Kluwer Academic Publishing. Collection of Papers edited by Dimitris A. Gritzalis
Douglas W. Jones : Evaluation of Voting Technology. Personal Site. A review of prevalent voting technologies (Australian paper ballot, lever machine, punched card, optical-scan and direct recording), discussions of their origin, strength, weaknesses and applications. Also reviews vote counting methods, precinct based versus central based schemes and their strength, weakness and application.
Lorrie Faith Cranor: In search of the perfect voting Technology : No Easy Answers Personal Sites. Lorrie’s review, similar to Douglas’ looked at existing technologies, although with more human perspective, borrowing from her own experience in designing election systems.
Rebecca Mercuri, Peter Neumann: Verification for Electronic Balloting Systems Personal Sites : Mercurri and Nuemann . Three sets of data type are used during an Election; Ballot data, Voter information and the Vote. The title and abstract of this paper leads one to expect a review of ballot validation , but the paper is indeed a survey of existing voting technology with more depth into the technology for verification and validation of election system. The paper, as on will expect from the authors, weighted in strongly for paper verification of election (a proposal I still find hard to justify), and it provides a synoptic view of some of the vulnerabilities in voting systems.
Lilian Mitrou, Dimitris Gritzalis, Sockratis Kastikas and Gerald Quirchmayr.: Electronic Voting: Constitutional and Legal Requirements, and their Technical Implications. Personal Sites: Mitrou , Gritzalis , Katsikas, and Quirchmayr. Elections are essentially a legality issue and various legal frameworks are neccesary for the results of an election to be acceptable both for public and private entities. This paper (or chapter) reviews some of the partinent legal requirements and considerations for electronic voting system. The key factor here is that legal requirements are by far some of the most critical hurdle in realizing electronic voting. As the paper explores the issue, one is bound to ask the following questions:
- Why do we think Electronic Voting is less secure than paper or other tradditional voting?
- What is the measure of security in paper voting and what should be the measure in electronic voting.
- Aren't we upping the ante for security an reliability when we discuss electronic voting?
Mike Burmester, and Emmanouil Magkos: Towards Secure and Practical E-Elections in the New Era. Personal Sites Burmester, and Magkos. A preview of elementry sceurity considerations for secure electronic voting, the paper makes a general distinction between e-voting(based on electronic systems including DRE) and i-voting(incorporating the internet as a communication mechanism). This paper (or chapter) explores four popular cryptographic voting schemes including mix-net, blind-signature, Benaloh and general homormorphic encryption. Each of these schemes it is needless to say have grave limitations when considered for practical multi-election, mult-issue and multi-jurisdiction election (as the elections in the US and many places are). Paper also explores concepts such as bulletin boards (open channels), anonymous channels, threshold cryptographic mechanisms (for preserving integrity of ballot from malicious administrator(s)?), zero-knowledge proofs. It also attempts to highlight the discuss of receipt-freeness(protecting system from malicious voter) and uncoercibility(malicious candidate/candidate agent). Vote Selling is a critical issue that many paper-audit system have not addressed. The standard paper-audit attempts to provide protection against a malicious system at the expense of malicious candidate and voter(uncoercibility and receipt-freeness).
Ivan Damgard, Jens Groth, Gorm Salomonsen: The Theory and Implementation of an Electronic Voting System. Personal Sites:- Damgard, Groth, and Salomonsen . The authors developed hormormorphic e-voting schemes, expanding the zero-knowledge proofs and mathematically demonstrating the feasibility of these schemes for large scale elections. Like previous chapters in this book, one will find out that cryptography alone is far from sufficient for secure electronic voting, physical security controls, legal controls and infrastructure implementations (not mentioned here) are some of the the other issues to consider. What roles will Public Key Infrastructure play in an e-voting architecture?
Costas Lambrinoukadis, Dimitris Gritzalis, Vassilis Tsoumas, Maria Karyda, Spyros Ikonomopoulos: Secure Electronic Voting System: The Current Landsacpe . Personal Sites:- Lambrinoukadis, Gritzalis, Tsoumas, Karyda, Ikonomopoulos. Two quotes from this chapter comes to mind
- -- " The employment of electronic voting system for organizing and conducting large-scale elections in a secure way is feasible, provided that certain deficiencies of existing voting protocols are succesfully addressed..."
- --"The (current) situation is also demonstrated by the fact that none of the existing voting protocols supports in an acceptable way, the entire list of requirements with which the voting protocols of a secure electronic voting system is expected to comply."
Comming after a comprehensive review of existing voting protocols and a review of 'security requirements', the above quote both capture the dilema of the authors as well as the view of many industry experts. However, a point that one will see from the chapter is the fact that the requirement is more jurisdictional than universal. The authors also provided a comparison of voting protocols with respect to the identified security requirements.
The last section of this volume, titled Capability and Limitations presents several works as described bellow:
Roy G. Saltman : Public Confidence and Auditability in Voting Systems . Personal Site:- Saltman. Audit provides, or should provide a measure of correctness of the voting system at some or any stage in the system. Tangible ballot (rereferd to simply as voting with Ballots or other artifacts, here) system tend to leave some easily auditable residue, which may be usefull in the event of a recount. As the 2000 presidential election demonstrated , the utility of these artifact can also be limited by their design!!! DRE (Direct Recording Election) systems tend have been designed with some form of paper receipts or the other (where requested) or are capable , or should be capable of retained EBI(Electronic Ballot Images). But how usefull are these images or related artifacts in the face of a mallicious attack perpetrated by some party who have the means and the motive to change the voting logic? The answer will depend on other issues such as the proceedures in place, such as random review of a specifc percentage of votes from a given precint? Saltman's paper provide some critical incentive for evaluating the concept of auditability in an election system, in general.
Aggelos Kiayias, Moti Yung: Robust Verifiable Non-Interactive Zero-Sharing, a plug-in utility for enhanced voters' privacy. Personal Sites:- Kiayias, Yung. The authors presented their utility, which is expected to be an add-on utility to many homormorphic voting protocol and one that should improve voter privacy. The scheme itself relies on homormorphic probabilistic encryption function and the use of blind shares to ensure that the voter's choice can be tallied but not mapped back, except when all other voters are in collusion.
Rene Peralta: Issues ,None Issues , and Cryptographic Tools for Internet-Based Voting. Personal Site:- Peralta. A 'practical' protocol for internet voting is presented, which relies on public key cryptography (like all others before it), but in a rather simplistic manner. Much of the secuirity of the system on the other hand depends on 'secure' proccedures' such as ballot being transmitted via mulitple channels, and multiple instances of the ballot being created, and tallying being done at the end of the voting (no increamental tallying). This work adopts the concept that voting on the internet is not just about the voting technology, but about the whole system.
Ed Gerck: Private, Secure and Auditable Internet Voting. Personal Site:- Gerck. A voting system requirement is both a function of the times as well as a function of the environment. Gerck presented a timeline cycle of the process (few processes are out of sync, imo) and proceeds to develop some requirements. An important concept he harps on is that election systems must not provide a voter with a receipt. This is to prevent massive vote selling; A major threat to any democracy, more so in poor neighborhood, or in scenarios where voters are suceptible to several malicious influence. This is in complete disagreement with the view of many so called "Computer Security Specialists" who have continued to canvass for voter receipts. Some industry observers have instead called for simple paper audit, but not a voter receipt. It is instructive to note that in the absence of other proceedural controls as well as technological controls, receipts or evn paper trails have limited utility. (Same as traditional system audit logs: They are useless when not regularly reviewed, analysed and corrolated). Gerck proceeded to present is Distributed Voting System (DVS) which design was to demonstrate the feasibility of conducting an electronic voting system over the internet. To be effective, an electronic voting system should be a complement to legacy systems, at least initially. DVS use of popular open source packages makes it an interesting system for review.
Alexander Trechsel, Fernando Mendez, Raphael Kies : Remote Voting Via the Internet. Personal Sites:- Trechsel, Mendez, Kies. An overview of a recent experiment in Internet voting accross Switzerland. The switzs have already implemented a very successful absentee voting system and their experience , coupled with the experience of the United States Democratic party in Arizona, during the 2000 presidential primaries (later called a sham by some), promted a closer look at an internet based voting system. The primay goal: increase citizen's participation. The authors discuss some of the policy and perception issues that need to be addressed in other to ensure a successful implementation. More importantly, the author suggested a solution (similar to what my advisor, Dr. Richard Dean, had suggested independently to me earlier) to the voter coercison problem or system availability problem. Provide for alternate poll booth voting. The Switz current election system allow for mailed in ballot or a visit to the local polling booth. The Switz study does favor implementing an electronic voting system, even with online political communities to energize the citizen's civic debate and participation. One important fact is that success of any electronic voting system will depend largely on the perception of the citizens on the security and reliability of the system.
Danilo Bruschi, Giusi Poletti, Emilia Rosti: E-Vote and PKI's: A need, bliss or a curse. Personal Sites:- Bruschi, Poletti, Rosti. What is the role of Public Key Infrastructure on electronic voting system? Well, for one pki has become the defactor mechanism for providing confidentiality and integrity in a large scale multi-user, multi-system and distributed environment. eCommerce, today, is most furthered by the implementation of cheap public key system using easily available ssl library for web-browsers. The debate rages on about the success and practicality of a true public key infrastructure. IMO the basic compoenents all currently exist. Anyway, the authors presented the debates on the many roles public key cryptography play in evoting protocols and the likely impact of this reliance on a practical voting system.
David Chaum: Untraceable Electronic Mail, return Address and Digital Pseudonyms. David Chaum is a leading light in the development of cryptographic voting protocols. He presented an electronic voting system based on a modified (simplified) mix-net, with encrypted email as the trasport engine, using public key cryptosystem. Although the primary goal is to demonstrate the utility of the protocol for secure electronic voting them provides both individual verfiability and privacy.
No comments:
Post a Comment