Re: Help with Computer-as-Ballot-Marking-Device Threat Analysis

From: Arthur Keller <voting_at_kellers_dot_org>
Date: Thu Jun 16 2005 - 00:37:40 CDT

See the Security paper on http://www-db.stanford.edu/pub/keller and
click on voting

Best regards,
Arthur

At 5:06 PM -0400 6/15/05, laird popkin wrote:
>A friend working at the Brennan Center (i.e. Good Guys) is working on
>compiling a threat analysis of various voting systems, including
>Computer-as-Ballot-Marking-Device (i.e. OVC's approach). It would be
>great if we could help them out on this front. It's a great thing to
>help people make informed decisions about voting systems, and of
>course the more people know about OVC and our approach, the better.
>-----
>Hi Laird,
>
>Eric and Annie (Brennan Center) here. Could you please post on relevant
>listservs for us, especially OVC lists, so we can find someone to help
>us with the threat analysis. Thanks for your help,
>
>Annie
>-----
>The Brennan Center is currently engaged in a Voting Technology
>Assessment Project, culminating in a published report, which will aim to
>evaluate the technologies available in 2006 along three main measures:
>security, accessibility, and cost effectiveness. The intended audience
>of the report will be elections officials, legislators, advocates,
>vendors, and the general public. The Brennan Center's work is likely to
>also be used to advise such organizations as NIST and the Election
>Assistance Commission.
>
>On the security front, we have been developing "attack catalogs" that
>list the possible intentional interferences associated with each voting
>system. We have drafted catalogs for DRE, DRE v/ VVPT, and PCOS
>(Precinct-Count-Optical-Scan). For each attack, we have attempted to
>quantify the threat-by measuring "cost" of the attack (in terms of the
>number of attackers needed, for example), likelihood, and possible
>countermeasures-a quantification that will be vetted and refined as the
>Project progresses. Generally our perspective is that the strength of
>the technology should be determined by the difficulty of the least
>difficult attack. As such, getting the attack catalogs correct is
>critical to our efforts.
>
>We are in need of assistance in identifying possible attacks of a
>Computer-as-Ballot-Marking-Device (BMD) system from someone who is
>familiar with its strengths and weaknesses. We have some important
>deliverables on the 28th and would like to have added a first draft
>attack catalog for BMD by then. Even if you only have time to spend a
>few hours with us on the phone, that could be key to our success.
>
>Thanks very much for your interest. Please reply to annie.lai@nyu.edu.
>
>_______________________________________________
>OVC discuss mailing lists
>Send requests to subscribe or unsubscribe to arthur@openvotingconsortium.org

-- 
-------------------------------------------------------------------------------
Arthur M. Keller, Ph.D., 3881 Corina Way, Palo Alto, CA  94303-4507
tel +1(650)424-0202, fax +1(650)424-0424
_______________________________________________
OVC discuss mailing lists
Send requests to subscribe or unsubscribe to arthur@openvotingconsortium.org
==================================================================
= The content of this message, with the exception of any external 
= quotations under fair use, are released to the Public Domain    
==================================================================
Received on Thu Jun 30 23:17:08 2005

This archive was generated by hypermail 2.1.8 : Thu Jun 30 2005 - 23:17:11 CDT