E-Voting Isn't Perfect, But It Takes Less Work to Corrupt Big Elections

from the O(1) dept

Thad Hall, a political scientist at Caltech, complains that e-voting critics rarely make apples-to-apples comparisons between electronic and paper voting systems. They contend that if traditional paper voting systems were subjected to the same kind of close scrutiny that e-voting endures, security experts would find flaws—ballot tampering, ballot box stuffing, and so forth—at least as serious as the problems commonly identified in touch-screen voting machines. Rice computer scientist Dan Wallach responds by pointing to a new paper he's written proposing an elegant way to think about the security of voting systems. Computer scientists use "big-O" notation to describe the complexity of algorithms. He suggests a similar terminology to describe the effort required to compromise voting systems as a function of the size of the election. A security flaw that can be compromised with an effort proportional to the number of voters N is said to be a O(N) flaw. A flaw that can be exploited with an effort proportional to the number of polling places is an O(P) flaw. A flaw that can be exploited with a constant amount of effort, regardless of the number of voters, is an O(1) flaw.

The last kind of attack is the most dangerous because it's feasible for a small number of people—perhaps even a single individual—to do a lot of damage. The reason paper-based elections tend to be better than touch-screen elections isn't that the former don't have flaws. The difference is that attacks against paper-based voting systems are far more likely to be O(N) or O(P)—that is, you have to tamper with a lot of ballots or corrupt a lot of poll workers. In contrast, because they contain re-programmable computers at their hearts, touch-screen voting systems are far more susceptible to O(1) attacks such as a custom-developed virus or a corrupt employee at the e-voting vendor. Because they allow a single individual to do extensive damage, they're much more dangerous than other kinds of attacks, even if carrying them out takes relatively more skill or effort than other attacks with O(P) or O(N) cost. The reason to prefer paper-based voting to touch-screen voting isn't that paper voting is flawless, but that the attacks against them are labor-intensive enough that it's difficult to carry out large-scale attacks without getting caught.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community. Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis. While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: corruption, damages, dan wallach, e-voting, mistakes