Oakland University

Department of Computer Science

CSE 681 -- Information Security

 EVoting: Electronic Remote Elections 

 Voting, Feasibility, Implementation, Verification

David Foster, Laura Stapleton

dlfoste2@oakland.edu, lastaple@oakland.edu

Progress Report: Stage Two

The following is the second (modified) progress report on the Evoting Project. In this report you will find the intended audience a brief description of the proposed work, the outline for the research plan, list of valuable resources, and our overall status on the project. The overall status can be determined by breaking up the project into seven major milestones and discussing what is complete and what remains to be done in each category. The seven major checkpoints are as follows:

5.2 Research Plan 

Item

Dates

Responsibility

I

Project Introduction

  

 

II

Background research of current methodologies

 9/21-10/21

 team

III

Selection of one (or more) specific topics listed in Section 2: Possible Solutions

 10/3-10/10

 team

IV

Design/Simulation

 10/10-10/24

  team

V

Testing

 10/17-11/14

 team

VI

Generate Report

 11/14-11/21

 team

VII

Generate Presentation

 11/14-11/21

 team

 

Audience

Anyone who is interested in remote voting, current and future methods.

Description of the proposed work

The Evoting Team intends to identify and assess current voting methods, key contributors, and resources.  In the process of narrowing the focus of this project, we will evaluate the basic strengths and weaknesses of a few methods currently in use, along with new proposed methods.  What contributions are needed to reach a suitable level of security and user confidence in Electronic and Remote Voting comparable to one or more of the current methods.  Current topics include verification and paper trails, security, approved ballots.

Outline.  As of 03/19/2006 06:48 PM , the following is the outline for the project:

  1. Introduction 
  2. Background research of current methodologies
    1. Absentee Ballots
    2. In-Person
      1. Types of Ballots being used
      2. State Approved Vendors
    3. Remote Voting
  3. Narrowing the Search, Strengths & Weaknesses
    1. EVoting topics
      1. methods
      2. security and vulnerabilities
      3. verification
      4. storage
      5. education
    1. Assess Strength and Weakness
    2. Design or Evaluate
  1. Design/Simulation
    1. Bootable Disk - Modem
    2. Shelving and trays
  1. Testing
  2. Generate Report
  3. Generate Presentation

Additional and revisited resources. (also see the resources named on the main project page):

  1. Vote Here  Vote here, a division of Dategrity Corp, offers Independent audit solutions for validation and verification of election results.  Vote Here touts an auditable tracking system for absentee ballots.  They offer downloads of their source code, not yet verified.  "Error: Language string failed to load: connect_host".  They claim you can have "confidence" , "VoteHere Proves every vote counted."  VoteHere offers a plethora of resources.
  2. HP and Scytle A global agreement for the development of electronic voting systems.
  3. Research on Voting Systems and Ballot Design Usability Professionals' Association, promoting usability concepts and techniques worldwide.  An mid-scale organized list of ballot design, internet voting, voting systems, voting system vendors, and research centers.

I. Introduction

Voting accuracy has been a debatable topic since the dawn of voting.  With the advent of electronic communication, and recent concerns regarding the validity of voting results come the pros and cons of electronic voting.  Many public and private entities are taking interest in locating and evaluating current and future methods for making every vote count.  The State of Michigan oversees current approved vendors for voting throughout the counties of Michigan .   The Michigan Department of State offers a  basic tutorial, The Citizens Guide to Voting Additional Details can be found in their Elections in Michigan links.

II. Background and Research in Current Methodologies

  1. Physical Ballots

1.       AIS, Optech, EES and Accuvote optical scan voting systems. With optical scan, voters mark their ballots by filling in ovals or connecting the halves of an arrow next to their choices.

2.       Punch card. To vote a punch card ballot, the voter punches out small rectangles ("chads") in a paging device which lists the candidates’ names. After voting, the voter gives the ballot to an election worker who deposits it in a ballot container. If a jurisdiction uses the PBC-2100 punch card voting system, the voter deposits the ballot in a tabulator stationed in the precinct.

3.       Unilect (touch-screen) and Micro Vote (touch-button) electronic voting systems. With these systems, voters touch a computer screen or push buttons to indicate their choices.

4.       Mechanical lever machines. To vote using a mechanical lever machine, the voter pushes down levers to indicate his or her choices.

5.       Paper ballot.

  1. Electronic Remote Ballots, and Trackable Audit Systems

1.       Scytl Secure Electronic Voting (Pynx), VoteHere Mail-in Ballot Tracker, EVOX electronic voting, used in MIT campus-wide student elections (1999)

2.       Touch Tone Telephone

3.       Modem.

4.       Network (via Internet).

 

  1. Work in progress (leading to item III). Assess and compare the current solutions, they're relevant shelf life, who is still active, and what solutions have fell by the wayside, and why. 

III. Narrowing the Search, Evaluating the Strengths and Weaknesses

This phase of the project proves the most difficult and more needs to be done. 

  1. In progress.  
    1. Compare our proposed system to traditional in-person voting systems and absentee ballot systems.
    2. We've narrowed our topic to identifying and eliminating security threats. We have selected a method of nullifying security problems in installed OSes (by using a boot CD and ignoring the hard drives) and "completely prevented" viruses from vote tampering, although DoS attacks are still possible against voting computers (disabling booting by affecting the BIOS). We observe the need for a system that makes DoS attacks detectable, and early enough for
      measures to be taken. However, we have not yet identified any code, protocols, algorithms, or authentication schemes.
    3. Brief evaluation/comparison of electronic and trackable solutions offered in item #2.

IV. Design/Simulation

  1. In progress.
  1. A specification with a few samples for proof of concept.
  2. A bootable CD with network/modem support, to implement a system based on concepts including VoteHere, EVOX, and Pynx electronic voting systems.
  3. The boot CD functions, so small proof of concept exists.
  4. Sample voting systems have been selected and a rough version of our proposed system exists.
  5. The project report has been outlined, and several sections have been completed.

V. Testing/Verification

  1. In progress.

With the scope of the project reduced to a proposal for a remote electronic voting system, more time will be allotted to researching proven existing systems  and incorporating their strengths in a theoretical design instead of fabricating one from scratch.

Overall Appraisal

The project has come together nicely though we do admit we may be unable to deliver a finished, fully functional wide-scale secure remote system by the November 14, 2005 deadline. 

We do hope however, to attain a working sample and proof of concept along with a detail theoretical model of a secure system.

03/19/2006 06:48:47 PM                                                                         Back to EVoting Home Page