Source author record

J. Alex Halderman

J. Alex Halderman appears in the imported research catalog. Authorship, coauthor and topic links are available while profile ownership is still unclaimed.

ResearcherUnclaimed source record

Cryptography and Security cs.CY

Catalog footprint

What is connected

3works

2topics

4close collaborators

Actions

Connect this record

Open graph Browse works

Inspect adjacent papers, topics, institutions and collaborators without losing the researcher page.

Building this map preview

BZPEER is loading the nearby papers, people, topics and institutions for this page.

preprint2022arXiv

Logic and Accuracy Testing: A Fifty-State Review

Pre-election logic and accuracy (L&A) testing is a process in which election officials validate the behavior of voting equipment by casting a known set of test ballots and confirming the expected results. Ideally, such testing can serve to detect certain forms of human error or fraud and help bolster voter confidence. We present the first detailed analysis of L&A testing practices across the United States. We find that while all states require L&A testing before every election, their implementations vary dramatically in scope, transparency, and rigorousness. We summarize each state's requirements and score them according to uniform criteria. We also highlight best practices and flag opportunities for improvement, in hopes of encouraging broader adoption of more effective L&A processes.

preprint2022arXiv

RemoteVote and SAFE Vote: Towards Usable End-to-End Verification for Vote-by-Mail

Postal voting is growing rapidly in the U.S., with 43% of voters casting ballots by mail in 2020, yet until recently there has been little research about extending the protections of end-to-end verifiable (E2E-V) election schemes to vote-by-mail contexts. The first - and to date, only - framework to focus on this setting is STROBE, which has important usability limitations. In this work, we present two approaches, RemoteVote and SAFE Vote, that allow mail-in voters to benefit from E2E-V without changing the voter experience for those who choose not to participate in verification. To evaluate these systems and compare them with STROBE, we consider an expansive set of properties, including novel attributes of usability and verifiability, several of which have applicability beyond vote-by-mail contexts. We hope that our work will help catalyze further progress towards universal applicability of E2E-V for real-world elections.

preprint2015arXiv

The New South Wales iVote System: Security Failures and Verification Flaws in a Live Online Election

In the world's largest-ever deployment of online voting, the iVote Internet voting system was trusted for the return of 280,000 ballots in the 2015 state election in New South Wales, Australia. During the election, we performed an independent security analysis of parts of the live iVote system and uncovered severe vulnerabilities that could be leveraged to manipulate votes, violate ballot privacy, and subvert the verification mechanism. These vulnerabilities do not seem to have been detected by the election authorities before we disclosed them, despite a pre-election security review and despite the system having run in a live state election for five days. One vulnerability, the result of including analytics software from an insecure external server, exposed some votes to complete compromise of privacy and integrity. At least one parliamentary seat was decided by a margin much smaller than the number of votes taken while the system was vulnerable. We also found protocol flaws, including vote verification that was itself susceptible to manipulation. This incident underscores the difficulty of conducting secure elections online and carries lessons for voters, election officials, and the e-voting research community.