News, news analysis, and commentary on the latest trends in cybersecurity technology.
Open Source Tool Allows Voters to Verify Election Results
The ElectionGuard project allows anyone — voters, campaign staffers, and election officials — to cryptographically verify ballots, a promise that may bolster faith in election integrity.
September 4, 2024
Despite numerous assurances to the contrary, many people believe that elections are rigged and that votes are not being counted correctly. Voting-rights activists warn that changes to the election rules in several states could result in Election Day chaos. The good news? An open source project that creates a verifiable audit trail to reassure voters of the integrity of the overall election could soon ease their concerns.
The project, ElectionGuard, checks the integrity of the hardware and processes of each part of an election, allowing any participant — from voters to election administrators to interested third-party observers — to verify the ballots and final tally of in-person voting. ElectionGuard, which was once incorporated into current election hardware, would allow voters to not only confirm that their votes were cast correctly, but that they were counted.
Cryptographers and computer scientists from Microsoft and Rice University presented a paper on the project earlier this month at the USENIX Security Conference. The project has taken more than five years to develop and has already been used in some local smaller elections in the United States. However, ElectionGuard will not be deployed for use in the 2024 US presidential election, as officials typically do not like to roll out anything new prior to a major election, says Josh Benaloh, senior cryptographer at Microsoft and author of the USENIX paper.
"With current election systems — what is currently deployed — voters are asked to trust their election officials, the equipment that the election officials have chosen to use, [and] the equipment vendors," says Benaloh, who has over three decades of encryption experience. "There's a whole chain of trust that the voters have no choice over whatsoever, [and] it's even conceivable, in some cases, that voters have good reason not to trust some elements in that chain. With this technology, voters can choose who to trust."
Trust in elections is flagging these days, with rampant misinformation and disinformation campaigns sowing distrust, changes to the election rules, and loud claims of voter fraud (which are never proved true).
Make Elections Verifiable
Started by Microsoft in 2018, the ElectionGuard project aims to allow voters and election observers to verify the accuracy of the results of an election. The technology is a flexible set of encryption processes that can encrypt ballots and allow verification of the election tallies by the four roles involved in an election: the voters who cast ballots, the administrators who facilitate elections, the guardians who maintain the technological privacy of voting, and the verifiers who can use ElectionGuard records to check the integrity of the election.
The ElectionGuard system assumes that an election administrator will set up a broadcast channel to make all records produced by the system accessible to the public. The administrators also have to create an election manifesto that describes the election using unique labels, a limited number of voting options, and the ballot styles. The guardians — a small group of technical security and privacy experts — are responsible for generating a public key that will be used to create the encryption infrastructure to verify the election using ElectionGuard.
When a voter casts their ballot, the system encrypts their selections and creates a cryptographic confirmation code that is, in most cases, given to the voter. The verification checks allow any participant or observer in the election to confirm that their selections have been properly recorded — known as "cast-as-intended verifiability" — and allows them to confirm that every vote has been counted in the final tally, known as "tallied-as-cast verifiability."
"ElectionGuard's main objective is to make elections verifiable," the paper states. "When paired with an external list of people who voted, [ElectionGuard] enables full verifiability of the results by participants and observers."
Making Voting Like Banking
Giving voters the ability to verify their ballot has always been a hard problem for elections, where privacy is paramount and where the most significant factor affecting voter trust in an election is whether their candidate won. The chance that a technological solution will improve trust is slight.
Yet the effort remains important because the more that voters engage with election officials, the more trust in elections they generally have, says Tim Harper, senior policy analyst for democracy and elections at the Center for Democracy and Technology, a Washington, DC-based digital-rights advocacy group.
"There are things that individuals can do and that election officials can do to prove that elections are conducted in a safe, secure way, and those should be done," he says. "And to the question of whether or not this technology can increase trust in elections, I think that it definitely can't hurt."
Election officials need to bring the same level of interactions to elections that financial institutions have brought to banking to instill trust, Harper says. When an individual votes, they want to know that it was counted correctly, so having a technology that can do that helps.
"I think voters increasingly expect that the conveniences they experience in other secure areas of their life, like banking, are available to them," he says. "When it comes to voting, that's an expectation, and I think that it's on all of us — election officials, civil society, the media — to communicate that ... you are guaranteed, if you are an eligible voter, the right to vote."
Ironing Out the Details
ElectionGuard has already been used in limited elections, including votes in California, Idaho, Maryland, Utah, and Wisconsin. The technology has also been piloted internationally, verifying elections in a Paris suburb and an online election in an organization operating in Switzerland and Denmark.
Because so much of the software relies on complex calculations, there can be a high computational cost, so fast libraries are needed for ballot encryption and the generation of zero-knowledge proofs to ensure that usability is not impacted at the voting booth. The original Python software development kit (SDK) has been rewritten in Rust and Kotlin for use in ElectionGuard 2.0.
While Benaloh and his colleagues have figured out how to incorporate mail-in ballots and ranked choice voting — currently used in statewide elections in Maine, Alaska, and Hawaii — the SDK does not implement those approaches yet.
Benaloh is optimistic about what the technology could mean for elections.
"In my field, you [normally] write the paper first, ... but this is something we decided to build and deploy, and it took five years for us to be able to [do that]," he says. "I am hoping that next year will be a very good time for election officials to start adopting this more broadly. We've had trials, but they've all been fairly small, and we'd like to start scaling that up."
About the Author
You May Also Like
A Cyber Pros' Guide to Navigating Emerging Privacy Regulation
Dec 10, 2024Identifying the Cybersecurity Metrics that Actually Matter
Dec 11, 2024The Current State of AI Adoption in Cybersecurity, Including its Opportunities
Dec 12, 2024Cybersecurity Day: How to Automate Security Analytics with AI and ML
Dec 17, 2024The Dirt on ROT Data
Dec 18, 2024