Punchscan: Designing an independent verification mechanism for elections

Punchscan is an open-source vote-counting system, the results of which are independently veri able by voters through their participation in the election audit process. Voluntary and universally available, this audit process establishes an overwhelmingly high statistical degree of con dence in the integrity of the outcome. At the same time it was developed around the recognition that the secret-ballot, and in turn voter privacy, remain a fundamental requirement in modern democracies. Punchscan o ers voters the ability to see their vote count, while at the same time protecting against improper in uence. This thesis describes the design and development of Punchscan from an information security and system design perspective. It begins by examining the concerns over contemporary electronic vote-counting systems, and introduces principles (such as independent veri cation) from which a more secure system can be built. We go on to explore the functional components, their design purpose, and the election/veri cation procedures of Punchscan. We present a case study of Punchscan's rst use in a binding election. Finally we end with a discussion of how Punchscan met its design goals, and propose directions for future work.

[1]  Markus Jakobsson,et al.  Making Mix Nets Robust for Electronic Voting by Randomized Partial Checking , 2002, USENIX Security Symposium.

[2]  Steve A. Schneider,et al.  Pret a Voter: All-in-one , 2007 .

[3]  Ronald L. Rivest,et al.  Scratch & vote: self-contained paper-based cryptographic voting , 2006, WPES '06.

[4]  Stefan Popoveniuc,et al.  Undervote and Pattern Voting : Vulnerability and a mitigation technique , 2007 .

[5]  What is vote buying? The limits of the market model , 2005 .

[6]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[7]  David Chaum,et al.  Secret-ballot receipts: True voter-verifiable elections , 2004, IEEE Security & Privacy Magazine.

[8]  Dane W. Wu Regression analyses on the butterfly ballot effect: a statistical perspective of the US 2000 election , 2002 .

[9]  D. Dill,et al.  The Role of Dice in Election Audits – Extended Abstract , 2006 .

[10]  David Chaum,et al.  A Practical Voter-Verifiable Election Scheme , 2005, ESORICS.

[11]  David Chaum,et al.  Punchscan with Independent Ballot Sheets: Simplifying Ballot Printing and Distribution with Independently Selected Ballot Halves , 2007 .

[12]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[13]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[14]  David Chaum,et al.  Multiparty unconditionally secure protocols , 1988, STOC '88.

[15]  J. Clark,et al.  Secure and Observable Auditing of Electronic Voting Systems using Stock Indices , 2007, 2007 Canadian Conference on Electrical and Computer Engineering.

[16]  J. A. Halderman Source Code Review of the Diebold Voting System , 2007 .

[17]  Warren D. Smith Three Voting Protocols: ThreeBallot, VAV, and Twin , 2007, EVT.

[18]  Adrian Kent,et al.  Unconditionally Secure Bit Commitment , 1998, quant-ph/9810068.

[19]  Richard L. Hudson,et al.  The Misbehavior of Markets: A Fractal View of Risk, Ruin, and Reward , 2004 .

[20]  Jeremy Clark,et al.  On the Security of Ballot Receipts in E 2 E Voting Systems , 2007 .

[21]  Richard L. Hudson,et al.  THE (MIS)BEHAVIOR OF MARKETS , 2004 .

[22]  Roy G. Saltman,et al.  Effective Use of Computing Technology in Vote-Tallying , 1975 .

[23]  Poorvi L. Vora,et al.  An information-theoretic model of voting systems , 2008, Math. Comput. Model..

[24]  V. Rich Personal communication , 1989, Nature.

[25]  Alan T. Sherman,et al.  Punchscan: Introduction and System Definition of a High-Integrity Election System , 2006 .

[26]  Peter Y. A. Ryan,et al.  Prêt à Voter with Re-encryption Mixes , 2006, ESORICS.

[27]  Vincent Rijmen,et al.  The Design of Rijndael , 2002, Information Security and Cryptography.

[28]  Andrew Reynolds,et al.  Electoral System Design: The New International IDEA Handbook , 2005 .

[29]  Jerome H. Saltzer,et al.  The protection of information in computer systems , 1975, Proc. IEEE.

[30]  John T. Gill,et al.  Computational complexity of probabilistic Turing machines , 1974, STOC '74.

[31]  Eric A Fischer Voting Technologies in the United States: Overview and Issues for Congress , 2001 .

[32]  A. Lo,et al.  A Non-Random Walk Down Wall Street , 1999 .

[33]  Overview of Red Team Reports 1.0. Executive Summary 2.0 Goals , .

[34]  Jeremy Clark,et al.  Punchscan in Practice: An E2E Election Case Study , 2007 .

[35]  L. Atkeson,et al.  The Effect of Election Administration on Voter Confidence: A Local Matter? , 2007, PS: Political Science & Politics.

[36]  Stefan Popoveniuc,et al.  An Introduction to PunchScan , 2010, Towards Trustworthy Elections.