Cryptographically Secure Paper Voting
Publication Date: 2018-May-18
The IP.com Prior Art Database
Secure ballot-marking and vote counting system providing voter-verified paper records; PKI-based authentication of each step of the voting process; and the ability for anyone to verify that her vote was counted and to confirm the accuracy of the total vote.
Cryptographically Secure Paper Voting With Public Audits Robert Smith PO Box 3003 Wimberley, TX 78676 firstname.lastname@example.org
Rev. 1 November 12, 2017 Document created Rev. 2 May 15, 2018 Version submitted for defensive publication
Introduction Currently available voting methods lack adequate security measures and do not inspire public confidence. Current methods and their shortcomings are as follows:
• Hand-marked and hand-counted ballots: Hand-marked ballots can suffer from ambiguous markings. Hand-counting does not scale well and suffers from arbitrary interpretation of ambiguously marked ballots. These methods do not provide an independent, cryptographically- assured data path and are thus vulnerable to ballot-stuffing and ballot destruction.
• Hand-marked and optically-scanned ballots: Optical scanning permits highly repeatable interpretation of hand-marked ballots and permits timely rejection of ambiguously marked ballots. If the ballot is scanned before the voter leaves the polling place, an ambiguously marked ballot can be “spoiled,” and the voter can try again. This method still suffers from the lack of an independent, cryptographically-assured data path.
• Machine-marked and optically scanned ballots: Ballot-marking devices can virtually eliminate ambiguously marked ballots, and the scanner can reject the few exceptions (e.g., a ballot that is defaced by the voter before inserting it in the scanner). Existing ballot-marking devices transmit the actual vote data via bar codes that cannot be verified by the voter. This method also suffers from the lack of an independent, cryptographically-assured data path.
• None of the methods above permit an individual to directly confirm that her ballot was correctly counted, and that the official totals truly represent the sum of all ballots cast.
This paper describes a secure ballot-marking and vote counting system. The system provides voter- verified paper records; PKI-based authentication of each step of the voting process; and the ability for anyone to verify that her vote was counted and to confirm the accuracy of the total vote. The system uses only commonly available technologies, and in most cases it allows use of off-the-shelf implementations of those technologies. It uses FIPS-standard cryptographic algorithms that have a number of commercial as well as free-and-open-source implementations. Every hardware component of the system contains a Trusted Platform Module (TPM), but nearly all PC and notebook manufacturers offer TPM-equipped models. The system uses optical character recognition (OCR) in lieu of barcodes for all paper-transmitted data. In addition to commercial OCR products, high quality, free-and-open-source OCR software is available. The system does include a combination scanner/printer device that might not be available off-the-shelf, although it has a precedent in current ballot marking devices. These off-the-
Cryptographically Secure Paper Voting With Public Audits