[pp.int.general] Online voting versus online discussion
Zbigniew Łukasiak
zzbbyy at gmail.com
Thu Dec 13 22:00:03 CET 2012
On Thu, Dec 13, 2012 at 9:20 PM, Thomas Bruderer
<thomas.bruderer at piratenpartei.ch> wrote:
> Am 13.12.2012 19:16, schrieb Richard Stallman:
>> There might be a flaw in the mathematics of the supposedly
>> auditable system.
> It's opensource, auditable and end to end verifiable. Definitly my last
> comment on this.
>> Your argument is that if I can't present a specific attack that WILL
>> work, based on the very abstract description given, then the system
>> must be secure. That argument is not valid.
>
> As an ex-student of the MIT I am pretty sure you are aware how
> mathematical proves work - the cryptography behind homomorphic
> encryption is of course mathematically proven to be computationally
> secure (which is in contrast to the perfect security which in
> cryptography is only proven for OTP) - the other parts of the system are
> obviously attackable in other ways, however if you doubt the mathematics
> behind it I don't really see a point in discussion this at all.
Personally I am open to new e-voting systems and stuff and I accept
that they can be more secure than physical ballots with the exception
of selling votes and coercion - which can always happen when voting
outside of a physical voting booth (mail voting share this problem).
Sure coercion and selling can be slightly alleviated by letting people
vote many times - but only slightly - there are multiple ways to make
the coercion effective even in that case (you can take peoples
computers or maybe just watch their interenet traffic and kill them if
they ever try to connect to the voting site again). How dangerous is
that? I don't really know - I hear it works for the Swiss (but they
have the limitation on mail voting - it cannot amount to a certain
percentage of all votes).
All that math is impressive - but a chain is only as strong as its
weakest link and computing history abounds in surprises in this area.
I am not an expert in computing security - so I'll wait for more
accessible articles on this - before I cast my vote, but one thing
that I noted from the wikipedia entry is that end to end voting
systems don't secure against ballot-stuffing. Sure there are perhaps
other means to fight that - but it is a perfect example of things that
are OK for the mathematicians - because they just add this as a part
of the theorem, but are not so OK for real voting systems. This is all
very new and cutting edge - surely that makes it good discussion topic
but it does not make it very dependable.
--
Zbigniew Lukasiak
http://brudnopis.blogspot.com/
http://perlalchemy.blogspot.com/
More information about the pp.international.general
mailing list