Allowing Open, Secure and Anonymous Electronic Voting for your Government! /--evilbitz
I thought about a neat open-source project that might solve some electronic voting issues and may be used the reflect the opinion of the people that are managed by a certain government.
The Problem
performing a Referendum on a certain subject is a costly procedure that governments may do from time to time to grasp what is the opinion of the people on a certain idea/subject. The internet (along with information security) can make this cheaper and being used on a more frequent basis.
I’m not aware of any project that is being used in practice to solve this issue but I guess this problem was addressed by lot of people/organizations before me. Even if there are Academic definitions on this subject, I haven’t seen anything that provides what I’m about to unveil.
I here by give a design for such an open source project that may be used to solve this problem while keeping in mind that there are lots of problems that are related to information security.
Who should use this?
- Governments
- Companies
- Organizations
- Etc..
Features and Goals
The system should let millions of users in a group or citizens of a certain state to express their opinion in an anonymous way, the results of such a referendum should be transparent to anyone who wishes to count the voices. The government should have control of the questions asked but it may not alter or forge any vote.
So, to sum everything:
- Mass – Allowing millions of users to vote
- Communication – Voting is done electronically via the internet
- Security – no forgery can be done, not by the government, not by the citizens and not by any external party
- Anonymity – All votes are counted anonymously –> The government may have access to who voted
- Transparency – Also desired as a feature but is also a tool used to enable anonymous voting
Anti-Forgery
- Votes should be visible to anyone
- Votes should be carried out anonymously
by anonymously, I mean that the government knows but the rest of the citizens doesn’t - Anyone can count the votes and validate that his own vote was counted
- The goverment will not be able to alter votes made by citizens
- The government will not be able to add “sock-puppet” votes to reflect a false opinion of the people
- Citizens can vote once per question, and may have time to change their opinion
Technical Implementation
Both Client and Server must be open source, the security of this mechanism should always be questioned and further development may be accepted and embraced by everyone. Guess how the development of features will be managed?
Entities
- Government (G) – the organization, controlled by the citizens
- Citizen (C) – the user, member of a group
- Validator (V) – An external, trusted server managed by the open-source community
Processes
- Citizen is issuing a key pair (see PKC) and send his public key to the government for authorization
- Citizen is added to the pool of allowed voters
- Citizen may be given a cheap dongle or a piece of hardware to keep his private key safe
- Other methods can be incorporated (that’s not the point
) - Government issues a question/referendum to all the citizens
- Citizens can view and vote
- Every question has a TTL (Time To Live – 3 days, for instance)
- Citizen votes. When the citizen votes
- The client asks the citizen to provide a unique passphrase for this particular vote, so later on the citizen would have the ability to check whether his vote was counted.
- The client sends the citizen’s vote to the government server which is then being validated using the citizen’s public key
- The client updates the Validator (a count server which is managed globally, outside of the control of the governement). The validator keeps track of the number of votes issued per question.
- Viewing of a vote’s result
- Per each referendum, a list of votes is appeared and near each vote, the unique passphrase. This way, each citizen can validate that his vote was counted.
- The Validator keeps track on the number of votes, thus not allowing not legitimates votes to be counted
- The Validator should act as a certificate authority
Final Utopia
Such a system may be used by any group members – it is secure, open and anonymous, just the way we like it in the 21st century. It isn’t costly and the maintenance is cheap. Questions may be raised more frequently by head of organizations or governments and it is letting the people decide what is best for them. It is a way of applying a true democracy that is consisting of millions of individuals.
And as always, the finale is something megalomaniac –>The UN may use this kind of system to hear the opinions of ALL people on earth
Posted in random | Be The First To Comment!