Secure voting, smartphones, coercion and bribery

March 21 Scientia lecture by Rice e-voting expert Dan Wallach

How can democracies ensure voter privacy in the face of ubiquitous smartphones and increasingly sophisticated online hacking? Rice University voting security expert Dan Wallach will address that and related questions in a March 21 Scientia lecture titled “STAR-Vote: A Secure, Transparent, Auditable and Reliable Voting System.” The lecture will begin at 4 p.m. in Duncan Hall’s McMurtry Auditorium.

Dan Wallach

Dan Wallach

Wallach, professor of computer science and electrical and computer engineering and a faculty scholar at Rice’s Baker Institute for Public Policy, discussed the topic in a recent Rice News interview.

Q: How do we protect the privacy of a vote while also protecting the integrity of the election totals from tampering?

Any voting system, whether on paper or electronic, must protect voters’ privacy. Otherwise we would have to worry about bribery and coercion of voters. Even if a voter wants to compromise their privacy, we need to prevent that from happening, which is why it’s commonly illegal to photograph or videotape your interactions with a voting machine. On the flip side, we want to give voters solid evidence that the election totals weren’t tampered with. We want solid evidence that the ballot box wasn’t stuffed, that no ballots were lost and so forth. These tamper-resistance properties are seemingly in conflict with the privacy properties that we must have.

Q: What is STAR-Vote?

STAR-Vote is a collaborative effort to design a brand new voting system — one that is safe, secure and auditable — from scratch. It’s a collaboration between myself and several other academics and the office Travis County Clerk Dana DeBeauvoir in Austin.

Q: Why do we need another electronic voting machine? Aren’t computers hackable?

STAR-Vote uses sophisticated cryptography that can both protect the privacy of ballots from prying eyes and also protect the integrity of those ballots from malicious software. In STAR-Vote, if a hacked voting machine tried to quietly change votes, it could be caught with the electronic equivalent of a signed confession. Furthermore, STAR-Vote includes paper ballots, printed by the voting machine, which are deposited into a ballot box. No matter what happens with the electronic records, STAR-Vote produces paper records that are suitable for recounting, auditing, etc.

Q: Why not just vote with hand-marked paper? Why not count the paper by hand, while we’re at it?

Texas and many other states have a standard called “intent of the voter,” which is to say, voters can do a lot of things besides just filling in the bubbles, which a computer won’t necessarily understand correctly. In a close race, the interpretation of these ambiguous ballots end up being critically important. As a result, there’s a lot to be said for using a computer to help the voter fill out a ballot correctly. Also, Texas elections can have a huge number of questions on them, especially in years when we’re electing judges. Hand-tallying of such huge, multipage ballots would be a slow and error-prone process.

Q: Surely we can just vote on the Internet? We do banking on the Internet!

With the Internet, we now bring other nation-state actors (Russia, China, etc.) into the picture. Personal computers and smartphones have security problems already. Imagine how much fun we’ll have when malware waits for you to log in to a voting website and then changes your vote. Furthermore, the web servers are likely to be targets of attack, which could make an election inaccessible to the voters. And, last but not least, it’s very difficult to have a meaningful recount activity when the only records we have from an election are suspicious files on a computer that may have been compromised.

It’s also important to note that your bank records are not secret. If and when you discover that your credit card number has been stolen, you can dispute the fraudulent charges, and the bank will have enough evidence to clean up the mess. Elections require secret ballots, and absent those, it’s impossible for a voter to recognize when fraud has occurred.

Scientia is a Rice institute founded in 1980 to promote scholarship and research in the general area of history of science and culture. For more information on Scientia and upcoming lectures, visit

About Jade Boyd

Jade Boyd is science editor and associate director of news and media relations in Rice University's Office of Public Affairs.