[E-voting] UK govt circular mentions open-source e-voting

A.J.Delaney at brighton.ac.uk A.J.Delaney at brighton.ac.uk
Fri Jul 22 09:08:09 IST 2005

On Fri, 2005-07-22 at 17:37 +1000, Craig Burton wrote:
> I'm aware of the risks of networking; there are no secure channels,
> for sure.  Any use of the network has to take as wrote the use of PKI,
> an infrastructure for key exchanges (perhaps in training for poll
> staff) and many a priori components.  My suggestion is that the DRE be
> networked as a thin client and boot from a trusted repository of
> software.  Such as from NIST in the US.  In my mind, risky as it is,
> it is less risk than three issues with DREs - they they record votes
> in their dodgy internals; vote transport is physical on delicate media
> and that they each have their own internal, accessible, hackable
> software.  This networked machine would be like an EFT card terminal
> (with a bigger screen), not a PC.
> Submitting your vote to the central service would provide evidence if
> its being received, for example - not possible with paper.
The issue here is one of trust.  Take the following two accounts
1. I deposit my paper ballot in a numbered ballot box.  The ballot box
is transported to a count centre accompanied by two Gardaí (police
officers).  The ballot box is visibly unpacked in the presence of many
"independent" (they all have a different bias) witnesses plus media and
possible foreign observers.
2. I select the "submit" button* where the contents of my ballot are
scrambled with a public key.  The ballots are transported to a count
centre over a secure network (like the Lotto network) and are
"virtually" unpacked.  Unpacking is indicated by a counter/graphic on a
workstation screen.

* I'm not comparing your example system with HTML forms 

Of the two scenarios I need a degree in computer science to understand
the second completely.  To trust the first I need confidence in my
police force and the independence of the observers (which has been
commented on elsewhere).  To trust the second I need confidence in the
hardware manufacturers, software manufacturers, telephony operators and
that P != NP (a currently unproven hypothesis in computer science).

> I see no reason why a networked DRE could not also print a ballot.  
This would be false comfort.  Why would a networked DRE need to print a
ballot?  Particularly if the paper record is not being counted?

Currently Ireland has a (reasonably) fast, decentralised, cost
efficient, understandable and trustworthy system of vote casting and
vote tabulating.  Introducing computers at all means that the vast
majority of the population will not be able to understand the system and
will mean that a (hopefully large) section of voters will not trust it.
The only published reasons for introducing electronic voting in Ireland
* speed,
* foreign perception of our technological advancement and
* accuracy of the count (we could then use a more accurate
fractional-transfer system).

I think speed is a red-herring in a country where a count takes a day or
two.  I'd rather foreigners perceive that we have a strong democracy and
that we are so technologically advanced that we know what problems
computers should not be applied to.  We could argue the last point on
accuracy 'till we're blue in the face, however I think Catherine
regularly demonstrates that it would be cheaper to fix the other broken
parts of the election system (the processes) to improve the accuracy.
We should try that first.

If Ireland is to have an electronic voting system I want to see a system
where a physically printed ballot is the primary record of the vote.
Introducing a network into the system yields no gain and is anathema to
the goal of transparency.

Aidan Delaney
School of Computing, Mathematics and Information Sciences,
University of Brighton.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.stdlib.net/pipermail/e-voting/attachments/20050722/2183f0db/attachment.pgp

More information about the E-voting mailing list