"I examine the question of how to design election-related software, with particular
attention to the threat of insider attacks, and propose the goal of simplifying the software
in electronic voting machines. I apply a technique called
prerendering
to reduce the
security-critical, voting-specific software by a factor of 10 to 100 while supporting similar
or better usability and accessibility, compared to today’s voting machines. Smaller and
simpler software generally contributes to easier verification and higher confidence.
"I demonstrate and validate the prerendering approach by presenting Pvote, a
vote-entry program that allows a high degree of freedom in the design of the user
interface and supports synchronized audio and video, touchscreen input, and input
devices for people with disabilities. Despite all its capabilities, Pvote is just 460 lines of
Python code; thus, it directly addresses the conflict between flexibility and reliability that
underlies much of the current controversy over electronic voting. A security review of
Pvote found no bugs in the Pvote code and yielded lessons on the practice of adversarial
code review. The analysis and design methods I used, including the prerendering
technique, are also applicable to other high-assurance software."
"I examine the question of how to design election-related software, with particular attention to the threat of insider attacks, and propose the goal of simplifying the software in electronic voting machines. I apply a technique called prerendering to reduce the security-critical, voting-specific software by a factor of 10 to 100 while supporting similar or better usability and accessibility, compared to today’s voting machines. Smaller and simpler software generally contributes to easier verification and higher confidence.
"I demonstrate and validate the prerendering approach by presenting Pvote, a vote-entry program that allows a high degree of freedom in the design of the user interface and supports synchronized audio and video, touchscreen input, and input devices for people with disabilities. Despite all its capabilities, Pvote is just 460 lines of Python code; thus, it directly addresses the conflict between flexibility and reliability that underlies much of the current controversy over electronic voting. A security review of Pvote found no bugs in the Pvote code and yielded lessons on the practice of adversarial code review. The analysis and design methods I used, including the prerendering technique, are also applicable to other high-assurance software."
(No, it doesn't solve all of your problem.)