System Integrity Proof?

[pmeyerson]

Can an election administrator and the public be assured that a deployed SIV instance has not been tampered with post-installation, and matches the publicly viewable repository? I'm under the assumption that today's voting machines enable some sort of integrity check function that is executed by the administrator prior to the beginning of voting preparation/election activities, even though this is not generally presented to the public. I would argue that this is more important for SIV than for vote in person systems. With vote in person systems, irregularities can be resolved by an automated or hand count of ballots. Since this option doesn't exist for SIV, its critical that system integrity be auditable.

[dsernst]

Yes, the whole system is designed to be end-to-end verifiable: https://docs.siv.org/verifiability

[arianabuilds]

Entry Summary for HACK SIV @ DEF CON 2024

Thanks again for participating! This submission earned $0.00 from SIV and $7.57 from the Public Vote, for a total of $7.57.

Here's what we noted in our evaluation:

What takes away from it

• Just a question, not an attack.
• And yes, the system is meant to provide full proofs of integrity.

Issue to track getting paid: https://github.com/siv-org/hack.siv.org/issues/3