Electronic poll books are computerized systems that replace paper-based voter lists, having the potential for speeding up Election Day check-in at the polling place, and making voter history records and voter lists more accurate by reducing human errors in dealing with printed voter lists and post-election transcription. At the same time, electronic poll books are non-trivial distributed computing systems, and ensuring correctness, security, integrity, fault-tolerance, and performance of such systems is a challenging engineering problem. This paper deals exclusively with the distributed system aspects of electronic poll book solutions and focuses on the obstacles that are inherent in any distributed system that must deal with failure and asynchrony while providing a consistent and dependable service. We review several requirements that need to be satisfied by electronic poll book systems, then we discuss selected important results from distributed computing research that the developers of electronic poll book systems need to be aware of. An important conclusion is that electronic poll book development is an attractive application domain for the research results in dependable distributed computing.
A Systematic Approach to Analyzing Voting Terminal Event Logs
Laurent D. Michel, Alexander A. Shvartsman and Nikolaj Volgushev
2014 Electronic Voting Technology Workshop/Workshop on Trustworthy Elections (EVT/WOTE’14)
USENIX Journal of Election Technology and Systems (JETS), Volume 2, Number 2, April 2014 www.usenix.org/jets
August 18-19, 2014, San Diego, CA, USA www.usenix.org
This paper presents a systematic approach to automating the analysis of event logs recorded by the electronic voting tabulators in the course of an election. An attribute context-free grammar is used to specify the language of the event logs, and to dis- tinguish compliant event logs (those that adhere to the defined proper conduct of an election) and non-compliant logs (those that deviate from the expected sequence of events). The attributes provide additional means for semantic analysis of the event logs by enforcing constraints on the timing of events and repetitions of events. The system is implemented with the help of commodity tools for lexical analysis and pars- ing of the logs. The system was rigorously tested against several thousand event logs collected in real elections in the State of Connecticut. The approach based on an at- tribute grammar proved to be superior to a previous approach that used state machine specifications. The new system is substantially easier to refine and maintain due to the very intuitive top-down specification. An unexpected benefit is the discovery of revealing and previously unknown deficiencies and defects in the event log recording systems of a widely used optical scan tabulator.
Download full paper:: evt14.pdf
Scaling Privacy Guarantees in Code-Verification Elections
Aggelos Kiayias and Anthi Orfanou
E-Voting and Identify, 4th International Conference (Vote-ID 2013)
Springer 2013 Lecture Notes in Computer Science, pp. 1-24
July 17-19, 2013, Guildford, UK www.voteid13.org
Preventing the corruption of the voting platform is a major issue for any e-voting scheme. To address this, a number of recent protocols enable voters to validate the operation of their platform by utilizing a platform independent feedback: the voting system reaches out to the voter to convince her that the vote was cast as intended. This poses two major problems: first, the system should not learn the actual vote; second, the voter should be able to validate the system’s response without performing a mathematically complex protocol (we call this property “human verifiability”). Current solutions with convincing privacy guarantees suffer from trust scalability problems: either a small coalition of servers can entirely break privacy or the platform has a secret key which prevents the privacy from being breached. In this work we demonstrate how it is possible to provide better trust distribution without platform side secrets by increasing the number of feedback messages back to the voter. The main challenge of our approach is to maintain human verifiability: to solve this we provide new techniques that are based on either simple mathematical calculations or a novel visual cryptography technique that we call visual sharing of shape descriptions, which may be of independent interest.
Computer Assisted Post Election Audits
Tigran Antonyan, Theodore Bromley, Laurent Michel, Alexander Russell, Alexander Shvartsman and Suzanne Stark
State Certification Testing of Voting Systems National Conference
June 20-21, 2013, Harrisburg, PA, USA
The introduction of electronic voting technology in Connecticut necessitated the development of new policies and procedures by the Secretary of the State (SOTS) Office to safeguard the integrity and security of the new electoral process. Forming a partnership with the University of Connecticut, SOTS Office developed a comprehensive approach that extended the existing electoral procedures to incorporate the use of the new optical scan electronic voting equipment. The new procedures include pre- and post- election audits of the voting equipment programming, and hand-counted post-election audits in 10% of randomly selected districts. Observing that the hand-counted audits are expensive, time-consuming, labor-intensive, and error-pone, it was decided to explore a semi-automated approach to post-election ballot audits. A semi-automated approach was chosen over a completely automated one due to the risks and inadequacy of the latter. Supported by the U.S. EAC and the State of Connecticut, an Audit Station was developed for the purpose of conducting computer-assisted post-election audits. The Audit Station speeds up the audit process, increases audit accuracy, and most importantly, empowers the human auditors to have complete control over the audit down to the interpretation of each voted “bubble.” In essence, the Audit Station does not take the place of a hand count, but augments it by presenting scanned ballot images with useful data for the auditors to consider or to contrast with the official paper ballots. The system is also auditable; upon the completion of the audit it exports the recorded ballot interpretations and the overall results that allow direct comparison with physical ballots and independent validation. The system is implemented using inexpensive commercial off-the-self components, and is equipped with a projector that enables the auditors (and the public) to easily observe the audit process and to control and override it as necessary. The system was recently used in successful pilots in four Connecticut municipailites.
Download full paper:: AS-2013.pdf