Cryptographic Protocols for Electronic Voting
After some preliminary research into the subject of electronic voting [BARL2003], it became apparent that there may be reason to mistrust current electronic voting systems. Further, as I studied a variety of voting systems, I realized I had little confidence that any of them (even paper ballots) would be guaranteed to produce a perfectly accurate tally.
In my previous paper [BARL2003], I suggested the following definition: "An accurate voting system counts all valid votes with minimal processing error such that the intent of eligible voters is reflected in the final tally."
I believe it is important for a voting system to (a) minimize error, (b) count all valid votes, and (c) preserve the intent of eligible voters in the final tally. At least in theory, I believe that today's electronic voting systems are capable of counting votes with minimal processing error. Assuming that all parties involved in the process of creating an electronic voting machine perform ethically, and that enough time, money, and effort is expended to do the job correctly, it should be possible to create a system that processes each entry that was received by the system. However, even making those assumptions, it is not quite that simple. There may be many reasons that a valid entry is not received by the system. For example, voters may be confused by the systems and may not enter their selections into the machine they way they intended. The system may "crash" before reporting its results. An eligible voter may be denied access to voting machines during the election interval.
As far as I have been able to determine, the process for deciding the validity of a vote is subject to interpretation by human beings. Election officials are responsible for checking the voter's credentials and allowing them access to the voting machines if their credentials appear to be valid. An effort is made to protect the voting machines using physical security techniques such as locking mechanisms and guards. I will assume for the moment that the physical security cannot be breached, that election officials perform ethically, and that it is possible for election officials to determine quickly and easily whether an individual is eligible to vote based on credentials. Thus, my concern becomes how to demonstrate that a vote is valid once it is cast and the voter walks away from the polling location. In other words, the vote-counter needs a way to determine whether a cast vote is valid.
Let's say that a vote is valid if (a) the ballot was cast by an eligible voter, (b) the eligible voter did not vote more than once in the current election, and (c) the ballot was not altered in transit, between the realm of the voter and the realm of the vote-counter. Thus, the authenticity and integrity of the ballot are important in determining whether a vote is valid.
All this considered, I believe it is most important that the...