Outline

1
(No Transcript)
2
Secret-Ballot Receipts True Voter-Verifiable
Elections
David Chaum
3
Main Points

• WOTE I and Standardization workshop
• (Focus on polling-place elections)
• Dont have to trust computers with integrity
• Four system examples
• Janken
• High-registration printing
• Subtractive light
• Additive light
• Mixing with bitmaps and its audit
• Provisional voting adjudication
• Comparison of current proposals
• (Paper instruments can be modified before recount)

4
OUTLINE

• Introduction
• WOTE and WEST
• Polling-place election background
• Receipt system introduction
• Educational example receipt system
• Three example receipt systems
• Comparison with non-receipt systems
• Comments on Standardization

5
Secret-Ballot Technology Paradigms (core of
elections)

• Manual counting of objects in container
• Mechanical counting of human interaction
• Electronic counting of objects in container
• Electronic counting of human interaction (some
  with printed record!)
• Computers voting
• Something new People Voting

6
Vote-counting mechanisms
Hand count
Mechanical counter
Electronic counter
Multiple-trustee Crypto
7
Computers Voting
Known Systems Mix-Net, Homomorphic, Blind-signed
Voting
Plaintext Votes (different order)
Encrypted Votes
Alan Newberger Andrew Neff Ari Renvall
Arnaud Sahuguet Arto Salomaa Atsushi Fujioka
Baraani-Dastjerdi Ben Davenport Berry
Schoenmakers Birgit Pfitzmann Brandon
William DuRette C. C. Tai C. Lei Choonsik
Park Chung-chieh Shan Colin Boyd Fumiaki
Miura G. Poupard H. Imai H. Nurmi Holger
Petersen J. M. Fischer J. Borrell J. K.
Jan J. Pieprzyk J. Rif J. Stern Jason
Woodard Joe Kilian Jong-Hyeon Lee Josh
Cohen/Benaloh Kaoru Kurosawa Kazue Sako
Kazuo Ohta Kazutomo Itoh Kenneth R. Iversen
L. Chen L. Santean Lorrie Faith Cranor
M. Burminster M. Merritt M. Waidner Mark A.
Herschberg Markus Michels Masayuki Abe
Matthew Franklin Michael Ben-Or Michael Ian
Shamos Michael J. Radwin Miyako Ohkubo Moti
Young N. Lynch Nathan Linial V. Niemi
P.A. Fouque Patrick Horster Q. He R.
DeMillo R. H. Lin R. Safavi-Naini Rafail
Ostrovsky Ron K. Cytron Ronald Cramer Steve
Chien Steven Myers T. Asano T. Matsumoto
Tatsuaki Okamoto V. Niemi W. Juang Y.
Afek Y. Matias Z. Su
8
Secret Ballot Principle

• DefinitionVoter must not be be able to convince
  others of how he or she voted (a kind of
  involuntary privacy)
• Rationale To prevent Improper Influence, such
  as vote selling and various kinds of coercion

9
Unconditional Integrity

• DefinitionEven infinite computing power should
  not allow incorrect tally (except with negligible
  probability) privacy may have to be
  computational
• RationaleIntegrity should take priority over
  privacy (since changing outcome allows privacy
  rules to be changed!)

10
OUTLINE

• Introduction
• WOTE and WEST
• Polling-place election background
• Receipt system introduction
• Educational example receipt system
• Three example receipt systems
• Comparison with non-receipt systems
• Comments on Standardization

11
Two truisms are false

1. Receipts including who you voted for violate the
   Secret Ballot principle.

Not if they are readable in the voting booth but
unreadable once taken outside.

1. The computers used to vote and to tally the votes
   must be trusted with the correctness of the tally.

Not if copies of encrypted votes on voters
receipts can be posted along with proofs of
corectness for the tally process.
12
First True Voter-VerifiableElection System

• Voters can directly verify that their votes are
  included in the tally
• without
• needing to trust any procedures, computers, or
  cryptography used by those conducting the
  election

13
The new scheme presented is of practical interest

• Integrity is much higher but less costly
• Reduced need for physical security, audit,
  observing, testing, etc.
• Robustness is much higher but less costly
• Receipts sufficient to count the votes
• Hardware cost may even be lower
• Ordinary hardware costs less than special
• Though, printer/viewer has additional cost
• Example system parts will be demoed

14
OUTLINE

• Introduction
• WOTE and WEST
• Polling-place election background
• Receipt system introduction
• Educational example receipt system
• Three example receipt systems
• Comparison with non-receipt systems
• Comments on Standardization

15
Rules of Janken

• Each of two people chooses one hand symbol and
  shows it at the same time
• Winner is determined by arrows (same symbol
  requires retry)

16
Audience participation packets

• Each bag has all three hand symbols divided into
  two envelopes (randomly for each bag)
• The sealed white envelope has one symbol inside
  (shown transparent) the clasp-fastened manila
  has two

17
Voting instructions

1. Unseal the plastic bag and remove the manila
   envelope (leave the white one in the bag).
2. Open the clasp and look inside the manila
   envelope without showing its content to anyone.
3. To vote Yes take the winning hand symbol out
   to vote No take the other symbol out.
4. Place the hand symbol youve chosen in the bag
   facing out so its easy to see from outside.
5. Leave the bag in the hat at the front of the room.

18
Counting Rules

• Each bag is counted as a Yes vote if the symbol
  in its sealed envelope wins over that revealed by
  the slip facing out of the bag.
• Bags are counted as No when the symbol in the
  white envelope loses to that displayed.
• (All sealed envelopes must be opened, whether bag
  voted or not.)

19
Your vote was encrypted (neat thing 1)

• Everyone could see the symbol you chose
• Symbol encodes your vote
• Still, only you know how you voted!
• You have just used an encrypted vote

20
The dealer could not cheat (neat thing 2)

• Each bag has two envelopes with correct number of
  slipseasy to see
• No duplications per bag
• Within envelope (voter sees)
• Across envelopes (at countdepends on vote)
• Distribution of hands uniform
• Each hand should appear in sealed envelopes the
  same number of times

21
Bulletin Board Voting Beyond the room voting
model

• Not what they do, just what they post
• Applies to real polling place elections
• Booths are watched to ensure the desired degree
  of ballot secrecy

22
OUTLINE

• Introduction
• Example receipt systems
• 1. High-registration systems
• 2. Subtractive optical systems
• 3. Additive optical systems
• Overview of properties/mechanisms
• Comparison with non-receipt systems
• Comments on Standardization

23
Summary of Overall Process

1. Machine accepts votes from voter
2. Machine prints receipt and lets voter see it
3. Voter randomly chooses a pattern to be printed
   that will hide the info on the receipt
4. The pattern is printed as background on the
   receipt, which is then provided to the voter
5. Receiptsas taken by votersare published
6. Outcome is determined only from published
   receipts and its correctness is proven to any
   interested party through posted data

Per voter
Per election
24
High-resolution systemThe letter e
25
The cleartext backgrounds trick
26
Subtractive System
(related to Naor Shamir Visual Cryptography)
Laminated
Top Layer
Bottom Layer
IEEE Security Pivacy Jan/Feb 2004 or
www.voterverifiable.com
27
Additive System
Newsweek, March 29, 2004 print edition The
Future of Digital Voting by Steven Levy
28
Example two-stripe symbology
29
Example three-stripe symbology
30
After the polls close
Batches successively published on the web once
polls close
31
After the polls close
Then a randomly chosen half of the
transformations are opened
32
Introducing the properties (proofs in the
paperat www.voterverifiable.com)
33
Properties 1 of 4

• If your receipt is properly posted, you can be
  sure that your vote is included in the final
  tally see also property 3
• If your receipt is not properly posted, you
  should be able to demonstrate this (because it
  should have document security attributes
  including a digital signature)

34
Properties 2 of 4

• No matter how incorrectly a system operates,
  there are only two ways it can change a
  correctly-posted ballot without being detected
• printing text from a guessed pattern and hoping
  that the voter chooses that pattern or
• incorrectly performing a step among the tally
  process steps and hoping that this step is not
  among the half selected for audit.

35
Properties 3 of 4

• Changing n ballots means
• Chance that no cheating is detected is at most
  1/2n
• Chance of getting caught cheating is at least
  11/2n

36
Properties 4 of 4

• Your receipt cannot be decrypted by anyone, or
  otherwise linked to your vote more later,
  except by decrypting with (or breaking)
  sufficiently many secret keys (of which each
  trustee has its own).

37
Two mixes per trustee
38
Links opened afterwards
(inspired by Jakobsson, Juels, Rivest)
39
A Mix Network as a Black Box
Mix network
40
Basic Three Mix Cascade
Trustee C
Trustee B
Trustee A
41
Processing the Bitmaps
Trustee
Trustee
Trustee
42
OUTLINE

• Introduction
• Example receipt systems
• Comparison with non-receipt systems
• Four classes of non-receipt systems
• Table of properties Integrity, Privacy,
  Secrecy, Robustness and Costs
• Additional features/properties
• Comments on Standardization

43
VoteMeter PrinterFace

• State-Level controls (including version s)
• Better blind voter integrity
• Open interface standard
• See VoteMeter.com

44
(No Transcript)
45
(No Transcript)
46
(No Transcript)
47
Other aspects for comparsion

1. Adjudicating which ballots to count
2. Reliably capturing voter intent
3. Preventing Ballot-style fraud
4. Creating/repairing voter confidence

48
OUTLINE

• Introduction
• Example receipt systems
• Comparison with non-receipt systems
• Comments on Standardization

49
Standardization thoughts

• Clearly defined technical rating system for
  multiple attributes
• At least include measureable/clear functional
  attributes (e.g., main rows of chart integrity,
  privacy, reliability costs)
• Minimums should be the only involvement of
  political processes in the standardization
• Role of Federal Government?Provable systems
  could change everything!

50
Conclusion
51
(No Transcript)