Voting: July 2008 Archives

You can find my slides from EVT 2008 here.

After the California Top-to-Bottom Review, Alex Halderman, Hovav Shacham, David Wagner, and I got together and asked ourselves whether there was some way to make good use of the existing voting systems. The result was:

You Go to Elections with the Voting System You Have: Stop-Gap Mitigations for Deployed Voting Systems

J. Alex Halderman, Eric Rescorla, Hovav Shacham, David Wagner

In light of the systemic vulnerabilities uncovered by recent reviews of deployed e-voting systems, the surest way to secure the voting process would be to scrap the existing systems and design new ones. Unfortunately, engineering new systems will take years, and many jurisdictions are unlikely to be able to afford new equipment in the near future. In this paper we ask how jurisdictions can make the best use of the equipment they already own until they can replace it. Starting from current practice, we propose defenses that involve new but realistic procedures, modest changes to existing software, and no changes to existing hardware. Our techniques achieve greatly improved protection against outsider attacks: they provide containment of viral spread, improve the integrity of vote tabulation, and offer some detection of individual compromised devices. They do not provide security against insiders with access to election management systems, which appears to require significantly greater changes to the existing systems.

The paper will appear at EVT '08. (PDF.)