E-voting system lets voters verify their ballots are counted
Takoma Park, Md. voters are the first in U.S. to try new technology
Computerworld - A new electronic voting system being used today for the first time in a government election in the U.S. will allow voters and elections auditors in Takoma Park, Md. to go online and verify whether votes have been correctly recorded.
The voting system is called Scantegrity and was developed by independent cryptographer David Chaum, along with researchers from the University of Maryland-Baltimore, the George Washington University, MIT, the University of Ottawa and the University of Waterloo. It uses cryptographic techniques to let both voters and election auditors check whether votes have been cast and counted accurately.
The Scantegrity technology is being used to augment regular optical-scan voting systems in Takoma Park's city council election. To cast a vote, an individual takes a paper ballot and fills in the optical-scan oval next to the name of the selected candidate using a pen with a special type of ink. When the bubble is filled, it reveals a three-digit confirmation number already printed on the ballot using an invisible marker.
That three-digit code is a sort of randomly generated cryptographic marker that's used to associate the voter's choice with the appropriate candidate. The codes are separately randomized for each oval and for each ballot, ensuring that the codes don't reveal who an individual voted for, Chaum said in an interview with Computerworld.
Voters can use that confirmation code to later log into the city's election Web site to confirm that their votes were recorded accurately. If the code is present on the Web site, it means the ballot was counted correctly, he said.
Scantegrity also lets election auditors -- and even third-party observers -- check whether the results were accurately tabulated without revealing how each individual vote was cast, Chaum said. Though it is not possible to link an individual ballot to a specific candidate, auditors can verify that the codes do lead to the recorded votes.
Scantegrity uses cryptographic techniques to first map each code to the associated candidate and then completely conceals the link. It then uses a concept known as "zero-knowledge proof" to show auditors that the codes do in fact correspond to the right candidates, said Aleks Essex, a PhD. student in computer science at the University of Ottawa who was involved in the Scantegrity effort.
Zero-knowledge proof is a way to demonstrate the authenticity of a statement without revealing any other details about the statement, said Essex. For example, an individual could use a piece of paper with a hole cut in it to prove to a child that he knows the location of Waldo in a "Where's Waldo" puzzle, Essex said. By placing the hole over Waldo, he shows he knows Waldo's location in the puzzle, but doesn't reveal the exact location to child.
Scantegrity enables auditors to get the same sort of proof to show that confirmation codes in an election map to the right candidates, without revealing an individual voter's choice, he said.
The results of today's elections in Takoma Park are being audited by two officials, one of whom is from Harvard University. "It is a really powerful thing to have public transparency of the tabulation process and yet preserve ballot secrecy," Chaum said. Because Scantegrity is built on open-source software, it can be used elsewhere to run similar audits against election results using custom tools, he said.
Pamela Smith, President of the Verified Voting Foundation, said that technologies such as Scantegrity do add an additional layer of integrity to the election process. But to a large extent, optical-scan voting machines already offer a relatively high degree of verification support. Because such machines save a record of the voter's intent, auditors can go back and verify results if necessary, she said.
The bigger issue in Maryland is that the state needs to adopt optical-scan systems on a larger scale, she said. Maryland is one of the few states that rely on touch-screen voting systems, which are costlier to operate and maintain than optical scan systems, she said.
Read more about Government IT in Computerworld's Government IT Topic Center.
- Gartner Magic Quadrant for Client Management Tools The client management tool market is maturing and evolving to adapt to consumerization, desktop virtualization, and an ongoing need to improve efficiency.
- Audit Ready and Asset Optimized: The Solid Promise of an Intelligent Software Asset Management Solution In this paper Frost & Sullivan examines the benefits of enterprise-grade Software Asset Management solutions, and how these solutions serve as the convergence...
- Pragmatic Endpoint Management: Empowering an SMB Workforce in the Age of Mobility Lacking the time for proper training and education, SMB administrators often resort to taking shortcuts to keep their environment running.This paper discusses the...
- Gartner Magic Quadrant for Application Security The market for application security testing is changing rapidly. Technology trends, such as mobile applications, advanced Web applications and dynamic languages, are forcing...
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Knowledge Center White Papers | Webcasts