understanding the security properties of ballot based
play

Understanding the Security Properties of Ballot-Based Verification - PowerPoint PPT Presentation

Feb 10, 2024 •119 likes •284 views

Understanding the Security Properties of Ballot-Based Verification Techniques Eric Rescorla ekr@rtfm.com EVT/WOTE 2009 Understanding the Security Properties of Ballot-Based Verification 1 WARNING This talk contains no research content.

  1. Understanding the Security Properties of Ballot-Based Verification Techniques Eric Rescorla ekr@rtfm.com EVT/WOTE 2009 Understanding the Security Properties of Ballot-Based Verification 1

  2. WARNING This talk contains no research content. EVT/WOTE 2009 Understanding the Security Properties of Ballot-Based Verification 2

  3. Two views of vote tabulation Official Official EMS Scanner(s) Tally Returned Ballots The insider’s view Official Opaque Process Tally Returned Ballots The outsider’s view EVT/WOTE 2009 Understanding the Security Properties of Ballot-Based Verification 3

  4. What are we trying to verify? • The votes were correctly counted • The right candidate won • The stack of votes in front of us was correctly counted • A recount of this stack of votes wouldn’t change the winner • Third party verifiability: A third party with no special access can verify that a recount of this stack* of votes wouldn’t change the winner * Alert: we are sweeping the topic of ballot chain of custody under the rug. EVT/WOTE 2009 Understanding the Security Properties of Ballot-Based Verification 4

  5. Why ballot-based audits? • Statistical power of an audit depends on the number of samples – Very little dependency on the size of each sample – (Assuming attacker is intelligent) • Traditional precinct-based audits are not very efficient • Auditing individual ballots is far more efficient • Independently proposed several times [CHF07, Nef03, Joh04] EVT/WOTE 2009 Understanding the Security Properties of Ballot-Based Verification 5

  6. Ballot-Based Auditing Workflow [CHF07] Ballot Scanner Images/ EMS CVRs Returned Ballots Official Counting Process Audit Process Election Verify Audit Sampled Results Tabulation Ballots Observer Scanned Ballots Adapted from [SRW09] EVT/WOTE 2009 Understanding the Security Properties of Ballot-Based Verification 6

  7. Problems with Ballot-Based Auditing • Finding individual ballots is hard – Possibilities: serial numbers on ballots, hand-indexing, paper counters, weight... • We need to publish the contents of each ballot (CVR or image) – Accessible to any third party – The ballots are anonymous but all contents are published – This allows coercion and vote buying ∗ Easiest if we publish images ∗ Pattern voting EVT/WOTE 2009 Understanding the Security Properties of Ballot-Based Verification 7

  8. What about ballot images? • Trivial to encode information • Even valid marks can encode information – Incompletely/overfilled • Could digitally sanitize – You’ve just turned ballots into CVRs EVT/WOTE 2009 Understanding the Security Properties of Ballot-Based Verification 8

  9. The Math of Pattern Voting • Basic idea: encode voter identity in downticket races – Assume results are reported by precinct ∗ Just need to identify voter within precincts – Need to encode no more than 1000-10,000 distinct identities (10-14 bits) • Each contest lets us encode minimum 1-2 bits – Alice, Bob, undervote, overvote(?) – 10 contests is enough to encode 60,000–1,000,000 identies EVT/WOTE 2009 Understanding the Security Properties of Ballot-Based Verification 9

  10. Humboldt Election Transparency Project Workflow Official Official EMS Scanner Tally Returned Ballots Official Counting Process ETP Rescanning Process Signed ETP ETP Imprinter Ballot Scanner Computer Images Scanned Ballots EVT/WOTE 2009 Understanding the Security Properties of Ballot-Based Verification 10

  11. Advantages of ETP Style Approaches • Fast detection of scanner/EMS errors – Requires minimal manual intervention – It already has found errors: Deck 0 bug – Independent check on compromise of EMS (or scanner) by outsiders • Backup for physical control of ballots – Only applies post-scanning – And requires tight control of images or signing key EVT/WOTE 2009 Understanding the Security Properties of Ballot-Based Verification 11

  12. Does the ETP offer third party verifiability? • Third parties can independently count the scanned ballots – With BallotBrowser or their own software • This only detects some errors – Third parties cannot verify the ETP scanner software – What if it substitutes fake ballot images? – This cannot be detected by re-processing those images • Checking the images requires random sampling – ... At the same level as a ballot-based audit • Easiest to think of ETP checking the tabulation EVT/WOTE 2009 Understanding the Security Properties of Ballot-Based Verification 12

  13. Why digital signatures don’t help • Signatures are applied by the ETP scanning computer [Tra08] • Third parties can download ballot images – And verify that they weren’t tampered in transit • But this doesn’t help if the ETP scanner is compromised – You’re getting fake ballot images that weren’t tampered in transit • Signatures are sort of overkill here – Could just publish a message digest in a non-tamperable form (e.g., local paper) EVT/WOTE 2009 Understanding the Security Properties of Ballot-Based Verification 13

  14. Summary • Ballot-based auditing systems have far higher statistical power – But worse privacy properties (vote buying and coercion) • Finding the right physical ballot is a challenge • ETP provides good detection of scanner/EMS error – And some kinds of outsider attack • ... But requires a separate audit for third-party verifiability EVT/WOTE 2009 Understanding the Security Properties of Ballot-Based Verification 14

  15. References [CHF07] Joseph A. Calandrino, J. Alex Halderman, and Edward W. Felten. Machine-assisted election auditing. USENIX/ACCURATE Electronic Voting Technology Workshop 2007, August 2007. http://www.usenix.org/events/evt07/tech/full_papers/ calandrino/calandrino.pdf . [Joh04] Kenneth C. Johnson. Election certification by statistical audit of voter-verified paper ballots, October 2004. http://papers.ssrn.com/sol3/papers.cfm?abstract_id=640943 . [Nef03] C. Andrew Neff. Election confidence—a comparison of methodologies and their relative effectiveness at achieving it (revision 6), December 2003. http://web.archive.org/web/20060117190359/http: //www.votehere.net/papers/ElectionConfidence.pdf . [SRW09] Cynthia Sturton, Eric Rescorla, and David Wagner. Weight, Weight, Don’t Tell Me: Using Scales to Select Ballots for Auditing. In Joseph Lorenzo Hall, David Jefferson, and Tal Moran, editors, Proceedings of EVT/WOTE 2009. USENIX/ACCURATE/IAVoSS, August 2009. To appear. [Tra08] Mitch Trachtenberg. Can’t Digital Images Be Faked. http://democracycounts. blogspot.com/2008/07/cant-digital-images-be-faked.html , August 2008. EVT/WOTE 2009 Understanding the Security Properties of Ballot-Based Verification 15

Recommend

Ballot Article 8 Tax Stabilization Ballot Language Shall the voters authorize the Richmond

Ballot Article 8 Tax Stabilization Ballot Language Shall the voters authorize the Richmond

Ballot Article 8 Tax Stabilization Ballot Language Shall the voters authorize the Richmond Selectboard to negotiate and enter a Tax Stabilization Agreement for Economic Development purposes, for the properties commonly known as the Creamery,

561 views • 10 slides
Surface-based Cloud Radiative Properties for Improved Understanding of Aerosol Indirect Effects

Surface-based Cloud Radiative Properties for Improved Understanding of Aerosol Indirect Effects

Surface-based Cloud Radiative Properties for Improved Understanding of Aerosol Indirect Effects (Aerosol-Cloud Interactions) Allison McComiskey, Elisa Sena, Chuck Long, Graham Feingold Data acknowledgements: Anne Jefferson, Joe Michalsky, Gary

457 views • 20 slides
MA111: Contemporary mathematics . Jack Schmidt University of Kentucky August 27, 2012 Entrance

MA111: Contemporary mathematics . Jack Schmidt University of Kentucky August 27, 2012 Entrance

. MA111: Contemporary mathematics . Jack Schmidt University of Kentucky August 27, 2012 Entrance Slip (due 5 min past the hour): Convert the following linear ballots into a preference schedule: Ballot Ballot Ballot Ballot Ballot Ballot

356 views • 17 slides
Investigating the security properties of MACs based on stream ciphers Leonie Simpson, Mufeed Al

Investigating the security properties of MACs based on stream ciphers Leonie Simpson, Mufeed Al

Investigating the security properties of MACs based on stream ciphers Leonie Simpson, Mufeed Al Mashrafi, Harry Bartlett, Ed Dawson and Kenneth Wong Institute for Future Environments Science and Engineering Faculty Queensland University of

650 views • 35 slides
Agenda What are ballot measures? Kellie Dupree What are 501(c)(3) organizations Director

Agenda What are ballot measures? Kellie Dupree What are 501(c)(3) organizations Director

Agenda What are ballot measures? Kellie Dupree What are 501(c)(3) organizations Director of Partnerships and Training allowed to do Ballot Initiative Strategy Center Direct Lobbying limits Stories from the field: Ballot measure

653 views • 16 slides
ccTLD Security Understanding the Anxiety and Consequences Barry Raveendran Greene

ccTLD Security Understanding the Anxiety and Consequences Barry Raveendran Greene

ccTLD Security Understanding the Anxiety and Consequences Barry Raveendran Greene bgreene@isc.org Agenda ccTLD Security is not new Cybercriminal Toolkit Understanding why security people are irritated might help to provide

751 views • 46 slides
Ballot privacy in elections: new metrics and constructions. Olivier Pereira Universit e

Ballot privacy in elections: new metrics and constructions. Olivier Pereira Universit e

Ballot privacy in elections: new metrics and constructions. Olivier Pereira Universit e catholique de Louvain Based on joint works with: D. Bernhard, V. Cortier, E. Cuvelier, T. Peters and B. Warinschi March 2015 UCL Crypto Group Vote

415 views • 29 slides
WorkSim, an agent-based model to study labor markets Grard Ballot 1 Jean-Daniel Kant 2 (1)

WorkSim, an agent-based model to study labor markets Grard Ballot 1 Jean-Daniel Kant 2 (1)

1. Introduction 2. Theoretical framework 3. WorkSim 4. Results 5. Discussion WorkSim, an agent-based model to study labor markets Grard Ballot 1 Jean-Daniel Kant 2 (1) Universit Panthon Assas - TEPP-CNRS, Paris- CRED (2) Universit

1.38k views • 126 slides
Android Security Security Philosophy Humans have difficulty understanding risk Safer to

Android Security Security Philosophy Humans have difficulty understanding risk Safer to

Android Security Security Philosophy Humans have difficulty understanding risk Safer to assume that Most developers do not understand security Most users do not understand security Security philosophy cornerstones Need to

582 views • 37 slides
Exploiting symmetries when proving equivalence properties for security protocols Vincent Cheval,

Exploiting symmetries when proving equivalence properties for security protocols Vincent Cheval,

Exploiting symmetries when proving equivalence properties for security protocols Vincent Cheval, Steve Kremer, Itsaka Rakotonirina Inria Nancy Grand-Est Security protocols TLS Wifi @ PASS E-voting E-passport 2 24 Security protocols

830 views • 69 slides
A (Co)inductive System Calculus for Security Properties [New title suggestions are welcome!]

A (Co)inductive System Calculus for Security Properties [New title suggestions are welcome!]

A (Co)inductive System Calculus for Security Properties [New title suggestions are welcome!] Eric Rothstein Morris Supervisor: Joachim Posegga Chair of IT Security University of Passau er@sec.uni-passau.de ESORICS 2015 - PhD Symposium

322 views • 17 slides
Security and Implementation Properties of ABC v.2 Vladimir Anashin Andrey Bogdanov 1 Ilya

Security and Implementation Properties of ABC v.2 Vladimir Anashin Andrey Bogdanov 1 Ilya

Outline ABC v.2 Security Scalability Performance Summary Security and Implementation Properties of ABC v.2 Vladimir Anashin Andrey Bogdanov 1 Ilya Kizhvatov 2 Russian State University for the Humanities, Moscow, Russia

811 views • 54 slides
Adapting Helios for Provable Ballot Privacy David Bernhard, Veronique Cortier, Olivier Pereira,

Adapting Helios for Provable Ballot Privacy David Bernhard, Veronique Cortier, Olivier Pereira,

Adapting Helios for Provable Ballot Privacy David Bernhard, Veronique Cortier, Olivier Pereira, Ben Smyth, Bogdan Warinschi September 2, 2011 ESORICS 2011 Adapting Helios for Provable Ballot Privacy 1 / 26 Helios Helios is a web-based voting

629 views • 40 slides
COMPGA11: Research in Information Security Steven Murdoch University College London based

COMPGA11: Research in Information Security Steven Murdoch University College London based

COMPGA11: Research in Information Security Steven Murdoch University College London based on a course by Tony Morton Term 2 2016/17 Course summary To develop an understanding of what research in information security is about,

719 views • 33 slides
COMPGA11: Research in Information Security Steven Murdoch University College London based

COMPGA11: Research in Information Security Steven Murdoch University College London based

COMPGA11: Research in Information Security Steven Murdoch University College London based on a course by Tony Morton Term 2 2014/15 Course summary To develop an understanding of what research in information security is about,

460 views • 24 slides
COMPGA11: Research in Information Security Steven Murdoch University College London based

COMPGA11: Research in Information Security Steven Murdoch University College London based

COMPGA11: Research in Information Security Steven Murdoch University College London based on a course by Tony Morton Term 2 2015/16 Course summary To develop an understanding of what research in information security is about,

707 views • 27 slides
Leopard: Understanding the Threat of Blockchain Domain Name Based Malware Zhangrong Huang 1,2 ,

Leopard: Understanding the Threat of Blockchain Domain Name Based Malware Zhangrong Huang 1,2 ,

Leopard: Understanding the Threat of Blockchain Domain Name Based Malware Zhangrong Huang 1,2 , Ji Huang 1,2 , and Tianning Zang 2 1.School of Cyber Security, UCAS 2.Institute of Information Engineering, CAS Existing Techniques Used by Malware

638 views • 30 slides
What is Measure FF? Measure FF is on the November 2018 ballot to extend existing,

What is Measure FF? Measure FF is on the November 2018 ballot to extend existing,

MEASURE FF NO-TAX-INCREASE EXTENSION MEASURE Wildfire Protection. Safe Parks and Trails. Public Access. Natural Habitat. (November 2018 Ballot) What is Measure FF? Measure FF is on the November 2018 ballot to extend existing, voter-approved

312 views • 10 slides
What Happened in the 2016 Election? Understanding the Presidential Race and Losses Down the

What Happened in the 2016 Election? Understanding the Presidential Race and Losses Down the

What Happened in the 2016 Election? Understanding the Presidential Race and Losses Down the Ballot Analyzing the Impacts of Turnout, the Economy, Change, Racism, and Sexism Celinda Lake November 16 th , 2016 Washington, DC | Berkeley, CA |

687 views • 27 slides
Why Min-Based Reasonable Properties . . . Conditioning Reasonable Properties . . . Final

Why Min-Based Reasonable Properties . . . Conditioning Reasonable Properties . . . Final

Need for Ordinal-Scale . . . From Ordinal Scale to . . . Need for Conditioning . . . Reasonable Properties Why Min-Based Reasonable Properties . . . Conditioning Reasonable Properties . . . Final Property: Invariance Main Result Salem

238 views • 20 slides
Understanding the Security of ARM Debugging Features Zhenyu Ning and Fengwei Zhang COMPASS Lab

Understanding the Security of ARM Debugging Features Zhenyu Ning and Fengwei Zhang COMPASS Lab

Understanding the Security of ARM Debugging Features Zhenyu Ning and Fengwei Zhang COMPASS Lab Wayne State University May 21, 2019 Understanding the Security of ARM Debugging Features, S&P 19 1 Outline Introduction Obstacles in

1.03k views • 63 slides
Understanding the Security of ARM Debugging Features Zhenyu Ning and Fengwei Zhang COMPASS Lab

Understanding the Security of ARM Debugging Features Zhenyu Ning and Fengwei Zhang COMPASS Lab

Understanding the Security of ARM Debugging Features Zhenyu Ning and Fengwei Zhang COMPASS Lab Wayne State University May 21, 2019 Understanding the Security of ARM Debugging Features, S&P 19 1 Outline Introduction Obstacles for

679 views • 65 slides
Advancing the Understanding of Radiative Properties in the Upper Troposphere: The RHUBC Campaign

Advancing the Understanding of Radiative Properties in the Upper Troposphere: The RHUBC Campaign

Advancing the Understanding of Radiative Properties in the Upper Troposphere: The RHUBC Campaign on Cerro Toco Scott Paine, SAO, on behalf of the RHUBC-II team Astronomical Site Testing Data Valparaiso 2010 December 1 RHUBC-II People

222 views • 19 slides
Understanding the Coronavirus Aid id, , Reli lief, and Economic Security (C (CARES) ) Act

Understanding the Coronavirus Aid id, , Reli lief, and Economic Security (C (CARES) ) Act

Understanding the Coronavirus Aid id, , Reli lief, and Economic Security (C (CARES) ) Act and What it it Means for Your Community UNDERSTANDING THE CARES ACT Int Introductions Shelby y Fie iegel Je Jenn Gre regory Director,

860 views • 44 slides

More recommend