VHTi Data Demonstration

November 2004 ©1996-2004 VoteHere, Inc. All rights reserved.

VHTi Data DemonstrationAndrew BergDirector, Engineering

Agenda

What is VHTi and why is it important

How does VHTi fit into an election

Show the detailed steps of VHTi in an election and the data flow of VHTi

This is not a detail look at the math behind VHTi

Protection vs. Detection

The worst election nightmare is undetected fraud.

Protection alone is just half the solution

No way today to prove election integrity end-to-end. Standard security tweaks are an arms race versus hackers (real or

theoretical). Insiders may always be suspect.

Detection is also needed

Provide indisputable proof of election integrity. Raise alarms when mistakes or intrusions occur. Open the process fully to public scrutiny.

VHTi provides DetectionVHTi proves election results are valid end-to-end. VHTi is voter-verified audit technology that works inside any electronic voting machine (DRE) and provides two things:

Voter Confidence

Private Voter-Verified Receipt

Results Confidence

Election Transcript for Independent Audit

Receipts are verified against independently

audited results

VHTi proves your vote was counted properly

Voter Confidence Results Confidence

Voter Intent

Voted Ballot

Plain Text

Ballots

Raw Ballots

Matches Voter Intent

Without VHTi, voting machines can alter ballots, destroying voter intent. VHTi provides mechanisms to audit the voting machines to ensure that voter intent is preserved.

Roles with VHTi

Election Official Sign documents Organize Tabulation Authorities Publish data for Observer review

Tabulation Authority Decrypt ballots in a way that preserves privacy

Voter Vote, and confirm receipt is properly printed After election, compare receipt against Verification Statement

Observer Verify all protocol data relationships in published Election Transcript Could be anyone

Data Demo General Assumptions

In order to illustrate VHTi data, this demonstration uses a simple single precinct election.

1 Precinct

1 Voting Machine

5 Voters

1 Ballot Style

1 Question

3 Tabulation Authorities

2 Tabulation Authorities needed to tabulate

Data Demo High-Level Steps

The steps can be split into 4 high-level categories

Configure Voting Tabulate Verify

Configure Election

Create LEO Key Pairs

Define Election

Parameters

Setup Tabulation Authorities

Create & Sign Blank

Ballots

Prep Voting

Machines

Publish Pre-

Election Data

Voting Tabulate Verify

Configure

Step 1 - Configure Election

First the Election Official will define the basic election configuration.

For this demonstration, we use:

Election: 1960 Presidential Election

County: Cook County IL

Precinct Name: Lincoln Park High School

Precinct Number: 123

Step 2 Create Election Official Key Pairs

Next the Election Official creates their private / public key pair, used to sign documents. These digital credentials will provide proof of authenticity of documents.

Election Official Private Key (kept secret)

Election Official Public Key (published)

This key pair could be replaced with x.509 if desired.

Configure Election


Define Election

Parameters


Create & Sign Blank

Ballots

Prep Voting

Machines

Publish Pre-

Election Data


Configure

Step 2 - Election Official Key Pairs Data

Election Official Public Key

Election Official Private Key

Configure Election


Define Election

Parameters


Create & Sign Blank

Ballots

Prep Voting

Machines

Publish Pre-

Election Data


Configure

Step 3 - Define Election Parameters

The Election Official will determine the number of Tabulation Authorities who will be participating in the election.

For purposes of this demonstration, a total of three Tabulation Authorities will participate. Of those three, two will be required to complete to tabulate after the election.

N=3

T=2

It is important to have more than 1 Tabulation Authority required to tabulate. That way in order to defraud the election the Tabulation Authorities would have to collude. It is not necessary to have the total number of Tabulation Authorities required to tabulate, incase something happens to one of the Tabulation Authorities.

Configure Election


Define Election

Parameters


Create & Sign Blank

Ballots

Prep Voting

Machines

Publish Pre-

Election Data


Configure

Step 4 - Set up Tabulation Authorities

The Tabulation Authorities need to establish their own key pairs. Additionally, they will meet to complete a step in which they produce the election public key.

Election Public Key

Tabulation Authority Secret Shares (Election Private Key)

The Tabulation Authority Secret Shares have to be kept secret by each Tabulation Authority.

Configure Election


Define Election

Parameters


Create & Sign Blank

Ballots

Prep Voting

Machines

Publish Pre-

Election Data


Configure

Step 4 - Tabulation Authority DataElection Public Key & Support Data

Configure Election


Define Election

Parameters


Create & Sign Blank

Ballots

Prep Voting

Machines

Publish Pre-

Election Data


Configure

Step 4 - Tabulation Authority Data

Tabulation Authority Secret Share (Private)

Configure Election


Define Election

Parameters


Create & Sign Blank

Ballots

Prep Voting

Machines

Publish Pre-

Election Data


Configure

Step 5 - Create and Sign Blank Ballot Styles

Once the Election Official has created and approved the basic ballot styles, the ballot data can be imported into the VHTi system.

Election November 1960 General Election

County Cook County, Illinois

Precinct Lincoln Park High School Precinct Number 123

VHTi Ballot Skeleton

VHTi Blank Ballot

VHTi Signed Blank Ballot

Configure Election


Define Election

Parameters


Create & Sign Blank

Ballots

Prep Voting

Machines

Publish Pre-

Election Data


Configure

Contest President & Vice-President of the United States

Instructions Vote for One

John Fitzgerald Kennedy & Lyndon Baines Johnson Democrat

Richard Milhous Nixon & Henry Cabot Lodge Republican

Step 5 – Ballot Data

Ballot Skeleton Data

Configure Election


Define Election

Parameters


Create & Sign Blank

Ballots

Prep Voting

Machines

Publish Pre-

Election Data


Configure

Step 5 – Ballot DataBlank Ballot

The Signed Blank Ballot is the Blank Ballot plus the Election Official public signature

Configure Election


Define Election

Parameters


Create & Sign Blank

Ballots

Prep Voting

Machines

Publish Pre-

Election Data


Configure

Step 6 – Voting Machine Preparation

Once the ballot data has been formatted for VHTi, the ballot data must be loaded onto the Voting Machines. Additionally, the Voting Machine will be configured with a Private Key / Public Key pair which will enable the Voting Machine to sign the ballots, thereby authenticating the legitimacy of the data.

Voting Machine Private Key

Voting Machine Public Key

Signed Blank Ballot

This is in addition to the standard voting machine data being loaded to run the election.

Configure Election


Define Election

Parameters


Create & Sign Blank

Ballots

Prep Voting

Machines

Publish Pre-

Election Data


Configure

Step 6 – Voting Machine Data


Voting Machine Private Key

Configure Election


Define Election

Parameters


Create & Sign Blank

Ballots

Prep Voting

Machines

Publish Pre-

Election Data


Configure

Step 7 - Publish Pre-Election Data

Prior to the election, the Election Official will publish data for review by any interested observer. This information is made publicly available as a key part of the VHTi protocol, and is key to the transparency of the election.

Election Official Public Key


Blank Ballot

Configure Election


Define Election

Parameters


Create & Sign Blank

Ballots

Prep Voting

Machines

Publish Pre-

Election Data


Configure

The Blank Ballot would be signed before being published.


Step 8 – Election Day Voting5 voters complete ballots, 3 vote for Kennedy, and 2 vote for Nixon. This is a sample of one ballot, which will be used for the data sample.

Election November 1960 General Election

County Cook County, Illinois

Precinct Lincoln Park High School Precinct Number 123

Contest President & Vice-President of the United States

Instructions Vote for One

John Fitzgerald Kennedy & Lyndon Baines Johnson Democrat

Richard Milhous Nixon & Henry Cabot Lodge Republican


Step 8 – Election Day VotingData that is used internally by the Voting Machine

VHTi Clear Text Ballot Data Marked Ballot

Data that comes out of the Voting Machine VHTi Signed Receipt Data VHTi Printed Receipt Text Signed Voted Ballot

Step 8 – Voting Data

Clear Text Ballot Data


Blank Ballot Data

Step 8 – Voting DataMarked Ballot Data



Signed Receipt Data



Printed Receipt Text


Step 8 – Voting DataSigned Voted Ballot


Begin Tabulation Prep


Signed Ballot Box

Raw Ballot Box In

Extract Raw

Ballots Raw Ballot Box Out/In

Shuffle

Shuffle Proof

Raw Ballot Box Out

Shuffle

Shuffle Proof

Partially Decrypted

Ballots

Partially Decrypted

Ballots

PartialDecrypt

Plain Text Ballots

Combine Partial

Decrypts

Election Results

Tabulate

Election Transcript

Tabulation Authority’s

Secret Share

T

T T

T T

T

T

T = Included in Election Transcript

VHTi Process Standard Election Process

Prep for Shuffle & Decrypt

Shuffle Combine

Partial Decrypts

Tabulate Results

Assemble Transcript

Partial DecryptConfigure Voting Verify

Tabulate

Step 9 – Collect Data from Voting Machines

After the polls close, the results are collected from the voting machines.

Signed Ballot Box as it comes from voting machines Signed Voted Ballots

Very large data set Voter Verifiable (with a receipt) Has BSN and can be tracked by a voter

Extract Raw Ballot Box Raw Ballot Box

Many times smaller Still countable No BSN, voter cannot track

Step 9 – Raw Election DataSigned Voted Ballot Data

Raw Voted Ballot Data


Shuffle Combine

Partial Decrypts

Tabulate Results

Assemble Transcript


Tabulate

Step 10 - Shuffle

The Tabulation Authorities 0 and 2 will participate in the VHTi tabulation process. Tabulation Authority 1 was not involved.


Shuffle Combine

Partial Decrypts

Tabulate Results

Assemble Transcript


Tabulate

Step 10 - ShuffleThe Tabulation Authorities shuffle (mix) the ballot box to make it impossible to link the votes back to the ballot sequence numbers. This protects the privacy of the voters.

Tabulation Authority 0 Raw Ballot Box In Raw Ballot Box Out Shuffle Proof

Tabulation Authority 2 Raw Ballot Box In Raw Ballot Box Out Shuffle Proof

The Raw Ballot Box In for Tabulation Authority 2 is the same as the Raw Ballot Box Out for Tabulation Authority 0.


Shuffle Combine

Partial Decrypts

Tabulate Results

Assemble Transcript


Tabulate

Raw Ballot Box In

Raw Ballot Box Out/In

Shuffle

Shuffle Proof

Raw Ballot Box Out

Shuffle

Shuffle Proof

T T

T T

Step 10 – Tabulation Authority 0 Shuffle DataRaw Ballot Box In Data Raw Ballot Box Out Data


Shuffle Combine

Partial Decrypts

Tabulate Results

Assemble Transcript


Tabulate

Step 10 – Tabulation Authority 0 Shuffle DataShuffle Proof


Shuffle Combine

Partial Decrypts

Tabulate Results

Assemble Transcript


Tabulate

Step 10 – Tabulation Authority 2 Shuffle DataRaw Ballot Box In Data Raw Ballot Box Out Data


Shuffle Combine

Partial Decrypts

Tabulate Results

Assemble Transcript


Tabulate

Step 10 – Tabulation Authority 2 Shuffle DataShuffle Proof


Shuffle Combine

Partial Decrypts

Tabulate Results

Assemble Transcript


Tabulate

Step 11 - Partial Decrypt

Once the ballots are anonymous, it is safe to decrypt and count them. Each authority partially decrypts the shuffled ballots.

Tabulation Authority 0 Partial Decrypt

Tabulation Authority 2 Partial Decrypt


Shuffle Combine

Partial Decrypts

Tabulate Results

Assemble Transcript


Tabulate

Raw Ballot Box

Partially Decrypted

Ballots

Partially Decrypted

Ballots

PartialDecrypt

Plain Text Ballots

Combine Partial

Decrypts

Tabulation Authority’s

Secret Share

T

T

T

Step 11 – Partial Decrypt DataPartial Decrypt from Tabulation Authority 0

Partial Decrypt from Tabulation Authority 2


Shuffle Combine

Partial Decrypts

Tabulate Results

Assemble Transcript


Tabulate

Step 12 - Combine Partial Decrypts

The Partial Decrypts from each of the Tabulation Authorities are combined to produce plain text anonymous ballots.

Plain Text Ballots Data


Shuffle Combine

Partial Decrypts

Tabulate Results

Assemble Transcript


Tabulate

Step 13 - Tabulate ResultsPlain Text Ballot Data Blank Ballot Data

Answer Reference Candidate Number of Votes

A0 John Fitzgerald Kennedy & Lyndon Baines Johnson 3

A1 Richard Milhous Nixon & Henry Cabot Lodge 2

Election Tally


Shuffle Combine

Partial Decrypts

Tabulate Results

Assemble Transcript


Tabulate

Step 14 - Assemble Transcript

The Transcript includes the intermediate data from the shuffle and decrypt process with accompanying mathematical proofs that the ballots were not tampered with.

Included in the Transcript Ballots from Voting Machines

Raw Ballot Box Out for Tabulation Authority 0

Raw Ballot Box Out for Tabulation Authority 2

Shuffle Proofs for Tabulation Authorities

Partial Decrypts from Tabulation Authorities


Shuffle Combine

Partial Decrypts

Tabulate Results

Assemble Transcript


Tabulate

Step 14 – Transcript Data

Election Transcript


Shuffle Combine

Partial Decrypts

Tabulate Results

Assemble Transcript


Tabulate

Step 15 - Check and Sign Transcript

After the Election Transcript has been assembled, the election official will check it for correctness and then sign it.

Signed Transcript Data

Check & Sign

Transcript

Create Verification Statement

Publish Data

Voters & Observers

Check DataConfigure Voting Tabulate

Verify

Step 16 - Create Verification StatementThe Election Official will use the receipt data to assemble the Verification Statement for publication. This will be used by voters to compare their receipt information, providing the voter proof that the voting machine cast their ballot as intended.

Receipt Data by BSN

Voted Ballot

Check & Sign

Transcript


Publish Data

Voters & Observers


Verify

Step 16 - Verification Statement DataReceipt Data by BSN

Check & Sign

Transcript


Publish Data

Voters & Observers


Verify

Step 16 - Verification Statement DataVoted Ballot

Check & Sign

Transcript


Publish Data

Voters & Observers


Verify

Verification Statement is created from this data.

Step 17 – Publish Data

The Election Official will publish the verification statement and transcript for review by independent observers. With this information, voters can be sure that their vote was properly delivered by the voting machine, and observers can check that all data was properly counted and tabulated.

Election Results

Transcript

Verification Statement

Various Public Keys (published in Step 7)

List of precincts and the number of voters who voted at each

Check & Sign

Transcript


Publish Data

Voters & Observers


Verify

Step 17 – Publish DataElection Tally

Transcript Data

Answer Reference Candidate Number of Votes

A0 John Fitzgerald Kennedy & Lyndon Baines Johnson 3

A1 Richard Milhous Nixon & Henry Cabot Lodge 2

Check & Sign

Transcript


Publish Data

Voters & Observers


Verify

Step 17 – Publish DataVerification Statement

Check & Sign

Transcript


Publish Data

Voters & Observers


Verify

Step 18 – Observers Check Transcript and Verification StatementObservers can download the Transcript and Verification Statement to confirm that all the ballots were properly counted and tabulated. They can check the Transcript using a Transcript checker created by any party they trust.

Independent audits of Election Transcript prove voter intent counted as shown on receipt

Check & Sign

Transcript


Publish Data

Voters & Observers


Verify

Step 19 – Voters Check Receipts

Voters check their receipt against the Verification Statement to confirm that the voting machine cast their vote correctly and counted properly.

Voter verifies that his receipt is in the election results, proving

his vote was counted properly

Check & Sign

Transcript


Publish Data

Voters & Observers


Verify

VHTi proves your vote was counted properly

Voter Confidence Results Confidence

Voter Intent

Voted Ballot

Plain Text

Ballots

Raw Ballots

Matches Voter Intent

Resources

Data from the Demo

www.votehere.com/

Documents & Papers

www.votehere.com/documents.html

Reference Source Code Implementation

www.votehere.com/downloads.html

VHTi Data Demonstration

Documents

Transcript of VHTi Data Demonstration