Threat Risk

Voter Removal from Registration List Based on Name Matching is Unreliable

admin — Thu, 26 Jun 2008 13:17:12 -0700

The voter registration list is the information backbone for the administration of elections. Keeping it up-to-date is a difficult task that can expose officials to accusations of voter disenfranchisement. We review here some of the problems that affected Florida elections, explore some solutions proposed with the Help America Vote Act of 2002 in regards to voter registration maintenance, and illustrate these with an experiment on the actual voter rolls from Florida.

Precinct Voting Denial of Service

admin — Thu, 26 Jun 2008 12:46:14 -0700

This is a type of threat that has a long history in electoral politics, and can take many forms.1 The basic approach is that a perpetrator attacks precinct voting, regardless of voting system, on election day in an effort to disrupt the process sufficiently to produce an effective “denial of service” attack. The perpetrator, based on an analysis of past elections returns, would target selected precincts that are highly likely to cast votes in a certain direction. For example, if the perpetrator wished to sway the election for party X, he or she would target precincts that have very heavy concentrations of party Y supporters. In a close election, especially in lower-level races, such an attack could either sway the outcome of an election to party X or could throw considerable doubt and distrust into the announced election outcome.

Prepared for NIST “Threats to Voting Systems” Workshop

Challenges Facing the American Electoral System: Research Priorities for the Social Sciences

admin — Thu, 26 Jun 2008 12:35:25 -0700

This report summarizes the activities and findings of the National Research Commission on Elections and Voting, organized in October, 2004 by the Social Science Research Council (SSRC) to serve as a scholarly resource for nonpartisan insight into challenges facing the American electoral process.

Potential Threats to Statewide Voter Registration Systems

admin — Thu, 19 Jun 2008 16:03:47 -0700

No abstract available.

Precinct Voting Denial of Service

admin — Thu, 19 Jun 2008 16:02:34 -0700

No abstract available.

An Active Approach to Voting Verification

admin — Thu, 19 Jun 2008 15:22:41 -0700

As our voting systems have come to rely more deeply on computer technology there have been great opportunities to improve the voting process, however, recently computer scientists and the general public have become wary of the amount of trust we place in the computers running our elections. Many proposals for audit systems to monitor our elections have been created. One popular audit system is the voter verified paper audit trail (VVPAT). Another more recent proposal is the voter verified audio audit transcript trail (VVAATT). In order to compare these two systems we conducted a user study where we purposely added errors to the audit trail in order to see if voters would be able to find these errors. Our results showed that voters found many more errors using the VVAATT system than they did with the VVPAT system.

Immediate Steps To Avoid Lost Votes In The 2004 Presidential Election: Recommendations For The Election Assistance Commission

admin — Wed, 18 Jun 2008 14:41:39 -0700

We recommend four immediate steps that the Election Assistance Commision (EAC) should take to improve the electoral process for the November 2004 presidential election. We also provide below a number of other steps that we believe are necessary for avoiding lost votes in the presidential election this fall. However, as time and resources are limited, we recognize that these additional steps might be difficult to achieve nationwide by November.

The Reliability of Electronic Voting Machines in Georgia

admin — Wed, 18 Jun 2008 14:10:02 -0700

No abstract available.

Security Vulnerabilities and Problems with VVPT

admin — Wed, 18 Jun 2008 14:03:24 -0700

A proposed Voter Verifiable Paper Trail (VVPT) includes a printed ballot as a receipt that a voter can view to verify their vote before leaving an electronic voting machine. This method is also supposed to insure the accuracy of the recorded vote by allowing the tally to be checked later by counting the collected receipts.

This paper considers problems with ergonomics, logistics, security, fraud, and mechanical fragility with using VVPT. Ergonomic problems are introduced by the receipt having a different layout than the ballot, difficulty remembering previous selections to make the verification, by the extra step it introduces after making selections and by it not working well for sightless people. Logistics problems include difficulties in collecting and organizing the receipts, transporting them, and reading and reconciling them with electronic tallies. Security issues include the possibility that receipts can be systematically misprinted in a way that cannot be detected and that hand counting will not easily detect fraud. Mechanical problems include printer breakdowns and supplies running out. VVPTs could add problems by being questioned in various ways or though the development of computer programs that defraud the VVPT systematically. VVPTs do not address existing sources of disenfranchisement such as registration problems, equipment and ballot problems, and polling place problems.

Experiments and elections have yet to establish that people can in fact verify their ballots using a paper receipt. Effective approaches for accurately counting the paper receipts for auditing purposes have not been established either.

Proving that an election correctly records and transmits the intention of the voter is worthwhile. Computers are the first technology that can easily report voting results in multiple formats. Simple systems-verification solutions are possible. Parallel voting and time shifted testing require no extra equipment. Voter Verified Audio Transcripts would simplify voting and improve audit security by presenting verification as feedback during the selection process rather than post hoc auditing.

Building Secure and Transparent Elections Through Standard Operating Procedures

admin — Wed, 18 Jun 2008 12:56:41 -0700

No abstract available.