180 likes | 308 Views
Prêt à Voter with Human-Readable Paper Audit Trail. Peter Y A Ryan University of Newcastle. Technical Requirements. Elections should be “free and fair”. Typical, key requirements: Integrity/accuracy. Ballot secrecy Voter verifiability
E N D
Prêt à Voter with Human-Readable Paper Audit Trail Peter Y A Ryan University of Newcastle P Y A Ryan Prêt à Voter
Technical Requirements • Elections should be “free and fair”. • Typical, key requirements: • Integrity/accuracy. • Ballot secrecy • Voter verifiability • Universal verifiability: anyone should be able to verify the count. • Receipt-freeness: there should be no way for the voter to construct a proof to a third party of which way they voted. • Coercion resistance: even an active coercer who can participate in stages of the protocol cannot determine the way a vote was cast. • Availability: all eligible voters should be able to cast their vote without let or hindrance throughout the voting period. • Robustness: • Ease of use, public understanding and trust, cost effective, scalable etc. etc….. P Y A Ryan Prêt à Voter
Assumptions • For the purposes of the talk I will make many sweeping assumptions, e.g.,: • An accurate electoral register is maintained. • Mechanisms are in place to ensure that voters can be properly authenticated. • Mechanisms are in place to prevent double voting. • Existence of a secure Web Bulletin Board. • Crypto algorithms are sufficiently secure. • Etc. P Y A Ryan Prêt à Voter
Prêt à Voter • Uses pre-prepared ballot forms that encode the vote in familiar form (e.g., an against the chosen candidate or rankings against the candidates). • The candidate list is randomised for each ballot form. • Information allowing the candidate list to be reconstructed is buried cryptographically in a value printed on each ballot form. • An excess number of forms are generated to allow for random auditing, before, during and after the election. P Y A Ryan Prêt à Voter
Typical Ballot Sheet P Y A Ryan Prêt à Voter
The voting “ceremony” • Can be varied, but possible scenario: • Voter enters the polling station and takes a ballot form at random, sealed in an envelope. • The voter goes to a booth, extracts the ballot form and marks their choice. • LH strip is discarded. • The voter leaves the booth with the RH strip, which constitutes the receipt, and registers with an official. • A digital copy, (r, Onion), of the receipt is made and posted to the WBB. The receipt is digitally signed and franked. Additionally, a paper audit copy can be made. • Helper Organisations at hand to confirm posting and check well-formedness of the receipt. • The voter walks away contended clutching their receipt. P Y A Ryan Prêt à Voter
Voter marks their choice P Y A Ryan Prêt à Voter
Voter’s Ballot Receipt P Y A Ryan Prêt à Voter
Public understanding and confidence • Systems needs not only to be trustworthy but also seen to be trustworthy. • Assurance arguments very subtle, involve crypto etc. • Assurances of “experts” probably not enough. • Avoid crypto: Randell/Ryan, Rivest’s ThreeBallot. • Or Verified Encrypted PAT-but doesn’t help with public understanding and confidence. P Y A Ryan Prêt à Voter
Human-Readable PAT • Incorporate a human-readable (un-encrypted) PAT. • Fall-back in the event of the crypto count being called into question. Or maybe routinely (randomly), especially during trials and early phases of deployment. P Y A Ryan Prêt à Voter
Prêt à Voter with HRPAT P Y A Ryan Prêt à Voter
Prêt à Voter with HRPAT P Y A Ryan Prêt à Voter
Prêt à Voter receipt P Y A Ryan Prêt à Voter
Prêt à Voter HRPAT P Y A Ryan Prêt à Voter
Prêt à Voter HRPAT with serial # removed P Y A Ryan Prêt à Voter
Discussion • Presumably should bolster public confidence (and maybe also comply with various legal and standards requirements). • But, may introduce certain threats. • As a spin-off seems to provide a robust counter-measure to the retention of the LH strip problem of PaV. • PaV seems particularly well-suited to a HRPAT. Not clear how one would do it for PunchScan or VoteHere (MarkPledge). • I for one would hope that such a HRPAT could be seen as a crutch to be jettisoned once trust and confidence in PaV or similar had been established. P Y A Ryan Prêt à Voter
Threats • Chain voting-but note the procedure with the serial #s is similar to that proposed (by Jones?) to counter chain-voting. • Note also similarity with the French voting system (envelopes, registering at time of casting etc.) P Y A Ryan Prêt à Voter
Variants • On-demand serial #s. • Colour coding in place of serial #s-but may allow chain-voting threats to sneak back in. • Retain the serial #, in some form (i.e., some link between the protected receipt and the HRPA ballot). • Scratch strip. • Non-human readable serial #s? • Check voters mark match. P Y A Ryan Prêt à Voter