@inproceedings{Harrison:2023aa,
 abstract = {Risk-limiting audits (RLAs) are rigorous statistical procedures meant to detect invalid election results. RLAs examine paper ballots cast during the election to statistically assess the possibility of a disagreement between the winner determined by the ballots and the winner reported by tabulation. The design of an RLA must balance risk against efficiency: &quot;risk&quot; refers to a bound on the chance that the audit fails to detect such a disagreement when one occurs; &quot;efficiency&quot; refers to the total effort to conduct the audit. The most efficient approaches---when measured in terms of the number of ballots that must be inspected---proceed by &quot;ballot comparison.&quot; However, ballot comparison requires an (untrusted) declaration of the contents of each cast ballot, rather than a simple tabulation of vote totals. This &quot;cast-vote record table&quot; (CVR) is then spot-checked against ballots for consistency. In many practical settings, the cost of generating a suitable CVR dominates the cost of conducting the audit which has prevented widespread adoption of these sample-efficient techniques. We introduce a new RLA procedure: an &quot;adaptive ballot comparison&quot; audit. In this audit, a global CVR is never produced; instead, a three-stage procedure is iterated: 1) a batch is selected, 2) a CVR is produced for that batch, and 3) a ballot within the batch is sampled, inspected by auditors, and compared with the CVR. We prove that such an audit can achieve risk commensurate with standard comparison audits while generating a fraction of the CVR. We present three main contributions: (1) a formal adversarial model for RLAs; (2) definition and analysis of an adaptive audit procedure with rigorous risk limits and an associated correctness analysis accounting for the incidental errors arising in typical audits; and (3) an analysis of efficiency.},
 address = {Los Alamitos, CA, USA},
 author = {Benjamin Fuller and Abigail Harrison and Alexander Russell},
 bdsk-url-1 = {https://doi.ieeecomputersociety.org/10.1109/SP46215.2023.00115},
 bdsk-url-2 = {https://doi.org/10.1109/SP46215.2023.00115},
 booktitle = {IEEE Symposium on Security and Privacy (SP)},
 date-added = {2023-06-13 12:50:42 -0400},
 date-modified = {2024-02-19 14:13:37 -0500},
 doi = {10.1109/SP46215.2023.10179424},
 month = {may},
 pages = {3314--3331},
 publisher = {IEEE Computer Society},
 title = {Adaptive Risk-Limiting Comparison Audits},
 year = {2023}
}