Kind regards, I don’t think you’ve ever touched on this type of topic, as it goes beyond the person and affects a large group of people. As the title says, I want to implement a voting system that is secure/private and I’m a bit overwhelmed, what system do you know and would you recommend for making votes within a political party and/or country? Basic features would be (a bit obvious but…):
-opensource
-encryption
-use of blockchain*
The last point I have my doubts if it is feasible and would help effectively and finally what web/physical application would you recommend.
Thanks!
Open source voting tech should be the norm everywhere but somehow people aren’t getting it. It is almost as if the people in charge don’t want real transparency and auditability in elections…
Hmm weird… /s
Sorry, who exactly? PG isnt just a person, you know…
This video is more recent and a follow up by Tom Scott.
Homomorphic encryption should open up a few more possibilities for online voting, but there should still be challenges to practical implementation in terms of the reliability of the vote taker with the secret key and the prevention of double voting.
/s In Dominion we trust! /s
you can send Ballots in US elections from Japan.
I think we need this, not digital voting.
We are shifting the cheating from one form to another. But at least the paper voting is harder to do at scale and requires more manpower.
pgp sign the ballot.
yaah super anonymous, think again.
Not only does it have to be anonymous, it must also be impossible for you or anyone else to prove who you voted for. That would be impossible with pgp or similar even if it was completely anonymous.
Some countries already do electronic voting. It cannot be network based as anything open to any network is also open to exploitation given enough time. So they usually use standalone machine with hardware security measures, and human checks and balances (like political parties having a representative check the machines, cast dummy votes, and observation rights).
It’s already done, is plenty robust, and very scalable with large populations (like Brazil and India).
You can look at similar ideas, no need to reinvent the wheel, or add any network.
Also I don’t think the Tom Scott video actually examines any technical aspects. His main arguments, from what I remember, were:
- It could be closed software: Just make it open
- You can’t verify machine runs the same software: You can. Hardware based attestation works, and so does the human element.
- You can’t trust hardware: This is just ridiculous. Then you can’t trust any hardware, including one that runs your nuclear missiles, your war machines, etc. As long as the hardware is reasonably tamper proof and not networked, human observation and strong democratic institutions like independent election conducting organizations are sufficient.
I feel like we should clarify the difference between electronic voting—meaning voting machines—and online voting. There are countries which implement one of the two, both, and/or neither. Online voting for instance already exists in Estonia.
Famously democratic countries.
I disagree, it is a video made for the masses and it’s very informative in regards to the risks with electronic or online voting.
Did I misattribute any argument to him or is my claim that it’s not a technical video false? Unless it’s one of the two, my statement can’t be “blatantly false”. I agree it’s for the general public, but then again where did I claim it wasn’t? Or are you saying the stuff about software and hardware is “blatantly false”? If yes, please do point me to relevant sources so I can correct myself.
Otherwise do be polite and not accusative please.
Lol, won’t even get into it here. But imo they are sufficiently democratic (about the same as US and Italy), unless of course you are comparing then to Switzerland, Vatican, etc. which I agree is more with direct democracy.
It was very clear in my mind. The video referred to electronic, and I referred to electronic. Then I added the additional requirement of it not being Networked, or not being “online” as you clearly pointed out.
Of course, popular technology suffers from the same issues as popular science: Too many videos, not enough fact checking and analysis.
To me, it felt like the earlier discussion was leaning more towards online voting, and I think it’d be nice to distinguish the two going forward.
India, but especially Brazil, are a ways behind even other flawed democracies.
My bad, though I believe you are overly dismissive of his arguments, I have edited my post.
Makes sense. I am firmly talking about electronic and not online voting (which I agree is a terrible idea).
This is just a subjective discussion I guess. Anyway, my point being it has been deployed with large populations without large scale technical attacks. Would be interesting to see if there are actual reproducible attacks on the systems countries currently use. I haven’t seen any so far.
Thanks, I have done the same to reduce the dismissive nature of my statement
But taking it to the technical field, wouldn’t end-to-end encryption and decentralized blockchain at least help with the reliability of votes?
Conversion of identity to vote is the problem with Blockchain (outside of security issues that can happen).
Usually, with ballots or on spot electronic voting, voters are verified and then allowed to cast votes without both being linked.
On Blockchain, verifying identity would instantly make it possible for some links to vote being established. Imagine there is a system that creates random identities on Blockchain and thus “anonymizes” votes. Now any malicious government would also know:
- How the random ID was generated
- The key used to generate the random ID (would probably be something like the national identity number)
Now this malicious government can deanonymize the users since it knows both the hashing algorithm and the original seed for the hash. This means they can secretly or openly punish people who didn’t vote for them.
It’s also worth considering that though a national ID number or national eID card would likely be used for an application like this, that is a terrible idea. Why? Because now the government which distributes these same ID cards can create as many fake votes as it likes. Assuming votes cannot be traced back to the voter in any way (as should be the case), it would be impossible to tell which ‘fake’ people voted. The only figure that would appear off would be voter turnout.