[E-voting] e Challenge 2005 (conference 19 - 21 October 2005, Ljubljana, Slovenia)

David O'Callaghan david.ocallaghan at cs.tcd.ie
Mon Jun 20 17:20:48 IST 2005


Hi All,

On 20/06/05 16:35, Michael McMahon wrote:
> There is a presentation about it here.
> http://www.cyber.ee/dokumendid/evalimised/virunurm.ppt

Thanks for the link! The presenter appears to have the same slightly 
cyncial viewpoint as the speaker at the talk I attended: many of the 
security concerns are brushed off with an attitude of "the public don't 
care about security/privacy as long as the system is convenient for 
them". At the risk of over-generalising, this may be a symptom of recent 
emergence from totalitarian rule where anything seems better than what 
has gone before.

> The pres includes a high-level risk analysis, which acknowledges various
> things like the possibility for fraud. An interesting point
> they make is that you would have to trust the "central system" which
> I presume aggregates the votes. They say this is equivalent to
> trusting the "Election Committee" for existing paper based elections,
> and therefore that's ok.
> But I wonder if the underlying assumption is really true.
> If existing paper ballot election counts are
> conducted in public, then I don't see how it could be true.

Yes, that aspect looks quite odd to me. For one thing, the 
authentication step itself is concealed from the voter: a voter 
presumably gets a yes -or-no answer as to whether their vote has been 
accepted. If they're rejected they won't know the reason. From the ID 
card talk, it seemed quite possible to report your enemy's ID card as 
stolen to have it temporarily disabled!

The more serious aspect is the anonymisation and counting stage. It's 
hard to see how a single piece of opaque software is comparable to an 
election committee. Compromising the software might require only one or 
two individuals whereas comprimising the traditional counting process 
(at least in the Irish case) would require a conspiracy involving many 
of the returning officers, counting staff, etc.

Regards,

David
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2955 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.stdlib.net/pipermail/e-voting/attachments/20050620/5494cf44/smime.bin


More information about the E-voting mailing list