At 2:46 PM -0800 11/10/00, Ray Dillinger wrote:
Okay, this information is old hat to most folk here - but it seems relevant just now, and if the infrastructure had been in place for this election, it could have saved us a heck of a lot of trouble.
An Election Protocol: Or, a way for people in voting societies to exercise their franchise without stirring themselves to get down to the polls or, for that matter, leaving their computer.
1) Alice the voter creates twenty sets of ballots. Each set of
2) Alice now blinds all the ballot sets with different blinding
3) Bob checks the digital signature, checks to make sure he hasn't
4) Alice responds by sending Bob the blinding factors for the
5) Bob unblinds the nineteen sets of ballots, making sure that
6) Alice unblinds the ballot set while preserving Bob's signature.
7) Bob decrypts the ballot, checks his own signature to make sure
8) When the election is over, Bob publishes the ballots and the
(I've left out the details, but kept the first line of each of the steps.) The problems with these protocols are obvious to all who have looked at these things over the years: * most voters, at least 99% of them, will not understand or trust or bother with the protocols * the steps will of course all be automated into some WindowsMe or Mac client called "MyVote." This package will itself not be trusted by most people. * the large fraction of people who are not computer literate, or who don't own a PC, etc. will have to use someone else's PC or terminal. This then raises all the usual issues about their blinding numbers, passphrases, keystrokes, etc., being captured or manipulated by someone else. Physical ballot voting has its problems, but at least people _understand_ the concept of marking a ballot, as opposed to "blinding the exponent of their elliptic curve function and then solving the discrete log problem for an n-out-of-m multi-round tournament." Further, people can _watch_ their ballots going into a voting box, a "mix." I know I watch my ballot going in. And while it is _possible_ for secret cameras to be videotaping my choices, or for DNA from my fingers being able to "mark" my ballot, I understand from basic economic and ontologic issues that these measures are very unlikely. This assurance doesn't exist with the protocol described above. Some folks will think their protocol failed, some will think there is a "backdoor" for seeing how they voted, some will think their are not adequate methods for auditing or double-checking the protocols. I would not trust such a system, or be willing to take night school classes in crypto and higher math in order to begin to understand the system...so imagine what other folks will think. It won't happen in our lifetimes. It may happen in European nations, but only because the average citizen does what he is told to do more so than American paranoids and individualists will do. --Tim May -- ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, ComSec 3DES: 831-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, "Cyphernomicon" | black markets, collapse of governments.