|

 
|
| | Name : | Jordi Puiggali | Organization : | Scytl Secure Electronic Voting | Post Date : | 9/9/2005 |
| Section : | 6.8 | Page no. : | | Line no.: | | Comment : | Enhancing VVPAT solutions with security and accessibility
A number of partial solutions have been proposed to mitigate some of the drawbacks of
VVPAT solutions previously described. In particular, the issue of the vulnerability of the
paper ballots has drawn significant attention. As explained in the previous section, plain
paper ballots can be easily manipulated, which can lead to serious problems affecting
the election results and the credibility of VVPAT as a reliable voter-verifiability solution.
To overcome this vulnerability, some experts propose to have the DRE digitally sign
the paper records that are printed in order to guarantee their authenticity and prevent
the addition of bogus ballots or the alteration of valid ballots. However, this solution
introduces a new risk, as the DRE could accidentally or voluntarily generate an
incorrect digital signature to invalidate votes. The voter, when verifying the printed
paper record, would not be able to realize that it has an invalid digital signature (it
usually has the form of a bar code). This would enable the possibility of a selective
attack by invalidating votes only for a particular candidate. In addition, digitally signing
the paper ballots does not solve most of the other problems of VVPAT solutions since
(i) it is still possible to eliminate valid votes (e.g., by physically eliminating the paper
record) because of the lack of an accurate recovery mechanism, (ii) election authorities
do not have accurate mechanisms to determine the correct results in case of
discrepancies between the results of the DRE and the count of the paper records, and
(iii) the verification system is still not accessible for blind and visually impaired voters.
In summary, the obvious solution of digitally signing (by the DRE) the voter-verified
http://www.scytl.com
paper ballots does not effectively address the current limitations of VVPAT solutions.
Other, more elaborated, technical enhancements are needed. | |
|
|