vrijdag 12 juni 2020

Internet voting

Gene Spafford is one of my old security heroes. As you may know, not having an ICT background I'm not an expert in technical IT security, but what I learned about Unix and Internet security, I learned from Simson and Spafford (great introduction into security, also for Windows users...).

And if he speaks, you need to listen. This time he spoke about Internet Voting. The occasion being the US presidential primary elections. There are lots of voices who claim that internet voting is essential for democracy. Spaf is cautious, and with lots of reason, because, as he shows, technology is not stable and secure enough to facilitate free elections, there are too many obstacles from a technology point of view. No, not even Blockchain will make it secure enough. Here's the link to the interview with Spaf. And to all politicians: this expert knows more about security than all of you combined.

Why this post if I can just point to the interview?
Well, first the aspect of Identity was not mentioned. And we should of course touch on that as well. And second: this topic is a global topic, not just covering the US primaries.

Even though elections are anonymous, anonymity only extends to
  • the knowledge of who voted for whom
  • the knowledge of who voted
Those are the only anonymity requirements. The latter may not even be required if voting is mandatory by law, but then again, even in that case privacy may be relevant amd anonimity may extend to that topic.

But just the possibility, the justification for voting does require knowledge of the voter:
  • you are only allowed to vote if according to legislation you are considered to be a voter
  • you can only vote once
  • unless you have a uniquely identified mandate from another voter
And this is where Internet Voting is hurt even more than just by the techology part.

In order to make Internet Voting possible, these requirements have to  be met:
  • you need to have a trusted identity
  • an identity that is recognized in a 'voter directory'
  • there must be a transaction log to prevent multiple voting by one identity
  • there must be a mandate register, to enable mandated unique votes
Just imagine the first requirement in relation to Internet Voting.

Geen opmerkingen: