Voting Security

We present a new paper-based voting method with interesting security properties. The attempt here is to see if one can achieve the same security properties of recently proposed cryptographic voting protocols, but without using any cryptography, using only paper ballots. We partially succeed. (Initially, I thought the proposal accomplished this goal, but several readers discovered a vote-buying attack (see Section 4.4) that appears to be rather difficult to fix without making the resulting system much less usable in practice.

The ballot battles of the 2000 US Presidential Election clearly indicate that existing voting technologies and processes are not sufficient to guarantee that every eligible voter is granted their right to vote and implicitly to have that vote counted, as per the fifteenth, nineteenth, twenty fourth and twenty sixth amendments to the US constitution. Developing a voting system that is secure, correct, reliable and trustworthy is a significant challenge to current technology.

Existing technology is capable of yielding secure, reliable, and auditable voting systems. This system outlines an architecture based on redundancy at each stage of the ballot submission process that is resistant to external hacking and internal insertion of malicious code. The proposed architecture addresses all layers of the system beyond the point when a voter commits the ballot. These steps include the verification of eligibility to vote, authentication, and aggregation of the vote.