security and trustworthiness


Electronic vote has three kind of problems:

  1. Privacy problems.
    Votes must be kept forever absolutely anonymous.
  2. Security problems.
    Related with the action of voting (votes must be taken only from people having the right to vote, vote must be granted to everybody having the right to vote, votes must be collected, transmitted, and stored without any fraud.
  3. Reliability problems.
    Related to the way the votes are counted up and thus related to the question if we can trust the electoral results.

Let's assume we have already solved all the "privacy" and "security" problems. Even in this very optimistic case the "trustworthiness" problem still exists: we can't know if the announced results are correct. In other words who could ever certify the final tally of each candidate?

To address the "trustworthiness" problem ongoing studies and working prototypes propose to give the elector a way to check that his/her vote is properly recorded in the computer where votes are tallied up. This can be accomplished in various technical ways, but we should stop for a minute and ask ourself which is the purpose of verifying that our vote is recorded as we meant to.

Of course if we find out that our vote being improperly recorded, then we can "call the police" (will "police" trust us or the computer?), but if our vote is properly recorded should we be satisfied and therefore accept the results as good? Not at all since we still miss the prove that our vote (and those of each elector) is properly accouted in the final tally. Its a joke to program any computer to show electors their true vote and declare whichever result!

To certify the correctness of the final tally, we need all the following conditions:

  1. the accounting software is honest, faithful and secure
    This condition to be met needs the entire organization holding the election being honest, faithful and secure. We know that in real word this rarely happens, but we have been optimistic from the beginning (assuming we solved any "security" problem), so we can assume such a condition to be true.
  2. each vote has recorded a link to its elector to allow vote verification by their electors
    This poses big problems concerning vote anonimity
  3. all the electors verify their vote simultaneusly, at the precise moment when votes are counted up.
    obviously we'll never be able to accomplish such condition

We will never solve the "trustworthiness" problem of the electronic vote.

It means that electronic vote is a beautiful (and expensive) toy which symply it's not suitable for its purpose which is (supposed to be) the election of our representatives according to the popular will.

P.S. We would have only a few of the "privacy" and "security" problems and no "trustworthiness" problem at all if we could have the certainty that the whole organization which helds the elections is honest, faithful and secure. But, since people throughout history has done the worst action to get the power, we can't have such a blind faith regardless of the kind of the electoral organization (public or private, governmental or local) and regardless of the country we live in.

security and trustworthiness