[EM] Establishing an offline foundation for secure online voting

raphfrk at netscape.net raphfrk at netscape.net
Mon Sep 25 03:59:41 PDT 2006 

  Bryan Alexander Ford wrote:



> I just posted the following short (1900-word) article that might be of interest

> here, although it is not about how to cast and count ballots but rather about

> how we might enforce the "one person, one vote" principle in online

> deliberative forums and prevent ballot stuffing while protecting users' privacy

> and anonymity.

>   Sybil Parties: An Offline Foundation for Online Accountability

>  http://www.brynosaurus.com/log/2006/0924-SybilParties.html

>

> In short, the only way to have legitimate online deliberation without the risk

> of people creating many virtual online personas with which to stuff ballot

> boxes (sybil attacks) is to create some form of strong "one person, one

> persona" relationship between real users offline and their personas online.

> The only I see way to do this, in turn, without requiring everybody to use

> government-issued ID for everything or sign on to a massive centralized PKI

> scheme that destroys everyone's privacy rights is... well, read the article if

> it's not obvious already. :)  Feedback welcome of course.

> Thanks,

> Bryan This is an interesting problem.  My (online) solution would be to require 

say 50-100 captchas to be completed by the person (once a year or so).



However, I would never have thought of using porn as incentive to get people

to solve them for a hacker (what will they think of next).  This problem sorta

still applies here.  You could create a porn site and require that people login.

However, what would actually be happening is that the hacker bridges your

login so that as you create an account on his site, you are actually creating an 

account (for him) on to the site he wants the free account on.  If there was 

no way to link ID between 2 sites anyway, maybe people would "pay" for porn 

by creating a yahoo email address for a hacker.



One thing with your system is that it would allow geographic information to be

encoded into the confirmation.  This would allow websites to provide different

services based on location.  This could be bad (restricting content like is done

with DVDs) and good (things like opinion polls could give a breakdown based on

region).



Another problem is keeping corruption to a minimum.  A requirement that any

gathering must allow oversight is not a very strict ruling.  Also, I am not

sure 1st world citizens would want to have ink put on their fingers.



What about trying to get the governments of (at least) the developed world to

mail a code to every resident.  Movement in that direction could be achieved by

creating a standard way to create and authenticate the codes.  One option would

be that you login to a government site and enter the 10 digit code they sent you

and then, your computer and the government's computer handles the transfer of 

the more complex and secure (and blinded) codes.



Once authentication has occurred, I would try to manage it using some 

kind of encryption rather than having a central account on the Sybil web site.



Digital cash, for example, allows a bank to issue digital "coins" so that it 

can confirm that a "coin" is valid without being able to tell who's "coin" it 

is.  A similar trick could be used here.  Each person on authentication could 

be given a "coin" that certifies that they are a real person.  The double 

spending protection, inherent in the digital cash system, could be used to 

ensure that the person can't use the "coin" more than once.  I am not sure if 

this system can be extended so that the protection only works if you "spend" 

the coin more than once at the same web site.



---------------------------



Unrelated to the above, has anyone else noticed that posts seem to appear on the 

web archive before they are mailed ?  This really slows down replying to emails.



---------------------------



  Raphfrk
 --------------------
 Interesting site
 "what if anyone could modify the laws"
 
 www.wikocracy.com  
________________________________________________________________________
Check Out the new free AIM(R) Mail -- 2 GB of storage and industry-leading spam and email virus protection.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.electorama.com/pipermail/election-methods-electorama.com/attachments/20060925/d67e6e4b/attachment-0003.htm>

More information about the Election-Methods mailing list