The Perils Of E-Voting

ozric99 writes: " Voting in your pajamas is unsafe. So says the latest study published by the Voting Integrity Project, a non-partisan group based in Arlington, Va. that has openly attacked the Arizona Democratic Party's Internet primary election in March." As far as I can tell, this comes down to an authentication issue -- much the problems that certain voting wards have had in the past, e.g. the recently dead mysteriously arising from their graves and voting.

Re:Hrmph. Voting unsafe?

[[Zappo]]

Actually, electronic voting *is* unsafe.

I did my Master's work on this topic.

There are two major types of modern electronic voting schemes. The first type is based on the work of Fujioka, Okamoto, and Ohta (FOO). The second type is based on the work of Cramer (C).

For a good introduction to all of the problems associated with electronic voting, look up web publishings of Lorrie Cranor, who also developed a (FOO)-type scheme. A good link is http://www.ccrc.wustl.edu/~lorracks/sensus/hotlist .html

The major problems stem from trying to assure simultaneously that the election is tamper-proof, and that ballots are secret. This turns out to be very difficult. Even paper-ballot elections aren't really very good (e.g. Kennedy-Nixon presidential election, Chicago, "vote early, vote often"), but they have the virtue that to corrupt them an attacker must physically handle lots of pieces of paper in lots of different places.

(FOO)-type schemes try to use 'blind signatures' to let voters get a ballot using their real identities, then cast it using 'blinded' identities. However, blind signatures aren't perfect, and in particular schemes of this type let voters prove how they voted, which could lead to vote coercion or the selling of votes.

(C)-type schemes don't try to blind the identity of the voter. Instead, voters encrypt their ballots in a special manner, and submit them to a trusted group of individuals. This trusted group first combines all the encrypted ballots, then (by virtue of the special encryption) obtains the election result by decrypting the combination. Here, voters trust a relatively small group of officials not to collude to decrypt votes singly, thus revealing how each voter voted.

There is no clear solution to these problems, and the cutting edge is not 'good enough'. The election in Arizona did not use a type of scheme even as good as either of the ones I describe above. Instead, a private company is trusted to count and announce the results (BTW, it seems that nobody could prove that they did not invent the results they wanted), and to keep the identities of voters seperate from their votes (they have one database of voters vs. IDs, and another database of votes vs. IDs, and they swear that they won't cross-reference by ID).

Really, e-voting isn't ready for prime-time.

BBC Report has more...

[MostlyHarmless]

I found this report on their web server... don't bother looking for it because it seems to have disappeared. Huh.

"Insiders say that they decided to fix the problem after a person named "w3 r00ted ju! ph34r m3!!!" was elected Governer by a margin of 36,000 to 147. Police refuse to comment on the identity of this mysterious person; an anonymous source has stated that they are too busy due to those 147 people all having their credit card number stolen."

Re:Hrmph. Voting unsafe?

[Golias]

I realize that you live in a communist nation, so anything less than total state control of the entire economy looks like a radical right-wing agenda to you.

Here in the US, the extremists on the right are the Libertarian Party, and the Constitution Party. Extremists on the left include the Green Party, and visiting Canadians.

Most of the Democrats and Republicans are very mainstream, middle-of-the-road types, who only express rhetoric from one side or the other to rally support away from the minor parties.

(Canadians: Most of you are smart enough to tell that my negative comments about Canada are just jokes. I like Canada. As third-world nations go, it is one of my favorites. To those of you who can't seem to tell when I'm only kidding around: shut up, go back to your igloo, and keep lying to yourself about how much better the beer is up there.)

Hrmph. Voting unsafe?

[Signal+11]

Yeah.. of course it's unsafe, you might lower the barrier enough that a critical mass of "average" voters get into the polls and displace the special interest groups, hence rendering our existing corrupt system invalid. Better write a report about how that's bad in a non-obvious way quick!

Sorry, but this is just too transparent. Currently, politicians get into office by NOT playing the middle. Think about it - who's more likely to show up at the polls - the average apathetic american voter, or the rapid right-wing one? This is why groups like the Christian Coalition and the National Organization of Women (NOW) are so influential - they take a very small percentage of the voter population and make sure most of them vote. Combined with low voter turnout we have our current system of special interest groups essentially running the country. Our politicians aren't blind to this either - you'll note why the media makes such a big deal out of seemingly innane stuff -

For example, think about the current issues in the next election: abortion, gun control, crime, technology, or religion in schools. You'll note none of those are extremes likely shared by your peers. We could all care less - I mean, yeah, I have an opinion... but will I go out and vote for it?

And there you have it. Another report to quietly edge the people away from the truth.

Re:Hrmph. Voting unsafe?

[Golias]

Currently, politicians get into office by NOT playing the middle.

Clinton and Gore are both moderate liberals.

Their opponents in '92 and '96 were Bush the Elder and Bob Dole, both moderate conservatives.

The strongest third-party showing, by a w--i--d--e margin, was Ross Perot, a dead-center moderate who campaigned to reduce the debt in 92 and repeal NAFTA in 96.

The extremes on both sides (Jackson, Forbes, Brown, Buchannan, Quayle, etc.) all got spanked by those who could stand more towards the center.

The result has been meaningless elections between nearly identical candidates full of moderately bad proposals. Playing the center has been the winning strategy since 1988. No presidential candidate has been able to build a nantional coalition of radicals and win since Reagan... and even he needed the "Reagan Democrats" to get elected.

Vote in private in public

[Bazman]

Lets assume the slashdot poll is as secure as any vote for a president might be. Whats to stop me going to the office next door, pointing my Nerf Supermaxx 1500 at his head and getting him to vote for 'Hemos'?

Can I do that at a public voting station? No. Polling stations are public so that we can all see whats going on, and we have booths so that the individual has privacy. These two conditions seem essential to a fair and free vote. I dont see how they can be duplicated via the internet.

Baz

Authentication isn't the real problem!

[The+Infamous+TommyD]

Anonymity is the problem. Even if the system is 100% secure against unauthorized voting and ballot box stuffing, we still need a system that prevents the goverment or voting authority from tying votes to the voter.

Sure, there exist hypothetical systems for secure anonymous voting, but they are atrociously unscalable. See Schneier's book for the details on these schemes.

The problem boils down to "How do we ensure that only citizens vote, each only votes once, and still not be able to tell for whom they voted?"
Oh, and you want it scaleable????

This is very difficult.