secure voting

School of Engineering and Applied SciencesHarvard University

Voters, Computers, and Trust: Designing Verifiable Elections

Stuart M. ShieberBen Adida

Greg MorrisettCenter for Research on Computation and Society

October 18, 2008

Secure Voting

• Voting is particularly challenging:requires secrecy and public auditability.

• Computer science enablesqualitatively novel solutions.

• Cryptography can reconcileseemingly contradictory requirements.

"That's for me and a button to know."

Joe, the plumber.

“When I finally sawthe results of our tests,

I thought I was going to throw up.”

Sec. of State, Ohio, last week.

Fashionable Voting

http://www.cs.uiowa.edu/~jones/voting/pictures/9

http://www.cs.uiowa.edu/~jones/voting/pictures/


Fashionable Voting

10

Voting is a fundamentally difficult problem.

11

12

14

12

12

1 person, 1 vote

14

12

Enforced Privacyto ensure each voter

votes in his/herown interest

13

http://www.cs.uiowa.edu/~jones/voting/pictures/ 14




1892 - Australian Ballot

15



The Ballot Handoff

Alice the Voter

16

McCain

The Ballot Handoff

Alice the Voter

16

McCain

ObamaObamaObama

McCainMcCain

McCain

The Ballot Handoff

Alice the Voter

16

McCain

ObamaObamaObama

McCainMcCain

Black Box

McCain

Chain of Custody

19

Chain of Custody

Vendor

/*

* source

* code

*/

if (...

1

19

Chain of Custody

VotingMachine

2

Vendor

/*

* source

* code

*/

if (...

1

19

Chain of Custody

VotingMachine

2

Vendor

/*

* source

* code

*/

if (...

1

Polling Location

3

19

Chain of Custody

VotingMachine

2

Vendor

/*

* source

* code

*/

if (...

1

Polling Location

3

4

Alice

19

Chain of Custody

VotingMachine

2

Vendor

/*

* source

* code

*/

if (...

1

Polling Location

3

Ballot Box Collection

5

4

Alice

19

Chain of Custody

VotingMachine

2

Vendor

/*

* source

* code

*/

if (...

1

Polling Location

3


5

Results

.....6

4

Alice

19

Chain of Custody

VotingMachine

2

Vendor

/*

* source

* code

*/

if (...

1

Polling Location

3


5

Results

.....6

4

Alice

Black Box19

Computers have only obscured the process.

20

Computers have only obscured the process.

20

What aboutcomputer science?

Cryptographysolving problems that initially

appear to have conflicting requirements.

21

Public-Key Encryption

22

Customer


22

Customer

public key


22

Customer

public key

enc(cc number)

Bulletin Board

Public Ballots

Bob:McCain

Carol:Obama

23

Bulletin Board

Public Ballots

Bob:McCain

Carol:Obama

Alice

23

Bulletin Board

Public Ballots

Alice:Obama

Bob:McCain

Carol:Obama

Alice

23

Bulletin Board

Public Ballots

Alice:Obama

Bob:McCain

Carol:Obama

Tally

Obama....2McCain....1

Alice

23

Encrypted Public BallotsBulletin Board

Alice:Rice

Bob:Clinton

Carol:Rice

Tally


Alice

24


Alice:Rice

Bob:Clinton

Carol:Rice

Tally


Alice

Alice verifies her vote

24


Alice:Rice

Bob:Clinton

Carol:Rice

Tally


Alice

Alice verifies her vote Everyone verifies the tally

24

How can we verify operations on

encrypted data?

Mathematical Proofs.

25

Zero-Knowledge Proof

Vote For:

Obama

President:

Mickey MousePresident:





Mickey MouseVote For: Obama

26


This last envelope likely contains “Obama”

Vote For:

Obama

President:







26


Open envelopes don’t proveanything after the fact.

President:







President:






Mickey MouseVote For:

Paul

27

McCain

secure voting

Technology