You are viewing an obsolete version of the DU website which is no longer supported by the Administrators. Visit The New DU.
Democratic Underground Latest Greatest Lobby Journals Search Options Help Login

Reply #63: NIST not recommending decertification of DRES [View All]

Printer-friendly format Printer-friendly format
Printer-friendly format Email this thread to a friend
Printer-friendly format Bookmark this thread
This topic is archived.
Home » Discuss » Latest Breaking News Donate to DU
WillYourVoteBCounted Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Nov-29-06 10:33 PM
Response to Reply #1
63. NIST not recommending decertification of DRES
This is what I gleaned from the executive summary

NIST is not recommending decertifying all DREs.

NIST is saying that paperless DRES should not be certified to 2007 standards.
NIST is recommending that 2007 standards for DREs require VVPATS
NIST also plans to write standards for independent verification systems.
NIST considers DREs with the VVPAT to be SI (software independent).

Some of the many acronyms used in the paper
DRE Direct Record Electronic, used in this paper to refer to current blackbox
IDV/IV Independent Dual Verification, shortened to Independent Verification
SI Software Independence or Independent
DRE-VVPAT A DRE with Voter Verified Paper Audit Trail voting system

NIST says systems should be Software Independent (DRES with VVPAT qualify)

(page 4)
Consequently, NIST and the STS
recommend that VVSG 2007 should require voting systems to be of the SI class, whose
readily available (albeit not always optimal) examples include op scan and DRE-VVPAT....

NIST says current paper based approaches can be approved and paperless systems
could also be developed:

The STS believes that current paper-based approaches can be improved
to be significantly more usable to voters and election officials, and that other kinds of allelectronic
IV (software IV) and E2E cryptographic systems may possibly achieve the goal of

(page 5)
secure paperless elections. However, for VVSG 2007, the STS judges that designs for these
new systems are still immature and that developing testable requirements for these
approaches is not yet feasible....

NIST describes current systems that are software independent:

3.1 Types of SI Voting Systems
There are several types of software-independent systems, however those that are readily
available today are paper-based. These are as follows:
1. Op scan using manually marked paper ballots
2. Op scan using an EBM, which can produce a richer user interface including support
for accessibility and alternative languages

(page 6)
These systems produce voter-verified paper records and are classified as software
independent because their electronic records or counts can be independently audited for
accuracy against the voter-verified paper records....

DRE-VVPAT works in somewhat the opposite way: the voting system creates an electronic
record of the voters choices at a touchscreen device and then prints a summary of the choices
on a sheet or roll of paper. The voter can then inspect the paper record to verify its accuracy
before finalizing the electronic record, and the paper record remains as an unchangeable
voter-verified audit trail that can be used in audits...

NIST says the DRE VVPAT, while not perfect, did ok in 2006 election

(page 8)
While some paper-based systems such as DRE-VVPAT are ripe for improvement, it appears that
the November 2006 elections did not have widespread problems in general with paper-based

NIST considers paperless SI methods, says there are two that
meet the requirements of SI :

(page 10)
4. Current Issues with Paperless SI Approaches

The pursuit of secure paperless SI approaches to voting systems has become an active
research goal and has resulted in several commercial devices14 that to some degree meet
requirements of SI. As described earlier, there are at present two types of paperless SI
systems: software IV and E2E....

NIST says should set 2007 standards for paperless verification systems
so that vendors will "innovate":

(page 11)
4.1. The Innovation Class

Requiring SI voting systems in VVSG 2007 effectively leaves only voter-verified paper-based
approaches for now. It is important, though, that new and innovative approaches to voting
systems be pursued, especially with regard to secure paperless approaches.
But, secure
paperless and other approaches are not likely to be pursued by vendors if testable
requirements and a certification path for them are not included in VVSG 2007....''

NIST says paperless DREs could still be purchased, but none
would be certified after 2009/2010, and in the near future only
methods with VVPAT would be certified. Leaves door open for black box on
top of the black box, and encryption.

(page 12)
5. Ramifications of Requiring SI

The most obvious ramification of requiring SI in VVSG 2007 is that paperless DREs could
not be certified to VVSG 2007. Purchase of paperless DREs would still be permitted,
but certification of new paperless DREs would be prohibited after, likely, 2009/2010 when
compliance with VVSG 2007 may be required15. This effectively leaves only voter-verified
paper approaches for certification in the near/foreseeable future, including op scan, EBM
devices, DRE-VVPAT, and, possibly, some E2E approaches....
Printer Friendly | Permalink |  | Top

Home » Discuss » Latest Breaking News Donate to DU

Powered by DCForum+ Version 1.1 Copyright 1997-2002
Software has been extensively modified by the DU administrators

Important Notices: By participating on this discussion board, visitors agree to abide by the rules outlined on our Rules page. Messages posted on the Democratic Underground Discussion Forums are the opinions of the individuals who post them, and do not necessarily represent the opinions of Democratic Underground, LLC.

Home  |  Discussion Forums  |  Journals |  Store  |  Donate

About DU  |  Contact Us  |  Privacy Policy

Got a message for Democratic Underground? Click here to send us a message.

© 2001 - 2011 Democratic Underground, LLC