Skip to main content
SpringerLink
Log in
Book cover

International Conference on Financial Cryptography and Data Security

FC 2010: Financial Cryptography and Data Security pp 312–319Cite as

Designing for Audit: A Voting Machine with a Tiny TCB

(Short Paper)

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6052))

Abstract

Thoroughly auditing voting machine software has proved to be difficult, and even efforts to reduce its complexity have relied on significant amounts of external code. We design and implement a device that allows a voter to confirm and cast her vote while trusting only 1,034 lines of ARM assembly. The system, which we develop from scratch, supports visually (and hearing) impaired voters and ensures the privacy of the voter as well as the integrity of the tally under some common assumptions. We employ several techniques to increase the readability of our code and make it easier to audit.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Blaze, M., Cordero, A., Engle, S., Karlof, C., Sastry, N., Sherr, M., Stegers, T., Yee, K.-P.: Source code review of the Sequoia voting system. Technical report, California Secretary of State (July 2007)

    Google Scholar 

  2. Blum, L., Blum, M., Shub, M.: Comparison of two pseudo-random number generators. In: CRYPTO 1982: Advances in Cryptology (1982)

    Google Scholar 

  3. Bruck, S., Jefferson, D., Rivest, R.L.: A modular voting architecture (“Frogs”). In: WOTE 2001: Workshop on Trustworthy Elections (2001)

    Google Scholar 

  4. Calandrino, J.A., Feldman, A.J., Halderman, J.A., Wagner, D., Yu, H., Zeller, W.P.: Source code review of the Diebold voting system. Technical report, California Secretary of State (July 2007)

    Google Scholar 

  5. Eastlake, D.E., Crocker, S.D., Schiller, J.I.: RFC1750 - randomness recommendations for security, http://www.faqs.org/rfcs/rfc1750.html

  6. ElGamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 10–18. Springer, Heidelberg (1985)

    Chapter  Google Scholar 

  7. Gardner, R.W., Garera, S., Rubin, A.D.: Designing for audit: A voting machine with a tiny TCB (full version) (2009), http://cs.jhu.edu/~ryan/min_tcb_voting/

  8. Hall, J.L.: Transparency and access to source code in electronic voting. In: EVT 2006: USENIX/ACCURATE Electronic Voting Technology Workshop (2006)

    Google Scholar 

  9. Gibson, J.J.K.: Discrete logarithm hash function that is collision free and one way. In: IET Computers and Digital Techniques, vol. 138(6) (November 1991)

    Google Scholar 

  10. Kohno, T., Stubblefield, A., Rubin, A.D., Wallach, D.S.: Analysis of an electronic voting system. In: IEEE Symposium on Security and Privacy (2004)

    Google Scholar 

  11. Rukhin, A., Soto, J., Nechvatal, J., Smid, M., Barker, E., Leigh, S., Levenson, M., Vangel, M., Banks, D., Heckert, A., Dray, J., Vo, S.: A statistical test suite for the validation of random number generators and pseudo random number generators for cryptographic applications. In: NIST Special Publication 800-22 (2001)

    Google Scholar 

  12. Saraswat, V.: Java is not type-safe. Technical report, AT&T Research (August 1997)

    Google Scholar 

  13. Sastry, N., Kohno, T., Wagner, D.: Designing voting machines for verification. In: USENIX Security Symposium (2006)

    Google Scholar 

  14. Schnorr, C.P.: Efficient identification and signatures for smart cards. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 239–252. Springer, Heidelberg (1990)

    Google Scholar 

  15. Senderek, R.: A discrete logarithm hash function for RSA signatures, http://senderek.com/SDLH/discrete-logarithm-hash-for-RSA-signatures.ps

  16. Stein, R.M., Vonnahme, G., Byrne, M., Wallach, D.: Voting technology, election administration, and voter performance. Election Law Journal: Rules, Politics and Policy 7(2) (June 2008)

    Google Scholar 

  17. Thompson, K.: Reflections on trusting trust. Communications of the ACM 27(8) (1984)

    Google Scholar 

  18. von Neumann, J.: Various techniques used in connection with random digits. National Bureau of Standards Applied Mathematics Series, vol. 12 (1951)

    Google Scholar 

  19. Yee, K.-P.: Extending prerendered-interface voting software to support accessibility and other ballot features. In: EVT 2007: USENIX/ACCURATE Electronic Voting Technology Workshop (2007)

    Google Scholar 

  20. Yee, K.-P., Wagner, D., Hearst, M., Bellovin, S.M.: Prerendered user interfaces for higher-assurance electronic voting. In: EVT 2006: USENIX/ACCURATE Electronic Voting Technology Workshop (2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Johns Hopkins University, Baltimore, MD, 21218, USA

    Ryan W. Gardner, Sujata Garera & Aviel D. Rubin

Authors
  1. Ryan W. Gardner
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sujata Garera
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Aviel D. Rubin
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Computer Science Department, Stony Brook, Stony Brook University, 11794, NY, USA

    Radu Sion

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Gardner, R.W., Garera, S., Rubin, A.D. (2010). Designing for Audit: A Voting Machine with a Tiny TCB . In: Sion, R. (eds) Financial Cryptography and Data Security. FC 2010. Lecture Notes in Computer Science, vol 6052. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-14577-3_24

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-14577-3_24

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-14576-6

  • Online ISBN: 978-3-642-14577-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation