtfm.com EVT/WOTE 2009 Understanding the Security Properties of Ballot-Based Verification 1

  2. WARNING This talk contains no research content. EVT/WOTE 2009 Understanding the Security Properties of Ballot-Based Verification 2

  3. Two views of vote tabulation Official Official EMS Scanner(s) Tally Returned Ballots The insider’s view Official Opaque Process Tally Returned Ballots The outsider’s view EVT/WOTE 2009 Understanding the Security Properties of Ballot-Based Verification 3

  4. What are we trying to verify? • The votes were correctly counted • The right candidate won • The stack of votes in front of us was correctly counted • A recount of this stack of votes wouldn’t change the winner • Third party verifiability: A third party with no special access can verify that a recount of this stack* of votes wouldn’t change the winner * Alert: we are sweeping the topic of ballot chain of custody under the rug. EVT/WOTE 2009 Understanding the Security Properties of Ballot-Based Verification 4

  5. Why ballot-based audits? • Statistical power of an audit depends on the number of samples – Very little dependency on the size of each sample – (Assuming attacker is intelligent) • Traditional precinct-based audits are not very efficient • Auditing individual ballots is far more efficient • Independently proposed several times [CHF07, Nef03, Joh04] EVT/WOTE 2009 Understanding the Security Properties of Ballot-Based Verification 5

  6. Ballot-Based Auditing Workflow [CHF07] Ballot Scanner Images/ EMS CVRs Returned Ballots Official Counting Process Audit Process Election Verify Audit Sampled Results Tabulation Ballots Observer Scanned Ballots Adapted from [SRW09] EVT/WOTE 2009 Understanding the Security Properties of Ballot-Based Verification 6

  7. Problems with Ballot-Based Auditing • Finding individual ballots is hard – Possibilities: serial numbers on ballots, hand-indexing, paper counters, weight... • We need to publish the contents of each ballot (CVR or image) – Accessible to any third party – The ballots are anonymous but all contents are published – This allows coercion and vote buying ∗ Easiest if we publish images ∗ Pattern voting EVT/WOTE 2009 Understanding the Security Properties of Ballot-Based Verification 7

  8. What about ballot images? • Trivial to encode information • Even valid marks can encode information – Incompletely/overfilled • Could digitally sanitize – You’ve just turned ballots into CVRs EVT/WOTE 2009 Understanding the Security Properties of Ballot-Based Verification 8

  9. The Math of Pattern Voting • Basic idea: encode voter identity in downticket races – Assume results are reported by precinct ∗ Just need to identify voter within precincts – Need to encode no more than 1000-10,000 distinct identities (10-14 bits) • Each contest lets us encode minimum 1-2 bits – Alice, Bob, undervote, overvote(?) – 10 contests is enough to encode 60,000–1,000,000 identies EVT/WOTE 2009 Understanding the Security Properties of Ballot-Based Verification 9

  10. Humboldt Election Transparency Project Workflow Official Official EMS Scanner Tally Returned Ballots Official Counting Process ETP Rescanning Process Signed ETP ETP Imprinter Ballot Scanner Computer Images Scanned Ballots EVT/WOTE 2009 Understanding the Security Properties of Ballot-Based Verification 10

  11. Advantages of ETP Style Approaches • Fast detection of scanner/EMS errors – Requires minimal manual intervention – It already has found errors: Deck 0 bug – Independent check on compromise of EMS (or scanner) by outsiders • Backup for physical control of ballots – Only applies post-scanning – And requires tight control of images or signing key EVT/WOTE 2009 Understanding the Security Properties of Ballot-Based Verification 11

  12. Does the ETP offer third party verifiability? • Third parties can independently count the scanned ballots – With BallotBrowser or their own software • This only detects some errors – Third parties cannot verify the ETP scanner software – What if it substitutes fake ballot images? – This cannot be detected by re-processing those images • Checking the images requires random sampling – ... At the same level as a ballot-based audit • Easiest to think of ETP checking the tabulation EVT/WOTE 2009 Understanding the Security Properties of Ballot-Based Verification 12

  13. Why digital signatures don’t help • Signatures are applied by the ETP scanning computer [Tra08] • Third parties can download ballot images – And verify that they weren’t tampered in transit • But this doesn’t help if the ETP scanner is compromised – You’re getting fake ballot images that weren’t tampered in transit • Signatures are sort of overkill here – Could just publish a message digest in a non-tamperable form (e.g., local paper) EVT/WOTE 2009 Understanding the Security Properties of Ballot-Based Verification 13

  14. Summary • Ballot-based auditing systems have far higher statistical power – But worse privacy properties (vote buying and coercion) • Finding the right physical ballot is a challenge • ETP provides good detection of scanner/EMS error – And some kinds of outsider attack • ... But requires a separate audit for third-party verifiability EVT/WOTE 2009 Understanding the Security Properties of Ballot-Based Verification 14

  15. References [CHF07] Joseph A. Calandrino, J. Alex Halderman, and Edward W. Felten. Machine-assisted election auditing. USENIX/ACCURATE Electronic Voting Technology Workshop 2007, August 2007. http://www.usenix.org/events/evt07/tech/full_papers/ calandrino/calandrino.pdf . [Joh04] Kenneth C. Johnson. Election certification by statistical audit of voter-verified paper ballots, October 2004. http://papers.ssrn.com/sol3/papers.cfm?abstract_id=640943 . [Nef03] C. Andrew Neff. Election confidence—a comparison of methodologies and their relative effectiveness at achieving it (revision 6), December 2003. http://web.archive.org/web/20060117190359/http: //www.votehere.net/papers/ElectionConfidence.pdf . [SRW09] Cynthia Sturton, Eric Rescorla, and David Wagner. Weight, Weight, Don’t Tell Me: Using Scales to Select Ballots for Auditing. In Joseph Lorenzo Hall, David Jefferson, and Tal Moran, editors, Proceedings of EVT/WOTE 2009. USENIX/ACCURATE/IAVoSS, August 2009. To appear. [Tra08] Mitch Trachtenberg. Can’t Digital Images Be Faked. http://democracycounts. blogspot.com/2008/07/cant-digital-images-be-faked.html , August 2008. EVT/WOTE 2009 Understanding the Security Properties of Ballot-Based Verification 15

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Ballot Article 8 Tax Stabilization Ballot Language Shall the voters authorize the Richmond

Ballot Article 8 Tax Stabilization Ballot Language Shall the voters authorize the Richmond

Ballot Article 8 Tax Stabilization Ballot Language Shall the voters authorize the Richmond Selectboard to negotiate and enter a Tax Stabilization Agreement for Economic Development purposes, for the properties commonly known as the Creamery,

561 views • 10 slides
Surface-based Cloud Radiative Properties for Improved Understanding of Aerosol Indirect Effects

Surface-based Cloud Radiative Properties for Improved Understanding of Aerosol Indirect Effects

Surface-based Cloud Radiative Properties for Improved Understanding of Aerosol Indirect Effects (Aerosol-Cloud Interactions) Allison McComiskey, Elisa Sena, Chuck Long, Graham Feingold Data acknowledgements: Anne Jefferson, Joe Michalsky, Gary

457 views • 20 slides
MA111: Contemporary mathematics . Jack Schmidt University of Kentucky August 27, 2012 Entrance

MA111: Contemporary mathematics . Jack Schmidt University of Kentucky August 27, 2012 Entrance

. MA111: Contemporary mathematics . Jack Schmidt University of Kentucky August 27, 2012 Entrance Slip (due 5 min past the hour): Convert the following linear ballots into a preference schedule: Ballot Ballot Ballot Ballot Ballot Ballot

356 views • 17 slides
Investigating the security properties of MACs based on stream ciphers Leonie Simpson, Mufeed Al

Investigating the security properties of MACs based on stream ciphers Leonie Simpson, Mufeed Al

Investigating the security properties of MACs based on stream ciphers Leonie Simpson, Mufeed Al Mashrafi, Harry Bartlett, Ed Dawson and Kenneth Wong Institute for Future Environments Science and Engineering Faculty Queensland University of

650 views • 35 slides
Agenda What are ballot measures? Kellie Dupree What are 501(c)(3) organizations Director

Agenda What are ballot measures? Kellie Dupree What are 501(c)(3) organizations Director

Agenda What are ballot measures? Kellie Dupree What are 501(c)(3) organizations Director of Partnerships and Training allowed to do Ballot Initiative Strategy Center Direct Lobbying limits Stories from the field: Ballot measure

653 views • 16 slides
ccTLD Security Understanding the Anxiety and Consequences Barry Raveendran Greene

ccTLD Security Understanding the Anxiety and Consequences Barry Raveendran Greene

ccTLD Security Understanding the Anxiety and Consequences Barry Raveendran Greene bgreene@isc.org Agenda ccTLD Security is not new Cybercriminal Toolkit Understanding why security people are irritated might help to provide

751 views • 46 slides
Ballot privacy in elections: new metrics and constructions. Olivier Pereira Universit e

Ballot privacy in elections: new metrics and constructions. Olivier Pereira Universit e

Ballot privacy in elections: new metrics and constructions. Olivier Pereira Universit e catholique de Louvain Based on joint works with: D. Bernhard, V. Cortier, E. Cuvelier, T. Peters and B. Warinschi March 2015 UCL Crypto Group Vote

415 views • 29 slides
WorkSim, an agent-based model to study labor markets Grard Ballot 1 Jean-Daniel Kant 2 (1)

WorkSim, an agent-based model to study labor markets Grard Ballot 1 Jean-Daniel Kant 2 (1)

1. Introduction 2. Theoretical framework 3. WorkSim 4. Results 5. Discussion WorkSim, an agent-based model to study labor markets Grard Ballot 1 Jean-Daniel Kant 2 (1) Universit Panthon Assas - TEPP-CNRS, Paris- CRED (2) Universit

1.38k views • 126 slides
Android Security Security Philosophy Humans have difficulty understanding risk Safer to

Android Security Security Philosophy Humans have difficulty understanding risk Safer to

Android Security Security Philosophy Humans have difficulty understanding risk Safer to assume that Most developers do not understand security Most users do not understand security Security philosophy cornerstones Need to

582 views • 37 slides
Exploiting symmetries when proving equivalence properties for security protocols Vincent Cheval,

Exploiting symmetries when proving equivalence properties for security protocols Vincent Cheval,

Exploiting symmetries when proving equivalence properties for security protocols Vincent Cheval, Steve Kremer, Itsaka Rakotonirina Inria Nancy Grand-Est Security protocols TLS Wifi @ PASS E-voting E-passport 2 24 Security protocols

830 views • 69 slides
A (Co)inductive System Calculus for Security Properties [New title suggestions are welcome!]

A (Co)inductive System Calculus for Security Properties [New title suggestions are welcome!]

A (Co)inductive System Calculus for Security Properties [New title suggestions are welcome!] Eric Rothstein Morris Supervisor: Joachim Posegga Chair of IT Security University of Passau er@sec.uni-passau.de ESORICS 2015 - PhD Symposium

322 views • 17 slides
Security and Implementation Properties of ABC v.2 Vladimir Anashin Andrey Bogdanov 1 Ilya

Security and Implementation Properties of ABC v.2 Vladimir Anashin Andrey Bogdanov 1 Ilya

Outline ABC v.2 Security Scalability Performance Summary Security and Implementation Properties of ABC v.2 Vladimir Anashin Andrey Bogdanov 1 Ilya Kizhvatov 2 Russian State University for the Humanities, Moscow, Russia

811 views • 54 slides
Adapting Helios for Provable Ballot Privacy David Bernhard, Veronique Cortier, Olivier Pereira,

Adapting Helios for Provable Ballot Privacy David Bernhard, Veronique Cortier, Olivier Pereira,

Adapting Helios for Provable Ballot Privacy David Bernhard, Veronique Cortier, Olivier Pereira, Ben Smyth, Bogdan Warinschi September 2, 2011 ESORICS 2011 Adapting Helios for Provable Ballot Privacy 1 / 26 Helios Helios is a web-based voting

629 views • 40 slides
COMPGA11: Research in Information Security Steven Murdoch University College London based

COMPGA11: Research in Information Security Steven Murdoch University College London based

COMPGA11: Research in Information Security Steven Murdoch University College London based on a course by Tony Morton Term 2 2016/17 Course summary To develop an understanding of what research in information security is about,

719 views • 33 slides
COMPGA11: Research in Information Security Steven Murdoch University College London based

COMPGA11: Research in Information Security Steven Murdoch University College London based

COMPGA11: Research in Information Security Steven Murdoch University College London based on a course by Tony Morton Term 2 2014/15 Course summary To develop an understanding of what research in information security is about,

460 views • 24 slides
COMPGA11: Research in Information Security Steven Murdoch University College London based

COMPGA11: Research in Information Security Steven Murdoch University College London based

COMPGA11: Research in Information Security Steven Murdoch University College London based on a course by Tony Morton Term 2 2015/16 Course summary To develop an understanding of what research in information security is about,

707 views • 27 slides
open EMS What is openEMS? Interfacing Tools Status & Outlook Outline What is openEMS? 1

open EMS What is openEMS? Interfacing Tools Status & Outlook Outline What is openEMS? 1

openEMS - An Introduction and Overview Using an EM field solver to design antennas and PCBs Thorsten Liebig FOSDEM19 03.02.2019 open EMS What is openEMS? Interfacing Tools Status & Outlook Outline What is openEMS? 1 Interfacing

325 views • 19 slides
Quasi-split real groups and the Hitchin map International Meeting AMS/EMS/SPM Special session

Quasi-split real groups and the Hitchin map International Meeting AMS/EMS/SPM Special session

Higgs bundles Abelianization The HKR section Whats next? Quasi-split real groups and the Hitchin map International Meeting AMS/EMS/SPM Special session Higgs bundles and character varieties Porto, June 2015 Ana Pen-Nieto Mathematisches

1.15k views • 97 slides
Medical & Social Services Working Together to Improve Health February 29, 2016 Moderator:

Medical & Social Services Working Together to Improve Health February 29, 2016 Moderator:

Medical & Social Services Working Together to Improve Health February 29, 2016 Moderator: Peter Adler, Molina Healthcare Todays Panelists: Robin Fenn, Snohomish County Human Services Tom Sebastian, Compass Health Kate Parker, Mercy

387 views • 20 slides
dra$-bernini-nfvrg-vnf- orchestra2on VNF Orchestra2on For

dra$-bernini-nfvrg-vnf- orchestra2on VNF Orchestra2on For

dra$-bernini-nfvrg-vnf- orchestra2on VNF Orchestra2on For Automated Resiliency in Service Chains Problem statement Automated, flexible and elas2c

376 views • 8 slides
Certified List of Personnel Kim Harvey, WVEIS Consultant 419-202-9898 knharvey@k12.wv.us 1 The

Certified List of Personnel Kim Harvey, WVEIS Consultant 419-202-9898 knharvey@k12.wv.us 1 The

Certified List of Personnel Kim Harvey, WVEIS Consultant 419-202-9898 knharvey@k12.wv.us 1 The first thing you may want to do is copy the EMS accounts to HMS. The certified list pulls the account information from HMS, but HMS isnt always

373 views • 11 slides
Andrea Fichtner, MPH Network 14 Real-time data source Communication between health care

Andrea Fichtner, MPH Network 14 Real-time data source Communication between health care

Andrea Fichtner, MPH Network 14 Real-time data source Communication between health care providers Alerts Evacuation planning Mapping Resource availability There are 22 TSAs or trauma service areas, and each

433 views • 12 slides
Aarhus, April 6, 2013 EMS meeting of the presidents 2013 Danish Mathematical Society (DMF)

Aarhus, April 6, 2013 EMS meeting of the presidents 2013 Danish Mathematical Society (DMF)

Aarhus, April 6, 2013 EMS meeting of the presidents 2013 Danish Mathematical Society (DMF) European Mathematical Society The European Mathematical Society Committee for Developing Countries EMS-CDC Michel Waldschmidt This file is available

493 views • 14 slides
By E.M.S KEY FEATURES DUAL REAL-TIME DISPLAYS TWO INDIVIDUAL MACHINES TWINLINE CABLE

By E.M.S KEY FEATURES DUAL REAL-TIME DISPLAYS TWO INDIVIDUAL MACHINES TWINLINE CABLE

By E.M.S KEY FEATURES DUAL REAL-TIME DISPLAYS TWO INDIVIDUAL MACHINES TWINLINE CABLE ASSIST INCREASED SAFTERY FACTOR SAFE SHIFTING AND DISCONNECTING PROCESSES SWIVELLING LOWER BLOCKS CONSTANT TENSION SYSTEM ALLOWING

187 views • 6 slides

More recommend