Voting: April 2009 Archives

 

April 20, 2009

Well, one I've posted before, but revised and submitted, one totally new:

On the Security of Election Audits with Low Entropy Randomness
Eric Rescorla
ekr@rtfm.com

Secure election audits require some method of randomly selecting the units to be audited. Because physical methods such as dice rolling or lottery-style ping pong ball selection are inefficient when a large number of audit units must be selected, some authors have proposed to stretch physical methods by using them to seed randomness tables or random number generators. We analyze the security of these methods when the amount of input entropy is low under the assumption that the the attacker can choose the audit units to attack. Our results indicate that under these conditions audits do not necessarily provide the detection probability implied by the standard statistics. This effect is most pronounced for randomness tables, where significantly more units must be audited in order to achieve the detection probability that would be expected if the audit units were selected by a truly random process.

PDF

@Misc{rescorla-audit-entropy-2009,
  author = 	 {Eric Rescorla},
  title = 	 {{On the Security of Election Audits with Low Entropy Randomness}},
  howpublished = {In submission},
  month = 	 {April},
  year = 	 2009,
  note = 	 {\url{http://www.rtfm.com/audit-entropy.pdf}}}

Understanding the Security Properties of Ballot-Based Verification Techniques
Eric Rescorla
ekr@rtfm.com

As interest in the concept of verifiable elections has increased, so has interest in a variety of ballot-oriented mechanisms that offer the potential of more efficient verification than traditional precinct- or machine-level audits. Unfortunately, threat analysis of these methods has lagged their design and in some cases implementation. This makes it difficult for policy makers to assess the merits and applicability of these techniques. This paper provides a fairly non-technical description of the security threats facing these systems with the intent of informing deployment decisions.

PDF

@Misc{rescorla-bba-threat-2009,
  author = 	 {Eric Rescorla},
  title = 	 {{Understanding the Security Properties of Ballot-Based Verification Techniques}},
  howpublished = {In submission},
  month = 	 {April},
  year = 	 2009,
  note = 	 {\url{http://www.rtfm.com/bba-threat.pdf}}}