2

Why not have each person simply treated as a counterparty to an off-the-record chat?

  1. People show up in groups and show an ID which is cross-referenced against a central database to prevent Sybil attacks.
  2. They have their apps generate a set of random numbers by each committing to one or more values and then revealing their values, combining them to form some set of random numbers.
  3. Based on this, they each receive a provably random series of off-the-record MAC keys to use for upcoming elections onto their device, without the issuer knowing anything about the device, e.g. scan QR codes.
  4. Then in each election, they vote once using Off-The-Record Messaging and have all the votes stored in a Merkle tree?

This scheme has the following properties:

  1. Verifiability - seeing one’s own Merkle branch is all that’s needed to verify the vote was counted correctly. Seeing the whole Merkle tree one can show that a certain % of issued tokens were used and used only once.
  2. Unlinkability - just like in OTR chat, once you sent the message, the zero-knowledge proof has been conveyed but now no one can prove how you voted.

Is there a flaw I missed? Why can’t we do voting like this?

Patriot
  • 3,132
  • 3
  • 18
  • 65
Gregory Magarshak
  • 435
  • 3
  • 11
  • 3
    Are you suggesting to vote "remotely"? I.e. just via an app from your phone? That's a huge nono simply because I can go around and buy votes for 100$, I just ask you to use your phone and vote for you. There is no way to fix this ever. It is essential that the vote is cast securily. We will never vote by phone for this reason alone. – Giacomo Alzetta Aug 24 '18 at 13:26
  • @GiacomoAlzetta See https://money.cnn.com/2018/08/06/technology/mobile-voting-west-virginia-voatz/index.html – Paul Uszak Nov 04 '18 at 14:54
  • 1
    @PaulUszak The US elections are a joke from a security perspective. I mean: when you have zero checks for voter IDs you already know that there will be at least thousands of voter frauds. On reddit's legaladvice once a week it comes up a story of an ex husband or parent or uncle that sends the votes in place of a family member etc. So at that point who cares about anything. In countries where there is proper security voting frauds are actually considered, and that's why they have polling places. – Giacomo Alzetta Nov 05 '18 at 08:06

1 Answers1

4

Unfortunately, most of the reasons that e-voting is not popular have nothing to do with the integrity of the underlying mathematics. This makes the question slight moot on a cryptography forum, but the following un-cryptographic answer still entirely relevant. Unless you solve the following (non exhaustive) problems:-

  1. It's a requirement of law enforcement (and thus oddly necessary for the protection of democracy) that you have to be able to check how people voted. Just proving that someone voted once is insufficient. Zero knowledge by definition can't be evidence in a proceeding.

  2. Ella points out the conundrum that if point 1 is satisfied and voter behaviours can be verified, it can encourage more vote fraud by people selling their votes which can then be machine verified as bought by the orchestrator. Could this lead to an alt-Trustpilot system emerging of "quality" voters ranked by cost and reliability?

  3. You also have to be able to prove who hasn't voted so that they can be prosecuted in certain jurisdictions /Australia. This is probably easier to solve than point 1, but clearly the issue of tokens does not guarantee a cast ballot. But such proof gets complicated again if run in parallel with traditional paper schemes.

  4. Your requirement for ID is a H U G E problem. 25% of African-American voting-age citizens lack a US issued photo ID. My mum and dad don't have any either. Ginswich points out that several of these points share the common theme of voter identification /authentication. This speaks to the broader issue of whether we want a society where everyone must carry "papers".

  5. Can I spoil my vote? I reserve the right to draw a squirrel on my voting slip or have an option for non of the above. This must be the easiest to solve with the addition of a dummy candidate.

  6. The bad guys will just hack the phones. So the Merkle tree remains intact collating the votes, it's just that you can set the app to vote for Hillary all the time whilst swearing to you that it registered a vote for the other one. Or play a tune instead on the central collation point.

  7. What are these apps you mention? I'm blind so I can't easily use a phone and therefore automatically technologically disenfranchised. Although progress on accessibility is being made, how would the blind and /or deaf interact with a QR code?

  8. And if I don't have a phone (my granny doesn't) can I borrow someone else's to vote with legally? Can multiple vote tokens be issued to the same device if sharing?

  9. My daughter has three phones.

  10. What is the relationship between the contents of the Merkle tree and any cast/spoiled paper ballots, or do you plan to go 100% paperless? That would be quite a societal change.

Before the deluge of up votes, please consider that some cryptography is fine academically on a black board, but it often has to operate in the real political and social world. A broader view has to be taken of cryptography and it's role in society.

Update:

Regarding voter anonymity in parts #1 and #3, and comments. The following is the back of the current UK Parliamentary Election ballot paper. You may spot the unique bar and QR codes. The bar code is over 70mm long so it's not really a secret. It's not a problem as long as the voting remains paper based.

2019ballot

Paul Uszak
  • 15,390
  • 2
  • 28
  • 77
  • 3
    #1 is not such a clear cut and fundamental requirement, as proof of who/what you voted for enables another problem in the form of vote selling. If you can't prove that you voted for Alice, then you can't sell your vote to someone who wants to buy votes for Alice (as they have no guarantee or proof that you really voted for Alice). This DEF CON talk goes into a bit of detail about the challenges of (electronic) voting – Ella Rose Aug 24 '18 at 01:42
  • 1
    I wouldn't say that this is a comprehensive list, nor that all the elements in this list must be fulfilled: as @EllaRose said, coercion resistance is typically needed (and proving how you voted seems to be against it); and also being able to prove who has not voted is not mandatory on many countries. Also, item 3 and item 7 are related to the same problem (proving identity.)

    Still, the list is a good pointer to real world problems.

     – Ginswich Aug 24 '18 at 08:28
  • 2
    #1 is false! Anonymity is the fundamental property of any voting systems. Law enforcement does not have any means to check what you voted (at least in non-100% rigged systems). – Giacomo Alzetta Aug 24 '18 at 13:23
  • @GiacomoAlzetta Your sentiment is 100% correct, and I agree. The UK is ranked 8/180 on the corruption index by Transparency International so it's not too naff a place. On the back of each ballot is a unique serial number that is sanctioned under the Representation of the People Act 1918. This is to allow "ineligible" ballots to be removed by the courts after the count in some cases. Legibility is tied to the individual voter. Police might then prosecute. Singapore is the same, and other countries also serialise their paper ballots like Canada. – Paul Uszak Aug 24 '18 at 14:41
  • 1
    Prove to me that #1 is true in at least some Western countries. Why would law enforcement need to know how you voted in elections? I believe this is the case today but not because of necessity or some law. And it leads to crap like this: http://amp.timeinc.net/fortune/2017/08/19/personal-information-of-nearly-2-million-chicago-voters-exposed-on-amazon-server – Gregory Magarshak Aug 26 '18 at 08:48
  • Wait did I say 1.8 million? How about 198 million? https://www.zdnet.com/article/security-lapse-exposes-198-million-united-states-voter-records/ – Gregory Magarshak Aug 26 '18 at 08:49
  • But I agree that democracy should be used (direct democracy is my preference, and making things more convenient and automated for a regular person lowers the barrier to voting for ISSUES and not representatives). So what is your idea of Buy-a-Vote Inc.? You sell your one vote and can't even prove how you voted? Sounds pretty lame. So you make your 1 pound. So what? – Gregory Magarshak Aug 26 '18 at 18:14
  • @GregoryMagarshak You misunderstand. I'm not selling my vote at all. My minions will hack one of the vote collation centres and change the votes for as many ballots as you can afford. And the beauty is that no voter will ever know as there's no way of ultimately checking with them because of zero knowledge. It's a perfect caper, see? – Paul Uszak Aug 26 '18 at 22:10
  • @PaulUszak Except that anyone purchasing your services would be a fool; They have no proof that you in fact garnered a single vote for them, and there is nothing you can do to produce that proof. Such services cannot happen explicitly because of zero knowledge, not the other way around (as mentioned in my first comment on this answer and the video included therein). Vote selling is only an actual problem when votes are not confidential. – Ella Rose Aug 26 '18 at 23:54
  • 1
    How would they hack the tree? The Merkle tree already stored the signed votes. I don’t get it. – Gregory Magarshak Aug 30 '18 at 04:23
  • 1
    @PaulUszak how do they hack the collation center if it's a merkle tree – Gregory Magarshak Nov 05 '18 at 05:03
  • @GregoryMagarshak You have to invert the premise. I don't have to know how to hack it. You have to prove to me, the voters, politicians, engineers and security analysts that you've invented an unhackable computer & network. You could ask on security.se for more about that. – Paul Uszak Apr 15 '19 at 00:59