Objectives of Verification
Verification ensures election integrity by providing a way for voters to confirm that their ballot:
- is captured by and stored in the system.
- has not been tampered with by anyone in any way.
- is included in the results tabulation.
Verification should not be confused with simple confirmation. Confirmation might look something like:
- Voter submits a paper ballot to an election administration office.
- Some time later, voter contacts that office to ensure their ballot has been received and is being processed.
Or if voting electronically, confirmation might take the form of an email sent to the voter after submitting a ballot, perhaps referencing a ballot identification number for tracking purposes.
At Skypunch, ballot verification is very different and considerably more meaningful. A voter still receives an email confirmation and that email contains a verification code. But that code permits a voter to perform a cryptographic verification of their ballot to be absolutely positive that not only has it been received and is included in the tabulation, but that no one has tampered with it. Not a would-be attacker, not an election administrator, and not anyone with administrative permissions to the underlying technological systems. Skypunch achieves these objectives by utilizing modern technology (described below), purpose-built for precisely this type of activity.
Verification Explained
Ballots are stored in an immutable and cryptographically verifiable digital ledger. When a block of data is committed to this ledger, it is hash-chained using a cryptographic hash function to all previously committed data. The ledger also periodically generates a digest of all hashes. At the moment a voter submits a ballot, the most current of these digests, along with other pieces of metadata, is embedded into a verification code which is included in an email confirmation to that voter. At any time that voter may visit the ballot verification page on this website and submit their verification code. The system extracts the hash digest from that code; recalculates hashes from the ledger; then compares the two. When they match, the ledger is proven to have not been tampered with between the time the submitted hash digest was created and verification performed. “Tampered with” in this context could mean that even if one single character in the ledger were modified, it would totally alter the recalculated digest values ensuring no match against that submitted by the voter during verification.
Viewing ballot
After a ballot has been verified, you may also proceed to view the ballot showing the selections made by the voter.