[78925] in cryptography@c2.net mail archive
Re: Intuitive cryptography that's also practical and secure.
daemon@ATHENA.MIT.EDU (Andrea Pasquinucci)
Mon Feb 5 16:43:57 2007
Date: Mon, 5 Feb 2007 09:08:30 +0100
From: Andrea Pasquinucci <liste@ucci.it>
To: Cryptography <cryptography@metzdowd.com>
Cc: Joseph Ashwood <ashwood@msn.com>
Reply-To: Andrea Pasquinucci <liste@ucci.it>
Mail-Followup-To: Andrea Pasquinucci <liste@ucci.it>,
Cryptography <cryptography@metzdowd.com>,
Joseph Ashwood <ashwood@msn.com>
In-Reply-To: <030501c7481b$d72547d0$6401a8c0@GQ7000>
On Sat, Feb 03, 2007 at 08:52:35PM -0800, Joseph Ashwood wrote:
----- Original Message -----
From: "Andrea Pasquinucci" <cesare@ucci.it>
To: "Cryptography" <cryptography@metzdowd.com>
Sent: Tuesday, January 30, 2007 12:33 PM
Subject: Re: Intuitive cryptography that's also practical and secure.
* >I have been working for
* >the last 2 years on a project about web-voting
* >(http://eballot.ucci.it/)
*=20
* >PS. any comment on my protocol/system is greatly appreciated.
*=20
* If I'm reading the design correctly, the biggest failure I see is that it=
=20
* is open to coersion. It is possible to hold someone's family or other=20
* personally important stuff for ransom for a receipt that reflects voting=
=20
* "correctly."
* Joe=20
Yes it is by design, and I state it very clearly.=20
Even if I would use biometrics for authentication I cannot prevent a=20
voter at home in front of her PC to take a picture of the screen when=20
she is voting as a proof of what she has voted for, or to sit next to a=20
coercer with a gun watching her voting.=20
The fact that the voter is remote and outside a controlled location=20
makes it impossible to guarantee incoercibility and no-vote-selling.=20
This is not a crypto or IT problem. I do not think (correct me if I am=20
wrong) that it is possible to design a web-voting system where you can=20
vote from any PC in the world which guarantees against this.
Consider that in Italy in normal political elections with only paper=20
ballots (no voting machines) it happened that the mafia gave voters=20
mobile phones with cameras or mini cameras to take a picture of the=20
paper ballot when the voter was in the booth as a proof of the vote.
And this with armed police just outside the booth. What can I do when=20
it is possible to vote from home?
Concerning a technical point on my system, the receipt that my system=20
gives to the voter has data which allow easily to learn the vote,=20
actually this is part of the procedure to check the correctness of the=20
result. I know that there are protocols which aim to give receipts such=20
that:
1. the voter can check that her vote has been counted correctly
2. she cannot prove to a third person how she has voted
(see for example Rivest "Three-ballot voting system") but I haven't=20
found one which fits in with my system and at the same time is easy=20
enough so that people can use it (they complain already that my system=20
is too complicated...).
Andrea
--
Andrea Pasquinucci liste@ucci.it - http://www.ucci.it/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
