Document

Download Report

Transcript Document 

Improving Reliability of Direct
Recording Electronic Voting
Systems
Eric Lazarus
7/18/2015
Brennan Center for Justice
1
Pro-DRE

Pre-DRE technology has huge error rates
 Accessibility
– No time to wait for security

Easier to count electrons
 Adding paper will
– Not add security
– Make the system less trusted by the public
– Add cost and complexity

These systems are not worse than older
technology
7/18/2015
Brennan Center for Justice
2
Anti-DRE







You cant trust computers
You cannot test them
You cannot reliably inspect them
The current generation is not architected
for verifiability or security
It would not be hard to do better with
crypto, paper ballots, etc. (Study
AutoMark!)
Small conspiracy theory
Bathtub problem
7/18/2015
Brennan Center for Justice
3
Anti-DRE: Points of Vulnerability
Terminal Built (High)
Software Developed (Very High)
Software “Built” (Very High)
Terminal Shipped (High)
Software Certified (Low)
Terminal Stored (High)
Software Shipped (High)
Terminal Software Refreshed (Very High)
Terminal Tested (Low)
Terminal Shipped to Polling Place (High)
Terminal Stored at Polling Place (Medium)
Terminal Setup at Polling Place (Medium)
Terminal Setup at Polling Place (Medium)
Polling (Medium)
Poll Closing (Low)
Votes Transmitted (High)
Each technology is
different but there are
big vulnerabilities at
each stage of the process
which are not addressed.
Ratings reflect my
concern areas.
Votes Tallied (Medium)
Tallies Transmitted (Low)
7/18/2015
Brennan Center for Justice
4
Pro-DRE: The real problems are…
Voter Registered
Voter Roll Maintained
Roll Manipulation
Voter Informed of Voting Location
Intimidation
Voter Checked In
Vote Recorded
Ballot Box Stuffing
Vote Tallied
Result Reported
Results Audited
Result Certified
7/18/2015
Brennan Center for Justice
5
Assessment of arguments?
Which have merit?
 Which don’t?
 How do we create public trust given
the debate?

7/18/2015
Brennan Center for Justice
6
Election Practices Report Card
What do you like?
 What do you not like?
 What is confusing?

7/18/2015
Brennan Center for Justice
7
BC Neutral on DRE/VVPT
Question

Assuming that you are using DRE
machines, what can you do?
7/18/2015
Brennan Center for Justice
8
Project Goals
Bring together the civil rights and
computer security community
 Develop recommendations that
would improve the situation – 2004
only

7/18/2015
Brennan Center for Justice
9
Recommendations
Independent security team
 Assessment cover

– Hardware Design
– Hardware/Firmware Configuration
– Software Design
– Software Configuration
– Election Procedures
– Physical Security
7/18/2015
Brennan Center for Justice
10
Recommendations






Implement the critical recommendations
Provide thorough training
Parallel testing
Permanent independent technology panel
Standard audit procedures to verify
correct operation and uncover security
breaches
Incident reporting
7/18/2015
Brennan Center for Justice
11
Recommendations for 2004
Not bad idea for 2006…
 We hope that we can exceed this
standard

FOR MORE INFO...
www.votingtechnology.org
7/18/2015
Brennan Center for Justice
12
Best thing that can be done
7/18/2015
Brennan Center for Justice
13
Outside Expert

Engaged an expert in computer
security
7/18/2015
Brennan Center for Justice
14
Pre-Election Logic & Accuracy
Testing






User interface testing!
Automatic self-test scripts
Test audio and other accessibility
interfaces.
Test all ballot positions in all languages.
Test intensively by hand some machines
in a realistically simulated election
Explain all pre-election testing to those
who have come to observe
7/18/2015
Brennan Center for Justice
15
Parallel testing

“Parallel testing” during Election
Day, simulating a real election (poll
opening, voting, and poll closing) on
a few machines randomly selected
from polling places on Election Day.
7/18/2015
Brennan Center for Justice
16
Seals

Seal with numbered tamper-evident seals
and log all physical (paper and electronic)
polling place records; then check and log
seal numbers when received from polling
place.
 Logged, numbered, tamper-evident seals to
prevent use of the voting machines between
the time they pass pre-election testing and
the poll-opening process.
 Machine has a unique secure key/password.
7/18/2015
Brennan Center for Justice
17
Incident Handling and Reporting

Keep sufficient paper ballots on hand at
each polling place to ensure no voter is
turned away due to system failures.
 Forward incident reports to the responsible
state official(s) and to the Federal Election
Commission or to the Election Assistance
Commission.
 Incident reports available to news media
and the public
7/18/2015
Brennan Center for Justice
18
Questions?
7/18/2015
Brennan Center for Justice
19
Interesting things to discuss
What do poll watchers need to
know?
 How do we apply the BC
recommendations at this point?
 Tricks for dry run of the election

7/18/2015
Brennan Center for Justice
20