[E-voting] UK govt circular mentions open-source e-voting

Craig Burton caburt at alphalink.com.au
Fri Jul 22 09:45:22 IST 2005


Aidan,
I have to say I was surprised and pleased when the rollout of evoting 
machines was reversed in Ireland.  I don't advocate changing a voting 
system that is affordable, accessible, accurate, usable, expedient and 
trusted.  Poll site voting works well here in Australia too.

My offering below is a suggestion to improve what is being rolled out in 
the US and other places, apparently without a roll-back.
VVPAT is no good unless they count them, which I suspect they won't, or 
not often enough.

Thank you for humouring me with the Lotto network, yes a different kind 
of technical trust is needed, but then so is the trust of users of 747s.
I think there may be places in the world where (better) DREs might do 
good.  Maybe in India, perhaps some parts of the US.

But really I see the opportunity for automation to replace postal 
voting, which you would have to agree is a different story in terms of 
its security, resistance to modification, poor authentication and lack 
of receipt.  I try to suggest some of the same networking ideas for DREs.

We only need P!=NP during polling.  If anyone finds P==NP I think this 
would be cause to use symmetric keys for the remainder of the week :-)
Best,
Craig.


A.J.Delaney at brighton.ac.uk wrote:

>Craig
>On Fri, 2005-07-22 at 17:37 +1000, Craig Burton wrote:
>  
>
>>I'm aware of the risks of networking; there are no secure channels,
>>for sure.  Any use of the network has to take as wrote the use of PKI,
>>an infrastructure for key exchanges (perhaps in training for poll
>>staff) and many a priori components.  My suggestion is that the DRE be
>>networked as a thin client and boot from a trusted repository of
>>software.  Such as from NIST in the US.  In my mind, risky as it is,
>>it is less risk than three issues with DREs - they they record votes
>>in their dodgy internals; vote transport is physical on delicate media
>>and that they each have their own internal, accessible, hackable
>>software.  This networked machine would be like an EFT card terminal
>>(with a bigger screen), not a PC.
>>
>>Submitting your vote to the central service would provide evidence if
>>its being received, for example - not possible with paper.
>>    
>>
>The issue here is one of trust.  Take the following two accounts
>1. I deposit my paper ballot in a numbered ballot box.  The ballot box
>is transported to a count centre accompanied by two Gardaí (police
>officers).  The ballot box is visibly unpacked in the presence of many
>"independent" (they all have a different bias) witnesses plus media and
>possible foreign observers.
>Or
>2. I select the "submit" button* where the contents of my ballot are
>scrambled with a public key.  The ballots are transported to a count
>centre over a secure network (like the Lotto network) and are
>"virtually" unpacked.  Unpacking is indicated by a counter/graphic on a
>workstation screen.
>
>* I'm not comparing your example system with HTML forms 
>
>Of the two scenarios I need a degree in computer science to understand
>the second completely.  To trust the first I need confidence in my
>police force and the independence of the observers (which has been
>commented on elsewhere).  To trust the second I need confidence in the
>hardware manufacturers, software manufacturers, telephony operators and
>that P != NP (a currently unproven hypothesis in computer science).
>
>
>  
>
>>I see no reason why a networked DRE could not also print a ballot.  
>>    
>>
>This would be false comfort.  Why would a networked DRE need to print a
>ballot?  Particularly if the paper record is not being counted?
>
>Currently Ireland has a (reasonably) fast, decentralised, cost
>efficient, understandable and trustworthy system of vote casting and
>vote tabulating.  Introducing computers at all means that the vast
>majority of the population will not be able to understand the system and
>will mean that a (hopefully large) section of voters will not trust it.
>The only published reasons for introducing electronic voting in Ireland
>are 
>* speed,
>* foreign perception of our technological advancement and
>* accuracy of the count (we could then use a more accurate
>fractional-transfer system).
>
>I think speed is a red-herring in a country where a count takes a day or
>two.  I'd rather foreigners perceive that we have a strong democracy and
>that we are so technologically advanced that we know what problems
>computers should not be applied to.  We could argue the last point on
>accuracy 'till we're blue in the face, however I think Catherine
>regularly demonstrates that it would be cheaper to fix the other broken
>parts of the election system (the processes) to improve the accuracy.
>We should try that first.
>
>If Ireland is to have an electronic voting system I want to see a system
>where a physically printed ballot is the primary record of the vote.
>Introducing a network into the system yields no gain and is anathema to
>the goal of transparency.
>
>  
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.stdlib.net/pipermail/e-voting/attachments/20050722/33d1eb21/attachment.htm


More information about the E-voting mailing list