« Bookpool Contest Results | Main | Monad Video, Part 2 »

October 18, 2004

Talk On Secure Elections

Went to a talk by Josh Benaloh, a Microsoft researcher who wrote his Ph.D. thesis back in 1987 on "Verifiable Secret-Ballot Elections".

Benaloh had some interesting things to say about the possibility of trustworthy software-based elections. For example, he pointed out that an election where everyone simply posted their votes publicly on a website, and the results were tallied from that, would satisfy all the concerns people had about software-based elections -- except for privacy, of course, which is critical. But his point was that you could do elections that were verifiable even without everyone knowing the details of the software involved. All they would need to check is that their vote was correctly posted on the website and that the announced final tally matched what they counted themselves. It's the need for secret-ballot elections that complicates matters.

He discussed the push to add paper trails to electronic voting machines. He pointed out that if you had a truly malicious machine, getting a printout stating you voted for candidate X doesn't mean the machine actually recorded your vote for candidate X. And using the paper trail printouts as a backup for recounts likely won't work because some people won't put their printouts in the ballot box, and so you wind up having to decide if you trust the electronic tally or the paper ballot tally. And whichever one you trust, you might as well not use the other one.

(I think this is being too precise. The paper ballot could be used to show if the electronic results were generally correct. For example if 1% of the paper ballots are missing, the paper-based recount should still be within 1% of the final tally. You can therefore do some audits to ensure that the electronic tallies look resonable.)

He also made the interesting point that with paper trail printouts, if someone comes out of the voting booth and says "I voted for candidate X but my printout says I voted for candidate Y" -- you really don't know what to do next. The machine could have malfunctioned, or the voter could be lying (although, it would seem to me that the voter could not use this to shift a vote to his or her chosen candidate, only away, because the "fix" if the election officials believe the voters is to shift a vote from Y to X. So presumably the voter who is lying prefers candidate X, but if the voter is lying and really did intentionally vote for Y, this "fix" is only going to put things back the way they would have been if the voter had voted for X to begin with).

Benaloh also said that there are two parts to electronic voting, generating an encrypted vote and tallying the results. Researchers at first focused on the second problem, but recently have come to realize that the first is much trickier.

Finally, he spoke a bit about vote coercion. He said that it is important not just to allow people to vote in the privacy of a voting booth, but to require it. When Utah introduced widespread absentee balloting, it changed the voting patterns significantly. Researchers discovered that Mormon women voted differently in a voting booth than they did in the kitchen with their husbands present (one presumes they voted more conservatively, thus raising the point hat Republicans should push for more absentee ballots, on the theory that Republican men are more likely than Democratic men to convince their wives to vote like them).

Posted by AdamBa at October 18, 2004 10:18 PM

Trackback Pings

TrackBack URL for this entry: