Intuitive cryptography that's also practical and secure.
Andrea Pasquinucci
liste at ucci.it
Mon Feb 5 03:08:30 EST 2007
On Sat, Feb 03, 2007 at 08:52:35PM -0800, Joseph Ashwood wrote:
----- Original Message -----
From: "Andrea Pasquinucci" <cesare at ucci.it>
To: "Cryptography" <cryptography at metzdowd.com>
Sent: Tuesday, January 30, 2007 12:33 PM
Subject: Re: Intuitive cryptography that's also practical and secure.
* >I have been working for
* >the last 2 years on a project about web-voting
* >(http://eballot.ucci.it/)
*
* >PS. any comment on my protocol/system is greatly appreciated.
*
* If I'm reading the design correctly, the biggest failure I see is that it
* is open to coersion. It is possible to hold someone's family or other
* personally important stuff for ransom for a receipt that reflects voting
* "correctly."
* Joe
Yes it is by design, and I state it very clearly.
Even if I would use biometrics for authentication I cannot prevent a
voter at home in front of her PC to take a picture of the screen when
she is voting as a proof of what she has voted for, or to sit next to a
coercer with a gun watching her voting.
The fact that the voter is remote and outside a controlled location
makes it impossible to guarantee incoercibility and no-vote-selling.
This is not a crypto or IT problem. I do not think (correct me if I am
wrong) that it is possible to design a web-voting system where you can
vote from any PC in the world which guarantees against this.
Consider that in Italy in normal political elections with only paper
ballots (no voting machines) it happened that the mafia gave voters
mobile phones with cameras or mini cameras to take a picture of the
paper ballot when the voter was in the booth as a proof of the vote.
And this with armed police just outside the booth. What can I do when
it is possible to vote from home?
Concerning a technical point on my system, the receipt that my system
gives to the voter has data which allow easily to learn the vote,
actually this is part of the procedure to check the correctness of the
result. I know that there are protocols which aim to give receipts such
that:
1. the voter can check that her vote has been counted correctly
2. she cannot prove to a third person how she has voted
(see for example Rivest "Three-ballot voting system") but I haven't
found one which fits in with my system and at the same time is easy
enough so that people can use it (they complain already that my system
is too complicated...).
Andrea
--
Andrea Pasquinucci liste at ucci.it - http://www.ucci.it/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list