Research Project in Software Systems and Security

Spring 2006

Electronic Voting Project


Course Staff and office hours.
Lectures: Monday, 4:15 - 5:15, Gates 100
     Students are also required to attend the first three weeks of CS155:    Tue,Thu 1:15-2:30, Gates B01
Important References and Links
Project wiki (partially restricted)

Course Description

This year, our CS294S project will be on electronic voting, which is a topic of burning controversy right now in the U.S. and elsewhere.

Voting is an interesting and challenging application from a computer security perspective, because of the conflicting goals of verifiable accuracy and ballot secrecy. It is easy to check whether your bank deposit was recorded properly -- just check your bank statement. But, if we could do that with voting, voters could be intimidated by people who could find out how they voted. Voters are not even supposed to be able to prove how they voted to a third party, even voluntarily, to prevent vote-buying.

Students in this class will design and build a more-or-less complete voting system, including the server that prepares ballots, tallies results, and generates reports, the system that authorizes individual voters to vote, and the voting terminals that display the votes and record them in the voting booth. Several real-world issues will be addressed: New federal requirements for voting systems, high reliability requirements, usability by people who are don't use the equipment much (including the poll workers who have to set them up), and accessibility by people with disabilities.

In addition, we will be explore a number of cutting-edge ideas that are not used in existing voting systems, such as the use of trusted computing standards to enhance security (instead of the usual application of digital rights management) and appropriate use of cryptography to protect electronic ballots from forgery.

The project will be divided into about modules. Students will sign up in small groups to do design, specify, implement, and test their modules, and then integrate, test, and demonstrate the complete system.

Last update: 20 Apr 2006 by Andrew Bortz