CDR: Re: A secure voting protocol

Fri Nov 10 15:11:07 PST 2000

At 2:46 PM -0800 11/10/00, Ray Dillinger wrote:
>Okay, this information is old hat to most folk here - but
>it seems relevant just now, and if the infrastructure had
>been in place for this election, it could have saved us a
>heck of a lot of trouble.
>
>An Election Protocol: Or, a way for people in voting societies to
>exercise their franchise without stirring themselves to get down to
>the polls or, for that matter, leaving their computer.
>
>1) Alice the voter creates twenty sets of ballots.  Each set of
>
>2) Alice now blinds all the ballot sets with different blinding

>3) Bob checks the digital signature, checks to make sure he hasn't
>
>4) Alice responds by sending Bob the blinding factors for the
>
>5) Bob unblinds the nineteen sets of ballots, making sure that
>
>6) Alice unblinds the ballot set while preserving Bob's signature.
>
>7) Bob decrypts the ballot, checks his own signature to make sure
>
>8) When the election is over, Bob publishes the ballots and the

(I've left out the details, but kept the first line of each of the steps.)

The problems with these protocols are obvious to all who have looked 
at these things over the years:

* most voters, at least 99% of them, will not understand or trust or 
bother with the protocols

* the steps will of course all be automated into some WindowsMe or 
Mac client called "MyVote." This package will itself not be trusted 
by most people.

* the large fraction of people who are not computer literate, or who 
don't own a PC, etc. will have to use someone else's PC or terminal. 
This then raises all the usual issues about their blinding numbers, 
passphrases, keystrokes, etc., being captured or manipulated by 
someone else.

Physical ballot voting has its problems, but at least people 
_understand_ the concept of marking a ballot, as opposed to "blinding 
the exponent of their elliptic curve function and then solving the 
discrete log problem for an n-out-of-m multi-round tournament."

Further, people can _watch_ their ballots going into a voting box, a 
"mix." I know I watch my ballot going in. And while it is _possible_ 
for secret cameras to be videotaping my choices, or for DNA from my 
fingers being able to "mark" my ballot, I understand from basic 
economic and ontologic issues that these measures are very unlikely. 
This assurance doesn't exist with the protocol described above. Some 
folks will think their protocol failed, some will think there is a 
"backdoor" for seeing how they voted, some will think their are not 
adequate methods for auditing or double-checking the protocols.

I would not trust such a system, or be willing to take night school 
classes in crypto and higher math in order to begin to understand the 
system...so imagine what other folks will think.

It won't happen in our lifetimes. It may happen in European nations, 
but only because the average citizen does what he is told to do more 
so than American paranoids and individualists will do.

--Tim May
-- 
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
ComSec 3DES:   831-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
"Cyphernomicon"             | black markets, collapse of governments.