Election Security Analysis

Lately I've been poking around the voting infrastructure and results of the 2016 U.S. elections. I published a report with my advisor, which you can find here (we also looked at the 2016 Utah GOP Caucus). I've also been producing visualization to help communicate what is going on where. Here are a few examples (clockwise starting in the top left, DRE usage, shortages of pollworkers, absentee ballot prevalence, and use of optical scan ballots):

TLS Usability

Currently I am working on an empirical evaluation of the usability of Let's Encrypt in comparison to prior methods of deploying TLS on a webserver, like manually configuring Apache. The study was designed in conjunction with Claudia Acemyan and Phil Kortum of Rice University.

As a result of our certificate ecosystem study, I have been working on synchronizing Google's Certificate Transparency logs with Censys, and vice-versa. You can see one direction of this synchronization on the Censys CT Status page.


STAR-Vote is the Secure, Transparent, Auditable, Reliable voting system, currently being developed by Travis County, Texas to replace the current Hart InterCivic eSlates that they and much of Texas use to conduct elections. I worked on STAR from 2012 to 2015, developing a proof-of-concept of the entire system in Java. Towards the later stages of the implementation, a colleague and I rewrote the cryptography backend to implement ElGamal homomorphic encryption for votes and vote tallying. I also facilitated collaboration at Rice between the technical team and the usability team at Rice, led by Phil Kortum and Claudia Acemyan. For some more information about the psych team's work on the project, see here.

Secure Kiosks and ASKVote

In the summer of 2015 I interned at Microsoft Research where, under the guidance of Josh Benaloh, I explored the security functionality of Microsoft Windows 10. The goal of the project was to determine if it was possible to use a Trusted Platform Module to guarantee the state of a machine at any arbitrary time. My work involved delving deeply into the Windows APIs and speaking to people from a wide range of technical backgrounds at Microsoft, which ultimately led to my cobbling-together of features to prove in software that both the hardware and software state of a machine can be checked. Essentially, a remote machine can keep tabs on what an untrusted machine is doing (provided that both machines are configured to do so), whether its hard disk is encrypted, if the camera is enabled, etc., and then software can be developed to take action based on the results of the untrusted machine's attestation. This functionality led to the development of ASKVote, the Attestably Secure Voting Protocol, which was a proof-of-concept protocol designed to show the security guarantees that can be made and enforced based on attestation data. The results of this project are to be published at PST 2016, and the paper is available here.

© Matthew D Bernhard 2015