[EM] Securing electronic elections

David GLAUDE dglaude at gmx.net
Tue Nov 11 15:52:03 PST 2003

> Professors at John Hopkins and Rice Universities wrote wrote a critical report saying that there is
> "no evidence of regorous software engineering discipline and the "cryptology, when used at all,
> is used incorrectly".  SAIC, a Maryland based engineering and research firm, also write a critical
> report recommending 17 steps that Maryland elections officials could take to ensure better security.

In Belgium we have exactly the same conclusion from the carefull 
independant analyse of the voting code...


A quote:
Casual inspection off the code reveals obvious errors (3),(5) from which 
we deduce scant peer review of the code, if any, has taken place. Nor do 
we see evidence that somebody has tackled the problem of creating 
entropy for the encryption keys (2). Also troubling is the fact that 
keeping the voting anonymous isn't high on the priorities list: global 
and stack variables are not zeroed after their useful lifetime has 
expired (1).


More information about the Election-Methods mailing list