Slashdot Mirror

← Back to Stories (view on slashdot.org)

A Secure and Verifiable Voting System

Posted by michael on from the he-makes-it-look-easy dept.

meese writes "The cryptographer David Chaum, through discussion with top cryptographers such as Ron Rivest, has designed a secure and verifiable voting system. One of the goals of his design is that anyone can verify that votes were tabulated correctly. It's good to see real security/crypto people working on this problem. They also have a press release."

4 of 346 comments (clear)

  1. David Chaum... by Stile+65 · · Score: 4, Informative

    ...is an awesome mathematician/cryptographer. I'm working on a project (on SourceForge, but it's not nearly far enough along for me to announce anything on /. yet) based on his digital cash system, and some other things he's done. Yes, I know it's patented, but it's really meant as a proof-of-concept type deal.

    I just hope that if Chaum starts a company for his e-voting solution, it fares better than Digicash. IIRC, he wouldn't sell to M$ for $100M or to Visa for $40M, but ended up bankrupting Digicash and having to leave it. I'm not sure if I've got all the details right, so anyone's welcome to correct me.

    --
    I claim first use of "Error No. 0B" - or "No. 0B error." It'll be the new ID 10T!
  2. I've attended a David Chaum lecture by acidblood · · Score: 4, Informative

    in an workshop held here in Brazil (Alfred Menezes and Darrel Hankerson were the other lecturers). Folks, the system is perfect. There's nothing to complain about it -- laymen can check that their votes were counted through so-called `visual cryptography' (an idea of Adi Shamir IIRC), while everything else you'd expect from a secure and reliable voting system is provided. One can only hope that this is deployed somewhere, but I'm not holding my breath.

    Read the paper, it's really jawdropping. Cryptography at its finest.

    --

    Join the NFSNET. Our prime goal is making little numbers out of big ones. http://www.nfsnet.org/

  3. not decryptable -- it's an XOR by Heisenbug · · Score: 3, Informative

    The point of the two-receipt system is that it's easily verifiable in the booth, but impossible to verify outside. That means that any random voter can look and, instead of a long number to verify, they just see the text of who they voted for.

    The single receipt cannot be decoded as you suggest -- each pixel is utterly random. There will be no pattern to detect, within the limits of pseudorandom numbers.

    That works because the two receipts basically perform an XOR. Each pixel is either

    XO or OX
    OX XO

    Call the first '1' and the second '0'. Then 0^0 = partially clear, and 1^1 = partially clear. 0^1 or 1^0 = fully black. When you're printing a pixel, then, you completely, utterly randomly select 1 or 0 for one receipt. You then print either the same, or the opposite, on the other. There is no pattern whatsoever from pixel to pixel, and once half the receipt is destroyed, it is quite impossible to read the other half.

    The problem with the system you propose, by the way, is that anyone who had your SSN and MD5 hash could relatively quickly determine the choices you made just by trying all the combinations. If I was buying votes, I could tell you what choices to make, and then demand my money back if I couldn't reproduce your MD5.

  4. Re:Combination.. by The+Raven · · Score: 4, Informative

    You did not read the paper very carefully. The receipt can be proven to have the proper 'signature' (think public key cryptography), and it can be proven to have been tallied. But it CANNOT be proven to correspond to a specific vote, thus it cannot be used for coercion. The paper makes that explicitly clear in the first couple pages of the report.

    --
    "I will trust Google to 'do no evil' until the founders no longer run it." Hello Alphabet.