Funferal

Lecture on electronic voting

September 30th, 2003 | by aobaoill |

When I spoke to the Computer Society at NUI, Galway earlier this year – on the topic of the introduction of electronic voting in Ireland – I didn’t put anything online, as my notes were all handwritten. I have now transcribed them, and include them below.

AIM

Provide an overview of current and new electoral systems
Discuss some of the concerns raised in relation to electronic voting
Stimulate debate on what response to the issue should be

CURRENT SYSTEM

Irish Constitution Article 12.2.3

The voting shall be by secret ballot and on the system of proportional representation by means of the single transferable vote
register of electors maintained at a local level
How we vote
How count happens – including random surplus
Weaknesses
- Register fallible
- random sample -> imprecision
- Manual count – small error, time
Strengths
- Tally
  - independent oversight
  - Secondary – political information (but legal issues around that)
- Paper trail – large scale fraud difficult
Other points
- PR/STV unusual
- Q = ((valid poll)/(seats + 1)) + 1

NEW SYSTEM

Voting experience
- Staff give voter a token
- Voter gives token to another staff member who “activates the voting machine”
- Vote by pressing buttons in order, then pressing button at top to cast vote
- Official sees a vote has been cast because of a signal on ‘control unit’
Voting system
- Voting machine:
  - NEDAP voting machine
  - with voting module – votes stored at random in this module
  - Suitcase sized
  - Can have multiple papers
  - At close of poll, ballots are copied to a back-up module in the machine
- Integrated election system
  - Used in Germany, Netherlands, Ireland – but Ireland first to use for all election types
  - Runs on standard computer running MS Windows 95 or later versions
  - 200,000 lines of code in 150/180 source code units
  - records data in MS Access Database
  - Software reinstalled before each election as security feature

SOFTWARE DETAILS

Borland Delphi 5 to develop applications [Object Pascal]
Opus Direct Access to interface with MS Access (replaces Delphi’s normal database interface)
Turbo Power’s Async Professional -> serial comms facilities
Multilizer -> different language support

COUNT

modules inserted in reading slot in programming unit – then stored securely
All votes mixed, then numbered. [using Lehmer algorithm]
Then counts, using election rules
Then displays results

POINTS

Currently still random surplus
Report by ZERFLOW consultants late last year uncovered flaws [reported in RISKS Digest 22.44 30/12/2002 quoting Irish Independent 9/12/2002. Submitted by Derek Harnett]
- Paste dummy ballot paper over real paper
- Keys copied
- No paper audit trail
- Recounts
  - No option
  - Assumption that system is infallible?

GENERAL OBSERVATIONS
From Rebecca Mercuri – (Bryn Mawr College) notablesoftware.com reports various concerns:

Voter confidentiality
Audit trail and auditing
Access control
Recount
Voter authentication and control
How can we know the system is working properly (various concerns here)
Prevent ballot-selling
but allow voter to know vote has been recorded
Downtimes? Alternate systems?

“Any programmer can write code that displays one thing on a screen, records something else, and prints yet another result. There is no known way to ensure that this is not happening inside of a voting system”
If no printout, then no independent audit trail -> Mercuri method
Voting systems are not certified to any standards, such as ISO Common Criteria
“Any computerized election process is thus entrusted to the small group of individuals who program, construct and maintain the machines.”
Thesis (from U Penn): “The requirement for ballot privacy creates an unresolvable conflict with the use of audit trails in providing security assurance in a fully automated system.”

Lecture on electronic voting

Pages

Archives

Categories

Recent Comments

Recent Post