[E-voting] Commission on Electronic Voting
colm at stdlib.net
Thu Mar 11 12:07:31 GMT 2004
On Thu, Mar 11, 2004 at 11:48:46AM +0000, Cian wrote:
> On Thu, Mar 11, 2004 at 10:40:20AM +0000, Margaret McGaley wrote:
> > http://www.cev.ie/
> > They have an ad in the Indo today, calling for submissions (probably in the
> > other papers too).
> Truly, the Civil Service is a remarkable and magical entity. They set up
> *fast*. Okay, so what do we need to do to get our submission in? Margaret,
> shall we put together an initial draft this evening?
I started trying to gather some stuff together, and keeping a working
as a convienent thing I can copy and paste ideas from later.
> I figure we should get a nice, professional submission in as soon as possible.
> We have a tonne of information to put in it, though - what do people think we
> should prioritise?
I think it makes sense to split into accuracy and secrecy sections,
with the latter being much much shorter. And maybe points along the
who we are, what our concerns are roughly, why
we think they're serious
i) The big concerns, things that are immutable:
Accuracy is unverifiable by anyone (including the
commision) without VVAT
Electronic systems are not open to human verification
Reflections on trusting trust
Point out that voting is an unusual system in which
we can't observe the input - it has to be secret -
so it's not like any other software system where
we can detec procedural problems more trivially
It's impossible to verify the accuracy of anything
without somethign to compare it with
ii) Pragmatic concerns concerning the Irish system
Explanation of KISS and why it's important
Explanation of how Powervote don't seem to follow
the principals of KISS
Lack of extensive testing
Lack of good security criteria
Lack of good consultation
Possible lack of secrecy in the ballot module due to
bad seeding - we just don't know, but not a serious
Complete lack of secrecy for persons wishing to
4. Outline of practical threats and considerations
Errors due to software quality
Physical security of ballot modules
Authorised persons modifying the counting software
Trivial man-in-the-middle attacks
Threats posed by the well-resourced
5. Footnotes, about the authors, definitions and so on
All of the above should be in laymans terms as much as possible, with
pictures (say of ballot modules, illustrating the meaningless of their
physical tangibility) and so on :) Also suggest burning a CD and
placing the software implementation in, and maybe printing out
reflections on trusting trust.
All suggestions :) Please pick apart!
Colm MacCárthaigh Public Key: colm+pgp at stdlib.net
More information about the E-voting