you don’t need to be an aviation expert to trust the plane will fly.
likewise e-voting systems pass through cryptography experts auditing to verify it does what it says it does.
said that the voting solution can also provide cryptographic proof that your vote was unaltered, and accounted for, without need to expose your actual vote.
the claims about database altering, are also false as the vote is cryptographically signed and unalterable.
also there is another feature where you can recast vote on top of your previous one and the last vote will be the valid one. This is crucial for countries where the bad guys can come at your place and under distress (gun) force your vote. you can then recast safely invalidating the forced vote.
e-voting solutions is really interesting and in an alternate reality I think we could have had a mainstream e-voting and more even direct-democracy vs our current democracy by proxy (elected officials)
each citizen gets an anonymized private key via a secure channel (eg. postal) and use that to vote.
votes are double enveloped:
outer envelop: anonymized id
+ inner envelop: vote.
mixnet separates the votes and cryptographically shuffles them to decouple relationships.
only at the end the shuffled votes are decrypted using the private key of the election itself that was split using shamir secret sharing (eg 5 out of 7 shares to reconstruct)
the thing that’s not clear from the article and it’s a shame is that it seems the failure was the hardware (the 3 USB keys) not the election software. This could be simply avoided by having redundancy on the hardware (2 USBs per share) or more shares themselves (5 out of 9 shares)
Weirdly this reminds me of the Raft consensus protocol: two nodes cancel each other when failing consensus as you can't tell which is the valid one, three gives you better chances, if one fails you have the other two that can get consensus. Of course in the off chance you have two failures you cannot get consensus with the only living node. Adding another two nodes make you robust to two failures.
Now replace fail with lying and you have the exact same problem.
this. Let’s not confuse meanings. There are multiple ways to improve quality of code. Testing is one, code review is another. this belongs to the latter
I'm located in Barcelona, and yesterday lot of transactions on mini markets / pharmacies were not possible because the item prices were unknown, adding to the fact there was no phone lines available to reach out.
That's because by definition it is not going to be "major" problem since the unit test acted as gateway before it got pushed to production, instead you'll probably be 'meh' and fix it once the unit test fails.
This reminds me the saying of a manager arguing why do we need so many SREs since the system is working fine.
I’ve actually talked with ChatGPT and asked it both to output mairmaid diagrams of discussed architecture (context was kubernetes clusters, namespaces and Pods) and also read diagrams and convert them correctly to kubectl commands to build the diagram.
likewise e-voting systems pass through cryptography experts auditing to verify it does what it says it does.
said that the voting solution can also provide cryptographic proof that your vote was unaltered, and accounted for, without need to expose your actual vote.
the claims about database altering, are also false as the vote is cryptographically signed and unalterable.
also there is another feature where you can recast vote on top of your previous one and the last vote will be the valid one. This is crucial for countries where the bad guys can come at your place and under distress (gun) force your vote. you can then recast safely invalidating the forced vote.
e-voting solutions is really interesting and in an alternate reality I think we could have had a mainstream e-voting and more even direct-democracy vs our current democracy by proxy (elected officials)
reply