Verifiable Voting: A Primer

This is a nice explanation and a cool solution. I amused myself a bit ago by trying to come up with a solution for these two constraints without reading about the crypto work, and ended up with something different. In my scheme, a voter casts a vote for a candidate and gets a receipt with the UUID of the vote, which is simply mapped to the candidate so that they can verify it online later. However, the voter can also cast any number of additional ballots, which are constrained by the system to be pairs of votes and anti-votes, each for the same candidate, and get receipts for each. For example, I support Harker, but I&#x27;ve been paid to vote for Dracula. I go into the voting booth and cast my vote for Harker, getting Receipt 1. Then I press an extra button to cast a fake vote for Dracula, and get Receipts 2 and 3, with 3 being a special negative ballot. I can show Receipt 2 to my briber, who can verify that it corresponds to a vote for Dracula. But secretly, I can use Receipt 1 to check that my vote for Harker was counted correctly, and Receipt 3 to see that a negative vote was also cast for Dracula, cancelling out my bribed vote.<p>You need to allow each voter to cast multiple fake votes, otherwise the briber&#x2F;coercer could simply demand receipts for a fake vote in addition to the real ones. Could get a bit unwieldy. But the big advantage is that there&#x27;s no extra complexity for the average voter, since they don&#x27;t need to cast any fake votes.

Locally, where I serve as an election officer, we<p>- check in<p>- fill out a bubble sheet<p>- scan it<p>- declare vict&#x27;ry<p>Complex schemes are great intellectual exercises.<p>Just understand that perfection is unattainable.<p>We need <i>enough</i> automation for speedy reporting, without losing the secret ballot.<p>But the temptation to fetish technology past the point of diminishing returns, too, is a bugaboo.<p>KISS.

This primer misses the point that elections should be easy to participate in. The voters should need the ability or knowledge about encryption to participate. Otherwise it discriminated against voters from many historically underprivileged backgrounds.<p>And the same goes for the people helping conduct the election. The ones who have to help with counting. I would rather have anyone above the age of 18 be able to count the votes without trusting corporations or complex open source programs. Let the community leaders and volunteers in under privileged parts of the country be able to simply count the votes. Otherwise we shut them out.<p>Just my two cents. Well written post though.

I still don&#x27;t get it. The ballot is effectively a pivot between the voter and the result. You can&#x27;t just disconnect this without sacrificing the integrity of the system. If you scramble it so that the vote and the ballot are disconnected, there is no way to prove the results are valid. And if you disconnect the voter from the ballot, you can make up all the votes you want.<p>But let&#x27;s say the Input-&gt;Output is reproducible all the time with no chain between the voter and the result. You &#x2F;still&#x2F; have no way to ensure that the checkbox corresponded with the name, and that you cast the vote you think you did. Perhaps this is outside the scope of the article, but its a fairly glaring deficiency.<p>Perhaps I&#x27;m misunderstanding. But all you can tell with this system is that &quot;your&quot; ballot went into the magic box and a (presumably reproducible) result came out the other side.

&gt; There several different verifiable voting systems that have been conceived of – I’ll be describing a system called Prêt à Voter (the only one, to my knowledge, that’s been used in a real election).<p>This is not true. Scantegrity was an excellent voting system implemented in a real, binding US election. It is also (relatively) easy to use and requires little modification to a traditional ballot-based voting system.<p><a href="https:&#x2F;&#x2F;www.chaum.com&#x2F;publications&#x2F;Scantegrity-II-Municipal-Election-at-Takoma-Park-the-first-E2E-Binding-Governmental-Election-with-Ballot-Privacy.pdf" rel="nofollow">https:&#x2F;&#x2F;www.chaum.com&#x2F;publications&#x2F;Scantegrity-II-Municipal-...</a>

A nice article with a great sense of when to hand-wave (and to acknowledge that hand-waviness)...<p>...and a good argument as to why paper ballots are still the best known voting system. Every other proposed solution is too complex.

&gt; Next, we need to actually count the ballots in a way that can be verified. The key idea is that the ballots are shuffled in a way that we can be sure that no individual vote has been changed, but we don’t know which input vote corresponds to which output vote....<p>This confuses me. Is it difficult to shuffle the paper ballots without changing votes? Are we concerned that the ink my be moved from one circle to another circle or something?

How does this system protect against ballot stuffing? It seems to have a mechanism for voters to verify that their ballots were counted, but no mechanism for the public to verify that counted ballots correspond to real voters.

Election security should be transparently understandable to nearly everyone or else there&#x27;ll be mistrust in the system.<p>At this point, paper ballots, and human processes are the best hope in America.

Quickly scanned article.<p>Doesn&#x27;t account for the data leaks caused by ballot processing, which eliminate the secret ballot.<p>With paper ballots cast at poll sites, voters sign prior to being issued a ballot. This order is preserved (in the elections I&#x27;m familiar with). With the Australian Ballot, dropping the ballot into the box is the secure one-way hash which (mostly) anonymizes the ballots.<p>With postal ballots, even more care is required. Returned ballots arrive in bins. So its very likely that your ballot is the only one from your precinct in that bin. Making it trivial to tie that ballot back to you. The mitigation is to sort ballots by precinct prior to processing. Which is not easy or feasible, because ballots are generally processed as they arrive. This loss of secrecy is quite surprising to first time observers to how an election board works to certify elections.<p>--<p>Source: Burned out election integrity activist. I actually got some minor laws and procedures changed. Plus poll worker, judge, observer for about a decade. It took me <i>forever</i> to get up to speed on election administration and I&#x27;d say I know maybe 20% of what I&#x27;d need to know to do the job. There are so many nooks and crannies, and it&#x27;s always changing, and every where has its own quirks. Meaning election administration is surprisingly difficult and arcane. So it&#x27;s very hard to have casual constructive conversations about this stuff.<p>--<p>PS- Chewing on this article a bit more more. Two things.<p>#1<p>Huge shout out for this point:<p><i>&quot;5) The salt is crucial for ballot secrecy – since there a finite number of permutations of the ballot, without it, an adversary could determine the contents of a vote simply by enumerating possible ballot permutations and matching the resulting cipher texts.&quot;</i><p>THANK YOU!<p>This is so hard to explain. Especially to crypto advocates.<p>Back when I studied the available crypto voting systems, manually simulating a real world election, I stumbled upon this realization.<p>Any one advocating a new voting system HAS to clearly state the operating parameters, assumptions. Number of voters, precincts, contests per ballot, etc. And be very clear for when their system NO LONGER WORKS.<p>#2<p>This article does mention shuffling. I&#x27;ll admit that I haven&#x27;t followed the advances this last decade. I&#x27;d want to verify that &quot;shuffling&quot; is one-way (irreversible) and not simply hashing (hash collisions).<p>No one will be happier if someone figured out how to preserve private voting, public counting (Australian Ballot).