[E-voting] encryption compromised by hardware
Patrick J Kobly
patrick at kobly.com
Mon Nov 20 16:07:34 GMT 2006
Timothy Murphy wrote:
> On Monday 20 November 2006 12:47, jm at jmason.org wrote:
>
>> http://portal.acm.org/citation.cfm?id=358210 -- Ken Thompson, _Reflections
>> on Trusting Trust_ ;)
>>
> One has to be a member of ACM to access this.
> However, I remember reading it many years ago and finding it interesting
> and instructive.
>
http://www.acm.org/classics/sep95/
Is a publicly accessible copy of the work. This is a very instructive
work that should be read by anyone working on e-voting issues. Though
not saying anything direct about e-voting, it does raise the one
fundamental flaw of any e-voting system without independent audit
capability (voter verified audit trail that is actually audited). This
is the huge assumption made by most cryptographers developing
crypto-protocols for reliable e-voting. The assumption is that the
system the user interacts with acts as a faithful agent of the user with
respect to encrypting, recording and displaying vote data. Thompson
talks about why this assumption cannot be made (and in general any proof
is illusory).
PK
More information about the E-voting
mailing list