Slashdot Mirror
Researchers Devise Voting System That Seems Secure, But Is Hard To Use
An anonymous reader writes: According to an article in ReadWrite, a team of British and American researchers have developed a hacker resistant process for online voting called Du-Vote. It uses a credit card-sized device that helps to divide the security-sensitive tasks between your computer and the device in a way that neither your computer nor the device learns how you voted (PDF). If a hacker managed to control the computer and the Du-Vote token, he still can't change the votes without being detected.
I vote yes!
...and that's the point! If it takes longer than 4 years to hack, it's effectively secure for a US Presidential election. By then, the elected official's term will be up, and there will be another election (with different encryption keys) so you will have to start over.
It is conceivable that the World's Cleverest People (WCP) will devise a system that reliably enables people to vote over the internet. And researchers tell us America is no longer a democracy, so I suppose it doesn't really matter that only the WCP will have rational reason to have confidence in the system.
But for those of us who think people should be able to prove to their own satisfaction that their vote was counted as cast, paper inserted into witnessed boxes and then counted in public seems like a better idea. It will never make Microsoft rich, though, so I doubt Microsoft Research will admit this.
Voting should be a low tech process that anybody can understand. Too much technological magic erodes the trust of voters who are capable of understanding it. Simply marking a ballot with a pen is understandable by anyone. Maybe you count them by machine but you always have the fallback of machine counting. I don't trust any voting process that doesn't have that fallback option. If the voting records are only held electronically how can you ever completely trust the results haven't been hacked?
Beside hacking a device to steal votes, there is a number of other concerns about the online voting which cannot be eliminated by any device you can imagine.
For example, how can you be assured the voter has not sell his vote and the buyer can just sit beside him to make sure he is getting what he paid for? How can you prevent someone to impose a candidate to someone else by threatening him/her/them? At a vote poll, you can make sure nobody is intimidated and anyway there is no way someone else can check the vote he tried to steal.
Online voting is a big No-No.
Achille Talon
Hop!
A lot of people think online voting is the next big thing, but the problem is actually very hard to do online.
To do it right requires a "proctored" setting where the person is guaranteed to be alone, and unobserved (including video recording).
If you can't guarantee that the person is alone, then they can be coerced into voting a specific way. If you can't guarantee that the person isn't observed, then the person can sell their vote.
Video recording hasn't been addressed yet, but with the current system a voter can record their vote as proof of how they voted, and so vote selling is possible. It's functionally the same as being observed, just time shifted.
Add in the requirements for recounts and verification, and physical ballots in a proctored environment is the simple solution.
I've seen mathematical solutions that make tampering statistically impossible. The system injects a large portion of non-human votes in a cryptographically secure way such that it doesn't change the actual outcome, but it's impossible for a hacker to change votes due to the statistical likelihood that he'll change one of the non-human votes and be detected.
Even with these systems, you still need a proctored environment that guarantees anonymous and unobserved voting.