Election Security is Harder Than You Think

bluejeans.com/251198564

ABSTRACT: Recent years have seen the rise of nation-state interference in elections across the globe, making the ever-present need for more secure elections all the more dire. While certain common-sense approaches have been a typical response in the past, e.g. “don’t connect voting machines to the Internet” and “use a voting system with a paper trail’’, known-good solutions to improving election security have languished in relative obscurity for decades.These techniques are only now finally being implemented at scale, and that implementation has brought the intricacies of sophisticated approaches to election security into full relief.

This dissertation argues that while approaches to improve election security like paper ballots and post-election audits seem straightforward, in reality there are significant practical barriers to sufficient implementation. Overcoming these barriers is a necessary condition for an election to be secure, and while doing so is possible, it requires significant refinement ofexisting techniques. In order to better understand the idiosyncracies of using voter-verified paper and post-election audits, as well as how that use can achieve various properties of secure elections, I first develop what it means for an election to be secure. I then delve into experimental results regarding voter-verified paper, discussing the challenges presented by paper ballots as well as some strategies to improve the security they can deliver. I examine the post-election audit ecosystem, develop a robust model for estimating the resource costs of audits, provide a data-driven exploration of which audits are best suited to which situations, and propose a manifest improvement to audit workload analysis through parallelization. Finally, I show that even when all of these conditions are met (as in a vote-by-mail scenario), there are still wrinkles that must be addressed for an election to be truly secure.