Voting System Security and Voter Verification

One of the most hotly debated questions in voting systems is whether computer systems can be trusted to  collect, count and report votes. Although e-voting systems are often compared to bank ATM machines, there is an important security difference: the secret ballot means that normal audit trails and other ways of creating trust in a computer system do not work for a voting system. Instead, many have proposed that e-voting machines include a means for the voter to confirm that their vote is cast as intended -- verified voting.

Voting Security Projects and Volunteer Opportunities

• Verified Voting - a non-profit organization working to ensure voter verification of electronic ballots.
• ACCURATE: A Center for Correct, Usable, Reliable, Auditable, and Transparent Elections - a project funding by the NSF has been active in research and security evaluations.
• EFF E-Voting - The Electronic Freedom Foundation has been involved in litigation over voting systems, with links available to documents and commentary. Their web site includes a set of info sheets describing operations and security features of widely used  voting systems.
• CSPR Election Incident Reporting System - The system will enable activists to be immediately informed of election problems and seek prompt action; enable journalists to be put in touch with real voters who have real problems; and enable use of the data beyond Election Day, for reports that may be useful, for example, for post-election litigation. (Funded with a grant from the Quixote Foundation)
• The Caltech-MIT Voting Technology Project
  This project was established to evaluate the current state of reliability and uniformity of voting systems and propose guidelines and requirements. They sponsored a conference March 29-31, 2000 which produced "A Preliminary Assessment of the Reliability of Existing Voting Equipment."

Key Analysis Reports on Electronic Voting Systems

• The Machinery of Democracy: Voting System Security, Accessibility, Usability, and Cost - This four-part report, by the Brennan Center for Justice, is the final product of the first comprehensive, empirical analysis of electronic voting systems in the United States. Whitney Quesenbery co-authored the usability section, and contributed to the accessibility section. (October 2006)
• RABA: Trusted Agent Report Diebold AccuVote-TS Voting System - This was the third report (and the second commissioned by the state of Maryland) on the Diebold system. It reports on a "red team" project to attempt to break into the system. (January 20, 2004)
• A Security Analysis of the Secure Electronic Registration and Voting Experiment (SERVE) (January 20, 2004)
• Election Reform and Electronic Voting Systems (DREs): Analysis of Security Issues - Congressional Research Service (November 4, 2003)
• Analysis of an Electronic Voting System by Avi Rubin, Adam Stubblefield and Tadayoshi Kohno - This paper reports on an analysis of the Diebold touchscreen system, but also has good background information on security and related issues in voting (July 23, 2003)
• UK Electoral Commission: Electoral Pilots at the June 2004 Elections (December 8, 2003)
• CSPR - Computer Professionals for Social Responsiblity issued a special report "Getting the Chad Out: Elections, Technology, and Reform" which emphasized security and issues in e-voting

Voting Security Articles and Web Sites

• Rebecca Mercuri is a specialist in computer-related risks. Her page includes links to her papers and testimony for various hearings and court cases. There is also a good bibliography and an extensive collection of quotes.
• Electronic Vote Tabulation Checks & Balances - Rebecca Mercuri's PhD Dissertation from the University of Pennsylvania was defended on October 27, 2000
• Lynn Landes' page on the "secretive world of voting systems" has both commentary and links on the topic, going back to 1985
• Illustrative Risks to the Public in the Use of Computer Systems and Related Technology by Peter G. Neumann. This is a comprehensive catalog of computer risks, with a section on elections, from the editor of the ACM Risks column
  

Internet Voting

• A Report on the Feasibility of Internet Voting - California Internet Voting Task Force, January 2000.
• Voting Over the Internet Project - the US Federal Voting Assistance Project report on a pilot internet voting project

 

Press Reports

• NY Times Editorials: Making Votes Count
  This series of editorials examines issues in voting in the US today, from registration to security to accessibility.
• League of Women Voters Is Split on Paperless Computer Voting Systems Associated Press (NY Times June 11, 2004)
• Electronic Vote Faces Big Test of Its Security
  By John Schwartz (NY Times February 28, 2004) A report on security debates about Georgia's e-voting machines, as the state prepares for its primary
• High-tech twist for election By Ryan Davis (Baltimore Sun February 9, 2004) The new touch-screen voting system is making it harder for counties to recruit election judges.
• Considering Computer Voting By John Schwartz (NY Times December 15, 2003). A report from the NIST Symposium
• The case for computerized voting: Hacking fears overblown by Simon Garfinkel - This opinion piece on MSNBC makes an argument for why electronic voting is better - and safe. (September 4, 2003)
• Report from the Voter Verifiable Elections Systems Workshop
  This newsletter from VerifiedVoting includes an account of the workshop on voting systems held in Denver last month, and events at the IACREOT (local voting commissioners) conference (VerifiedVoting, August 4, 2003)
• Hack the Vote: How to stop someone from stealing the 2004 election
  A summary of some of the scenarios for a hacker attack on electronic machines in the 2004 election. (Slate, July 31, 2003)
• Study Questions Security Of Maryland Electronic Voting
  "A touch-screen voting system that Maryland has just agreed to buy for $55 million and install in every precinct in the state is so flawed that a 15-year-old with a modicum of computer savvy could manipulate the system and change the outcome of an election" ( Full Report ) (Washington Post, July 25, 2003)
• Computer Voting is Open to Easy Fraud, Experts Say
  Researchers in computer security reported finding "stunning, stunning flaws" in a leading company's system. (NY Times July 24, 2003 page A16)
• Tech Vendors: Don't Curb Individual Liberties for Security By Debbie Gage (Baseline, October 2, 2003) A group of high-tech vendors warn that government agencies should tread lightly with increasingly sophisticated security technology.