fbpx
Wikipedia

End-to-end auditable voting systems

December 07, 2023

End-to-end auditable or end-to-end voter verifiable (E2E) systems are voting systems with stringent integrity properties and strong tamper resistance. E2E systems often employ cryptographic methods to craft receipts that allow voters to verify that their votes were counted as cast, without revealing which candidates were voted for. As such, these systems are sometimes referred to as receipt-based systems.[1]

Overview edit

Electronic voting systems arrive at their final vote totals by a series of steps:

  1. each voter has an original intent,
  2. voters express their intent on ballots (whether interactively, as on the transient display of a DRE voting machine, or durable, as in systems with voter verifiable paper trails),
  3. the ballots are interpreted, to generate electronic cast vote records,
  4. cast vote records are tallied, generating totals
  5. where counting is conducted locally, for example, at the precinct or county level, the results from each local level are combined to produce the final tally.

Classical approaches to election integrity tended to focus on mechanisms that operated at each step on the chain from voter intent to the final total. Voting is an example of a distributed system, and in general, distributed system designers have long known that such local focus may miss some vulnerabilities while over-protecting others.[citation needed] The alternative is to use end-to-end measures that are designed to measure the integrity of the entire chain.[2]

The failure of conventional optical scan voting systems to meet an end-to-end standard was pointed out in 2002.[3]

Comprehensive coverage of election integrity frequently involves multiple stages. Voters are expected to verify that they have marked their ballots as intended, recounts or audits are used to protect the step from marked ballots to ballot-box totals, and publication of all subtotals allows public verification that the overall totals correctly sum the ballot-box totals.[4]

While measures such as voter verified paper audit trails and manual recounts measure the effectiveness of some steps, they offer only weak measurement of the integrity of the physical or electronic ballot boxes. Ballots could be removed, replaced, or could have marks added to them without detection (i.e.,to fill in undervoted contests with votes for a desired candidate or to overvote and spoil votes for undesired candidates). This shortcoming motivated the development of the end-to-end auditable voting systems discussed here, sometimes referred to as E2E voting systems. These attempt to cover the entire path from voter attempt to election totals with just two measures:

  • Individual verifiability, by which any voter may check that his or her ballot is correctly included in the electronic ballot box, and
  • Universal verifiability, by which anyone may determine that all of the ballots in the box have been correctly counted.

Because of the importance of the right to a secret ballot, some E2E voting schemes also attempt to meet a third requirement, usually referred to as receipt freeness:

  • No voter can demonstrate how he or she voted to any third party.

A researcher has argued that end-to-end auditability and receipt-freeness should be considered to be orthogonal properties.[5] Other researchers have shown that these properties can co-exist,[6] and these properties are combined in the 2005 Voluntary Voting System Guidelines promulgated by the Election Assistance Commission.[7] This definition is also predominant in the academic literature.[8][9][10][11]

To address ballot stuffing, the following measure can be adopted:

  • Eligibility verifiability, by which anyone may determine that all counted ballots were cast by registered voters.

Alternatively, assertions regarding ballot stuffing can be externally verified by comparing the number of ballots on hand with the number of registered voters recorded as having voted, and by auditing other aspects of the registration and ballot delivery system.

Support for E2E auditability, based on prior experience using it with in-person elections, is also seen as a requirement for remote voting over the Internet by many experts.[12]

Proposed E2E Systems edit

In 2004, David Chaum proposed a solution that allows each voter to verify that their votes are cast appropriately and that the votes are accurately tallied using visual cryptography.[13] After the voter selects their candidates, a voting machine prints out a specially formatted version of the ballot on two transparencies. When the layers are stacked, they show the human-readable vote. However, each transparency is encrypted with a form of visual cryptography so that it alone does not reveal any information unless it is decrypted. The voter selects one layer to destroy at the poll. The voting machine retains an electronic copy of the other layer and gives the physical copy as a receipt to allow the voter to confirm that the electronic ballot was not later changed. The system detects changes to the voter's ballot and uses a mix-net decryption[14] procedure to check if each vote is accurately counted. Sastry, Karloff and Wagner pointed out that there are issues with both of the Chaum and VoteHere cryptographic solutions.[15]

Chaum's team subsequently developed Punchscan, which has stronger security properties and uses simpler paper ballots.[16] The paper ballots are voted on and then a privacy-preserving portion of the ballot is scanned by an optical scanner.

The Prêt à Voter system, invented by Peter Ryan, uses a shuffled candidate order and a traditional mix network. As in Punchscan, the votes are made on paper ballots and a portion of the ballot is scanned.

The Scratch and Vote system, invented by Ben Adida, uses a scratch-off surface to hide cryptographic information that can be used to verify the correct printing of the ballot.[17]

The ThreeBallot voting protocol, invented by Ron Rivest, was designed to provide some of the benefits of a cryptographic voting system without using cryptography. It can in principle be implemented on paper although the presented version requires an electronic verifier.

The Scantegrity and Scantegrity II systems provide E2E properties. Rather than replacing the entire voting system, as is the case in all the preceding examples, it works as an add-on for existing optical scan voting systems, producing conventional voter-verifiable paper ballots suitable for risk-limiting audits. Scantegrity II employs invisible ink and was developed by a team that included Chaum, Rivest, and Ryan.

The STAR-Vote system[18] was defined for Travis County, the fifth most populous county in Texas, and home of the state capital, Austin.[19] It illustrated another way to combine an E2E system with conventionally auditable paper ballots, produced in this case by a ballot marking device.[20] The project produced a detailed spec and request for proposals in 2016, and bids were received for all the components, but no existing contractor with an EAC certified voting was willing to adapt their system to work with the novel cryptographic open-source components, as required by the RFP.[21][22]

Building on the STAR-Vote experience, Josh Benaloh at Microsoft led the design and development of ElectionGuard, a software development kit that can be combined with existing voting systems to add E2E support. The voting system interprets the voter's choices, stores them for further processing, then calls ElectionGuard which encrypts these interpretations and prints a receipt for the voter. The receipt has a number which corresponds to the encrypted interpretation. The voter can then disavow the ballot (spoil it), and vote again. Later, independent sources, such as political parties, can obtain the file of numbered encrypted ballots and sum the different contests on the encrypted file to see if they match the election totals. The voter can ask those independent sources if the number(s) on the voter's receipt(s) appear in the file. If enough voters check that their numbers are in the file, they will find if ballots are omitted. Voters can get the decrypted contents of their spoiled ballots, to determine if they accurately match what the voter remembers was on those ballots. The voter cannot get decrypted copies of voted ballots, to prevent selling votes. If enough voters check spoiled ballots, they will show mistakes in encryptions.[23][24] ElectionGuard does not detect ballot stuffing, which must be detected by traditional records. It does not detect people who falsify receipts, claiming their ballot is missing or was interpreted in error. Election officials will need to decide how to track claimed errors, how many are needed to start an investigation, how to investigate and how to recover from errors, State law may give staff no authority to take action.[24] ElectionGuard does not tally write-ins, except as an undifferentiated total. It is incompatible with overvotes.[25][23][24]

Use in elections edit

The city of Takoma Park, Maryland used Scantegrity II for its 2009 and 2011 city elections.[26][27]

Helios has been used since 2009 by several organizations and universities for general elections, board elections, and student council elections.[28][29]

Wombat Voting was used in student council elections at the private research college Interdisciplinary Center Herzliya in 2011 and 2012,[30][31] as well as in the primary elections for the Israeli political party Meretz in 2012.[32]

A modified version of Prêt à Voter was used as part of the vVote poll-site electronic voting system at the 2014 Victorian State Election in Australia.[33]

ElectionGuard was combined with a voting system from VotingWorks and used for the Fulton, Wisconsin spring primary election on February 18, 2020.[34]

The DRE-ip system was trialed in a polling station in Gateshead on 2 May 2019 as part of the 2019 United Kingdom local elections.[35][36]

Examples edit

References edit

  1. ^ "Voluntary Voting System Guidelines version 1.0" (PDF). Election Assistance Commission. 2005. Retrieved 2020-04-07.
  2. ^ J. H. Saltzer; D. P. Reed; D. D. Clark (1 November 1984). "End-to-end arguments in system design". ACM Transactions on Computer Systems. 2 (4): 277–288. doi:10.1145/357401.357402. ISSN 0734-2071. S2CID 215746877.
  3. ^ Douglas W. Jones, End-to-End Standards for Accuracy in Paper-Based Systems, (alternate source), Jan 31, 2002, Washington DC.
  4. ^ Douglas W. Jones, Perspectives on Electronic Voting, From Power Outages to Paper Trails 2008-11-28 at the Wayback Machine (alternate source), IFES, Washington DC, 2007; pages 32-46, see particularly Figure 4, page 39.
  5. ^ Douglas W. Jones, Some Problems with End-to-End Voting, position paper presented at the End-to-End Voting Systems Workshop, Oct. 13-14, 2009, Washington DC.
  6. ^ B Smyth, S. Frink and M. R. Clarkson, Election Verifiability: Cryptographic Definitions and an Analysis of Helios and JCJ, Cornell's digital repository, Feb. 2017
  7. ^ 2005 Voluntary Voting System Guidelines 2008-06-13 at the Wayback Machine, Election Assistance Commission
  8. ^ Jeremy Clark, Aleks Essex, and Carlisle Adams. On the Security of Ballot Receipts in E2E Voting Systems 2012-07-22 at the Wayback Machine. IAVoSS Workshop on Trustworthy Elections 2007.
  9. ^ Aleks Essex, Jeremy Clark, Richard T. Carback III, and Stefan Popoveniuc. Punchscan in Practice: An E2E Election Case Study. IAVoSS Workshop on Trustworthy Elections 2007.
  10. ^ Olivier de Marneffe, Olivier Pereira and Jean-Jacques Quisquater. Simulation-Based Analysis of E2E Voting Systems. E-Voting and Identity 2007.
  11. ^ Ka-Ping Yee. Building Reliable Voting Machine Software. Ph.D. Dissertation, UC Berkeley, 2007.
  12. ^ "The Future of Voting: End-to-End Verifiable Internet Voting - Specification and Feasibility Study - E2E-VIV Project". U.S. Vote Foundation. 2015. Retrieved 2016-09-01.
  13. ^ Chaum, David (2004). "Secret-Ballot Receipts: True Voter-Verifiable Elections". IEEE Security and Privacy. 2 (1): 38–47. doi:10.1109/MSECP.2004.1264852. S2CID 1015904.
  14. ^ Golle, Philippe; Jakobsson, Markus (October 30, 2003). "Reusable anonymous return channels". Proceedings of the 2003 ACM workshop on Privacy in the electronic society. Association for Computing Machinery. pp. 94–100. doi:10.1145/1005140.1005155. ISBN 1-58113-776-1. S2CID 3040325 – via ACM Digital Library.
  15. ^ Chris Karlof, Naveen Sastry, and David Wagner. Cryptographic Voting Protocols: A Systems perspective. Proceedings of the Fourteenth USENIX Security Symposium (USENIX Security 2005), August 2005.
  16. ^ Steven Cherry, Making every e-vote count, IEEE Spectrum, Jan 2007.
  17. ^ "Ben Adida". ben.adida.net.
  18. ^ Bell, Susan; et al. (2013-08-01). "STAR-Vote: A Secure, Transparent, Auditable, and Reliable Voting System" (PDF). usenix evtvote13. Retrieved 2018-04-24.
  19. ^ "Travis County - STAR-VoteTM Request for Proposal Released". www.traviscountyclerk.org. 2016-10-10. Retrieved 2018-04-24.
  20. ^ Okun, Eli (2014-07-09). "Travis County Forges New Territory in Creating Voting Machine". The Texas Tribune. Retrieved 2016-09-02.
  21. ^ Pritchard, Caleb (2017-10-04). "STAR-Vote collapses - Austin Monitor". Austin Monitor. Retrieved 2018-08-04.
  22. ^ Ballard, Ginny (2017-09-28). "Travis County - STAR-Vote - A Change of Plans". traviscountyclerk.org. Retrieved 2018-08-04.
  23. ^ a b Halpern, Sue (2020-07-07). "Can Our Ballots Be Both Secret and Secure?". New Yorker. Retrieved 2021-10-14.
  24. ^ a b c McKim, Karen (2021-03-16). "The Election Guard we need isn't one that Microsoft can provide. It's human". Wisconsin Election Integrity. Retrieved 2021-10-15.
  25. ^ "ElectionGuard - Structures and Processes". www.electionguard.vote. Retrieved 2021-10-17.
  26. ^ (PDF). Archived from the original (PDF) on 2011-07-19.
  27. ^ Hardesty, Larry (13 November 2009). "Cryptographic voting debuts". MIT news. Retrieved 2009-11-30.
  28. ^ Haber, Stuart (May 24, 2010). "The Helios e-Voting Demo for the IACR" (PDF).
  29. ^ Adida, Ben (June 25, 2009). "Electing a University President using Open-Audit Voting: Analysis of real-world use of Helios" (PDF).
  30. ^ Rivest, Ron L. (March 16, 2016). "Auditability and Verifiability of Elections".
  31. ^ Ben-Nun, Jonathan; Farhi, Niko; Llewellyn, Morgan; Riva, Ben; Rosen, Alon; Ta-Shma, Amnon; Wikstrom, Douglas (2012). "A New Implementation of a Dual (Paper and Cryptographic) Voting System". In Manuel J. Kripp; Melanie Volkamer; Rüdiger Grimm (eds.). 5th International conference on electronic voting 2012 (EVOTE2012). Bonn: Gesellschaft für Informatik. ISBN 978-3-88579-299-4. S2CID 2015880.
  32. ^ "Meretz aims to revolutionize electronic voting". The Jerusalem Post. Retrieved 2020-01-14.
  33. ^ Eldridge, Mark (May 6, 2018). "A Trustworthy Electronic Voting System for Australian Federal Elections". arXiv:1805.02202 [cs.CR].
  34. ^ "A Texas County Clerk's Bold Crusade to Transform How We Vote". Wired. ISSN 1059-1028. Retrieved 2021-04-10.
  35. ^ Wakefield, Jane (2 May 2019). "E-voting trialled in local elections". BBC News.
  36. ^ Hao, Feng; Wang, Shen; Bag, Samiran; Procter, Rob; Shahandashti, Siamak F; Mehrnezhad, Maryam; Toreini, Ehsan; Metere, Roberto; Liu, Lana (2020). "End-to-End Verifiable E-Voting Trial for Polling Station Voting" (PDF). IEEE Security & Privacy. 18 (6): 6–13. doi:10.1109/MSEC.2020.3002728. S2CID 219616040.
  37. ^ ADDER voting system
  38. ^ "Helios Voting". vote.heliosvoting.org.
  39. ^ "Wombat Voting System".
  40. ^ Feng Hao, Matthew N. Kreeger, Brian Randell, Dylan Clarke, Siamak F. Shahandashti, and Peter Hyun-Jeen Lee. "Every Vote Counts: Ensuring Integrity in Large-Scale Electronic Voting". USENIX Journal of Election Technology and Systems (JETS) Volume 2, Number 3, July 2014
  41. ^ Siamak F. Shahandashti and Feng Hao. "DRE-ip: A Verifiable E-Voting Scheme without Tallying Authorities". Proceedings of the 21st European Symposium on Research in Computer Security (ESORICS), LNCS, Vol. 9879, 2016
  42. ^ Patachi, Stefan (September 2019). "Assembly Voting X" (PDF). assemblyvoting.com. Assembly Voting. (PDF) from the original on 2 March 2023. Retrieved 27 April 2023.
  43. ^ "Core Technologies – Assembly Voting". 24 April 2021.
  44. ^ "Black Box Voting Vs. End-to-End Verifiable Voting – Assembly Voting". 19 April 2022.

External links edit

  • Verifying Elections with Cryptography — Video of Ben Adida's 90-minute tech talk
  • Helios: Web-based Open-Audit Voting — PDF describing Ben Adida's Helios web-site
  • Helios Voting System web-site
  • Simple Auditable & Anonymous Voting Scheme
  • Study on Poll-Site Voting and Verification Systems — A review of existing electronic voting systems and its verification systems in supervised environments.
  • a 2020 MIT Media Lab article about end to end verifiable voting systems, includes discussion of blockchains
  • A Really Secret Ballot — Article by The Economist

December 07, 2023
auditable, voting, systems, auditable, voter, verifiable, systems, voting, systems, with, stringent, integrity, properties, strong, tamper, resistance, systems, often, employ, cryptographic, methods, craft, receipts, that, allow, voters, verify, that, their, v. End to end auditable or end to end voter verifiable E2E systems are voting systems with stringent integrity properties and strong tamper resistance E2E systems often employ cryptographic methods to craft receipts that allow voters to verify that their votes were counted as cast without revealing which candidates were voted for As such these systems are sometimes referred to as receipt based systems 1 Contents 1 Overview 2 Proposed E2E Systems 3 Use in elections 4 Examples 5 References 6 External linksOverview editElectronic voting systems arrive at their final vote totals by a series of steps each voter has an original intent voters express their intent on ballots whether interactively as on the transient display of a DRE voting machine or durable as in systems with voter verifiable paper trails the ballots are interpreted to generate electronic cast vote records cast vote records are tallied generating totals where counting is conducted locally for example at the precinct or county level the results from each local level are combined to produce the final tally Classical approaches to election integrity tended to focus on mechanisms that operated at each step on the chain from voter intent to the final total Voting is an example of a distributed system and in general distributed system designers have long known that such local focus may miss some vulnerabilities while over protecting others citation needed The alternative is to use end to end measures that are designed to measure the integrity of the entire chain 2 The failure of conventional optical scan voting systems to meet an end to end standard was pointed out in 2002 3 Comprehensive coverage of election integrity frequently involves multiple stages Voters are expected to verify that they have marked their ballots as intended recounts or audits are used to protect the step from marked ballots to ballot box totals and publication of all subtotals allows public verification that the overall totals correctly sum the ballot box totals 4 While measures such as voter verified paper audit trails and manual recounts measure the effectiveness of some steps they offer only weak measurement of the integrity of the physical or electronic ballot boxes Ballots could be removed replaced or could have marks added to them without detection i e to fill in undervoted contests with votes for a desired candidate or to overvote and spoil votes for undesired candidates This shortcoming motivated the development of the end to end auditable voting systems discussed here sometimes referred to as E2E voting systems These attempt to cover the entire path from voter attempt to election totals with just two measures Individual verifiability by which any voter may check that his or her ballot is correctly included in the electronic ballot box and Universal verifiability by which anyone may determine that all of the ballots in the box have been correctly counted Because of the importance of the right to a secret ballot some E2E voting schemes also attempt to meet a third requirement usually referred to as receipt freeness No voter can demonstrate how he or she voted to any third party A researcher has argued that end to end auditability and receipt freeness should be considered to be orthogonal properties 5 Other researchers have shown that these properties can co exist 6 and these properties are combined in the 2005 Voluntary Voting System Guidelines promulgated by the Election Assistance Commission 7 This definition is also predominant in the academic literature 8 9 10 11 To address ballot stuffing the following measure can be adopted Eligibility verifiability by which anyone may determine that all counted ballots were cast by registered voters Alternatively assertions regarding ballot stuffing can be externally verified by comparing the number of ballots on hand with the number of registered voters recorded as having voted and by auditing other aspects of the registration and ballot delivery system Support for E2E auditability based on prior experience using it with in person elections is also seen as a requirement for remote voting over the Internet by many experts 12 Proposed E2E Systems editIn 2004 David Chaum proposed a solution that allows each voter to verify that their votes are cast appropriately and that the votes are accurately tallied using visual cryptography 13 After the voter selects their candidates a voting machine prints out a specially formatted version of the ballot on two transparencies When the layers are stacked they show the human readable vote However each transparency is encrypted with a form of visual cryptography so that it alone does not reveal any information unless it is decrypted The voter selects one layer to destroy at the poll The voting machine retains an electronic copy of the other layer and gives the physical copy as a receipt to allow the voter to confirm that the electronic ballot was not later changed The system detects changes to the voter s ballot and uses a mix net decryption 14 procedure to check if each vote is accurately counted Sastry Karloff and Wagner pointed out that there are issues with both of the Chaum and VoteHere cryptographic solutions 15 Chaum s team subsequently developed Punchscan which has stronger security properties and uses simpler paper ballots 16 The paper ballots are voted on and then a privacy preserving portion of the ballot is scanned by an optical scanner The Pret a Voter system invented by Peter Ryan uses a shuffled candidate order and a traditional mix network As in Punchscan the votes are made on paper ballots and a portion of the ballot is scanned The Scratch and Vote system invented by Ben Adida uses a scratch off surface to hide cryptographic information that can be used to verify the correct printing of the ballot 17 The ThreeBallot voting protocol invented by Ron Rivest was designed to provide some of the benefits of a cryptographic voting system without using cryptography It can in principle be implemented on paper although the presented version requires an electronic verifier The Scantegrity and Scantegrity II systems provide E2E properties Rather than replacing the entire voting system as is the case in all the preceding examples it works as an add on for existing optical scan voting systems producing conventional voter verifiable paper ballots suitable for risk limiting audits Scantegrity II employs invisible ink and was developed by a team that included Chaum Rivest and Ryan The STAR Vote system 18 was defined for Travis County the fifth most populous county in Texas and home of the state capital Austin 19 It illustrated another way to combine an E2E system with conventionally auditable paper ballots produced in this case by a ballot marking device 20 The project produced a detailed spec and request for proposals in 2016 and bids were received for all the components but no existing contractor with an EAC certified voting was willing to adapt their system to work with the novel cryptographic open source components as required by the RFP 21 22 Building on the STAR Vote experience Josh Benaloh at Microsoft led the design and development of ElectionGuard a software development kit that can be combined with existing voting systems to add E2E support The voting system interprets the voter s choices stores them for further processing then calls ElectionGuard which encrypts these interpretations and prints a receipt for the voter The receipt has a number which corresponds to the encrypted interpretation The voter can then disavow the ballot spoil it and vote again Later independent sources such as political parties can obtain the file of numbered encrypted ballots and sum the different contests on the encrypted file to see if they match the election totals The voter can ask those independent sources if the number s on the voter s receipt s appear in the file If enough voters check that their numbers are in the file they will find if ballots are omitted Voters can get the decrypted contents of their spoiled ballots to determine if they accurately match what the voter remembers was on those ballots The voter cannot get decrypted copies of voted ballots to prevent selling votes If enough voters check spoiled ballots they will show mistakes in encryptions 23 24 ElectionGuard does not detect ballot stuffing which must be detected by traditional records It does not detect people who falsify receipts claiming their ballot is missing or was interpreted in error Election officials will need to decide how to track claimed errors how many are needed to start an investigation how to investigate and how to recover from errors State law may give staff no authority to take action 24 ElectionGuard does not tally write ins except as an undifferentiated total It is incompatible with overvotes 25 23 24 Use in elections editThe city of Takoma Park Maryland used Scantegrity II for its 2009 and 2011 city elections 26 27 Helios has been used since 2009 by several organizations and universities for general elections board elections and student council elections 28 29 Wombat Voting was used in student council elections at the private research college Interdisciplinary Center Herzliya in 2011 and 2012 30 31 as well as in the primary elections for the Israeli political party Meretz in 2012 32 A modified version of Pret a Voter was used as part of the vVote poll site electronic voting system at the 2014 Victorian State Election in Australia 33 ElectionGuard was combined with a voting system from VotingWorks and used for the Fulton Wisconsin spring primary election on February 18 2020 34 The DRE ip system was trialed in a polling station in Gateshead on 2 May 2019 as part of the 2019 United Kingdom local elections 35 36 Examples editADDER 37 Helios 38 Pret a Voter Punchscan Scantegrity Wombat Voting 39 ThreeBallot Bingo Voting homomorphic secret sharing DRE i 40 E2E verifiable e voting without tallying authorities based on pre computation DRE ip 41 E2E verifiable e voting without tallying authorities based on real time computation Assembly Voting X 42 43 44 References edit Voluntary Voting System Guidelines version 1 0 PDF Election Assistance Commission 2005 Retrieved 2020 04 07 J H Saltzer D P Reed D D Clark 1 November 1984 End to end arguments in system design ACM Transactions on Computer Systems 2 4 277 288 doi 10 1145 357401 357402 ISSN 0734 2071 S2CID 215746877 Douglas W Jones End to End Standards for Accuracy in Paper Based Systems Workshop on Election Standards and Technology alternate source Jan 31 2002 Washington DC Douglas W Jones Perspectives on Electronic Voting From Power Outages to Paper Trails Archived 2008 11 28 at the Wayback Machine alternate source IFES Washington DC 2007 pages 32 46 see particularly Figure 4 page 39 Douglas W Jones Some Problems with End to End Voting position paper presented at the End to End Voting Systems Workshop Oct 13 14 2009 Washington DC B Smyth S Frink and M R Clarkson Election Verifiability Cryptographic Definitions and an Analysis of Helios and JCJ Cornell s digital repository Feb 2017 2005 Voluntary Voting System Guidelines Archived 2008 06 13 at the Wayback Machine Election Assistance Commission Jeremy Clark Aleks Essex and Carlisle Adams On the Security of Ballot Receipts in E2E Voting Systems Archived 2012 07 22 at the Wayback Machine IAVoSS Workshop on Trustworthy Elections 2007 Aleks Essex Jeremy Clark Richard T Carback III and Stefan Popoveniuc Punchscan in Practice An E2E Election Case Study IAVoSS Workshop on Trustworthy Elections 2007 Olivier de Marneffe Olivier Pereira and Jean Jacques Quisquater Simulation Based Analysis of E2E Voting Systems E Voting and Identity 2007 Ka Ping Yee Building Reliable Voting Machine Software Ph D Dissertation UC Berkeley 2007 The Future of Voting End to End Verifiable Internet Voting Specification and Feasibility Study E2E VIV Project U S Vote Foundation 2015 Retrieved 2016 09 01 Chaum David 2004 Secret Ballot Receipts True Voter Verifiable Elections IEEE Security and Privacy 2 1 38 47 doi 10 1109 MSECP 2004 1264852 S2CID 1015904 Golle Philippe Jakobsson Markus October 30 2003 Reusable anonymous return channels Proceedings of the 2003 ACM workshop on Privacy in the electronic society Association for Computing Machinery pp 94 100 doi 10 1145 1005140 1005155 ISBN 1 58113 776 1 S2CID 3040325 via ACM Digital Library Chris Karlof Naveen Sastry and David Wagner Cryptographic Voting Protocols A Systems perspective Proceedings of the Fourteenth USENIX Security Symposium USENIX Security 2005 August 2005 Steven Cherry Making every e vote count IEEE Spectrum Jan 2007 Ben Adida ben adida net Bell Susan et al 2013 08 01 STAR Vote A Secure Transparent Auditable and Reliable Voting System PDF usenix evtvote13 Retrieved 2018 04 24 Travis County STAR VoteTM Request for Proposal Released www traviscountyclerk org 2016 10 10 Retrieved 2018 04 24 Okun Eli 2014 07 09 Travis County Forges New Territory in Creating Voting Machine The Texas Tribune Retrieved 2016 09 02 Pritchard Caleb 2017 10 04 STAR Vote collapses Austin Monitor Austin Monitor Retrieved 2018 08 04 Ballard Ginny 2017 09 28 Travis County STAR Vote A Change of Plans traviscountyclerk org Retrieved 2018 08 04 a b Halpern Sue 2020 07 07 Can Our Ballots Be Both Secret and Secure New Yorker Retrieved 2021 10 14 a b c McKim Karen 2021 03 16 The Election Guard we need isn t one that Microsoft can provide It s human Wisconsin Election Integrity Retrieved 2021 10 15 ElectionGuard Structures and Processes www electionguard vote Retrieved 2021 10 17 Pilot Study of the Scantegrity II Voting System Planned for the 2009 Takoma Park City Election PDF Archived from the original PDF on 2011 07 19 Hardesty Larry 13 November 2009 Cryptographic voting debuts MIT news Retrieved 2009 11 30 Haber Stuart May 24 2010 The Helios e Voting Demo for the IACR PDF Adida Ben June 25 2009 Electing a University President using Open Audit Voting Analysis of real world use of Helios PDF Rivest Ron L March 16 2016 Auditability and Verifiability of Elections Ben Nun Jonathan Farhi Niko Llewellyn Morgan Riva Ben Rosen Alon Ta Shma Amnon Wikstrom Douglas 2012 A New Implementation of a Dual Paper and Cryptographic Voting System In Manuel J Kripp Melanie Volkamer Rudiger Grimm eds 5th International conference on electronic voting 2012 EVOTE2012 Bonn Gesellschaft fur Informatik ISBN 978 3 88579 299 4 S2CID 2015880 Meretz aims to revolutionize electronic voting The Jerusalem Post Retrieved 2020 01 14 Eldridge Mark May 6 2018 A Trustworthy Electronic Voting System for Australian Federal Elections arXiv 1805 02202 cs CR A Texas County Clerk s Bold Crusade to Transform How We Vote Wired ISSN 1059 1028 Retrieved 2021 04 10 Wakefield Jane 2 May 2019 E voting trialled in local elections BBC News Hao Feng Wang Shen Bag Samiran Procter Rob Shahandashti Siamak F Mehrnezhad Maryam Toreini Ehsan Metere Roberto Liu Lana 2020 End to End Verifiable E Voting Trial for Polling Station Voting PDF IEEE Security amp Privacy 18 6 6 13 doi 10 1109 MSEC 2020 3002728 S2CID 219616040 ADDER voting system Helios Voting vote heliosvoting org Wombat Voting System Feng Hao Matthew N Kreeger Brian Randell Dylan Clarke Siamak F Shahandashti and Peter Hyun Jeen Lee Every Vote Counts Ensuring Integrity in Large Scale Electronic Voting USENIX Journal of Election Technology and Systems JETS Volume 2 Number 3 July 2014 Siamak F Shahandashti and Feng Hao DRE ip A Verifiable E Voting Scheme without Tallying Authorities Proceedings of the 21st European Symposium on Research in Computer Security ESORICS LNCS Vol 9879 2016 Patachi Stefan September 2019 Assembly Voting X PDF assemblyvoting com Assembly Voting Archived PDF from the original on 2 March 2023 Retrieved 27 April 2023 Core Technologies Assembly Voting 24 April 2021 Black Box Voting Vs End to End Verifiable Voting Assembly Voting 19 April 2022 External links editVerifying Elections with Cryptography Video of Ben Adida s 90 minute tech talk Helios Web based Open Audit Voting PDF describing Ben Adida s Helios web site Helios Voting System web site Simple Auditable amp Anonymous Voting Scheme Study on Poll Site Voting and Verification Systems A review of existing electronic voting systems and its verification systems in supervised environments a 2020 MIT Media Lab article about end to end verifiable voting systems includes discussion of blockchains A Really Secret Ballot Article by The Economist Retrieved from https en wikipedia org w index php title End to end auditable voting systems amp oldid 1187611358, wikipedia, wiki, book, books, library,

article

, read, download, free, free download, mp3, video, mp4, 3gp, jpg, jpeg, gif, png, picture, music, song, movie, book, game, games.