Tuesday, March 11, 2008

Prime III: Is It The Secure Voting Machine ?

Hi folks, today I focused my attention on Prime III, the "most secure" Voting Machine which has been ever built :-) (watch the video, please) . At first eye the system appears really well designed. The voter may vote by touch screen and/or by voice in a very intuitive way. If the touch screen has been compromised the voter uses the microphone to express her will. None can understand what the voter is doing because the Prime III links randomly the candidate's names with number of BEEP that the voter may use to cast the ballot. So for example if there are two voters at the same time that wanna vote for the same candidate they will speak different sequences of BEEP. Moreover Prime III utilizes a dynamic imposter file organization which dynamically generates random signed ballot file into a complex folders system, where only one is the correct one. The real vote folder is determined by an input key set by the election administration official. The whole system runs on SELinux versions where takes the logs informations if necessary.

The system has been designed from the Department of Computer Science and Software Engineering at Auburn University, inside the Human Center And Computing. For this reason this system is unquestionably one of the most user-friendly and easy to use voting device. As they said eve a blind man will be able to put his vote, and this to me is amazing ! As you can see in the following image the user interface is really easy and with only one race per page, in that way is easier to figure out the correct button to press down.

At last but not least the Prime III has an easy system of video record that proves the correctness of the vote whenever there is necessity. The system doesn't record the physical voter but it records her voice and the screen giving a Video Voting Verify.
So.. it's really secure this system ? I'm going to analyze it, with a great read team.... we will see ! ;-)


Scott Shorter said...

The "voter verified video audit trail" is an interesting way to achieve software independence, but would have to be very carefully designed to prevent tampering.

I would also want more information on their key management practices before I buy their claim that encryption actually does something in their system. It sounds like their system requires long term symmetric keys, which can have terrible consequences if compromised, and yet must be retained for the duration that the system is operating.

The randomized folder names strikes me as security by obscurity.

Also, I wonder how the dummy votes are generated - if those are random, can the real votes be distinguished from the random ones by statistical analysis of the contents?

Marco Ramilli said...

Very good comment Scott !!
Thank you very much.
I agree with all your points, actually I'm going to test it and I'll have more comments maybe in late April. Right now I've just presented the machine.
If you are interested on EVoting please contact me by email I can upgrade you more frequently.

Scott Shorter said...

Marco, I'm not finding your email very easily - not in your profile for example. Please advise.

Marco Ramilli said...

Yes Sure:
**mramilli (a-circle) gmail (dot) com**