[EM] Idea for a free web service for (relatively) secure online voting

Fri Oct 17 11:43:24 PDT 2008

Mike Frank wrote:
> Here is another question.  Will average people really gain confidence 
> from cryptographic ballot certificates?
> 
> To explain the issue in a more detail:  The certificates in my system 
> (like other crypto-based voting systems) only really "prove" anything if 
> you accept certain cryptographic assumptions, namely, that certain 
> functions have a technical property of being "one-way," which basically 
> means they can't feasibly be inverted.  No one currently knows how to 
> rigorously prove that any one-way functions actually exist.  However, a 
> number of functions are strongly /believed /to be one-way, because large 
> numbers of extremely smart mathematicians have tried to find an easy way 
> to invert them without any success.  Still, for all we know, there could 
> be someone out there (at the NSA, perhaps) who already knows how to 
> invert these functions, and just isn't admitting it.  So, we can't 
> really be /absolutely /100% certain that these certificates can't really 
> be forged.  But, most cryptographers believe that they can't.
> 
> Given this semi-cloudiness about the situation, will voters feel that 
> the certificates really help prove anything about the correctness of the 
> election results?  Will they feel any better about the results of an 
> election system that provides certificates than they feel about one that 
> doesn't?
> 
> Certainly, the certificates do make it much harder to intentionally 
> miscount the ballots, in the sense that getting away with this would 
> require the system designers to have access to the work of some genius 
> mathematicians that have solved problems nobody else has been able to 
> solve, and whose work has been kept entirely secret from the world.  And 
> further, it may be the case that these problems really are truly 
> impossible to solve, in which case systematic fraud in this kind of 
> system is really impossible.  But we don't really know for 100% certain 
> that the problems are insoluble.
> 
> To anyone reading this... Would the use of crypto technology like this 
> in your election system make YOU feel any better?

If given the choice between a vote-at-home system without any 
cryptography and one with crypto, I'd take the crypto (as long as it 
works and doesn't have any holes). I don't think vote-at-home is a good 
idea, though, and even direct electronic voting with general purpose 
computers at polling places is kind of... eh.

I'm pretty sure that the cryptographic primitives are secure. If they 
aren't, voting will be the least of our troubles.