[EM] Securing electronic elections
David GLAUDE
dglaude at gmx.net
Tue Nov 11 15:52:03 PST 2003
> Professors at John Hopkins and Rice Universities wrote wrote a critical report saying that there is
> "no evidence of regorous software engineering discipline and the "cryptology, when used at all,
> is used incorrectly". SAIC, a Maryland based engineering and research firm, also write a critical
> report recommending 17 steps that Maryland elections officials could take to ensure better security.
In Belgium we have exactly the same conclusion from the carefull
independant analyse of the voting code...
http://www.afront.be/lib/vote.html
A quote:
<<
Casual inspection off the code reveals obvious errors (3),(5) from which
we deduce scant peer review of the code, if any, has taken place. Nor do
we see evidence that somebody has tackled the problem of creating
entropy for the encryption keys (2). Also troubling is the fact that
keeping the voting anonymous isn't high on the priorities list: global
and stack variables are not zeroed after their useful lifetime has
expired (1).
>>
David GLAUDE
More information about the Election-Methods
mailing list