Cryptography Reference
In-Depth Information
and technical reform seeking to restore the process to acceptable levels of
integrity. The combination of computer networks and cryptography should
have offered, as it promised with other paper-based protocols, previously
unmatched levels of mathematical security. Indeed, David Chaum identi-
fied voting as a cryptographic problem as early as 1981, and subsequent
research formalized it as a prime example of multiparty computation,
wherein
n
parties wish to calculate a function
f
(
n
) of their inputs (the
majority vote) while ensuring that each participant learns nothing beyond
her own vote and that a coalition of cheaters cannot corrupt the computa-
tion of
f
(
n
).
3
Yet initial reports on computer-based voting revealed fundamental
problems, with potential for damage vastly exceeding that of hanging
chads. The CalTech/MIT Voting Technology Project—a multidisciplinary
panel of political and computer scientists—noted that with respect to the
crucial issue of “residual votes”—that is, ballots that for whatever reasons
end up uncounted, unmarked, or spoiled—it appeared that “machine
voting, on the whole, has performed significantly worse than the paper
systems.”
4
As an infrastructure for voting, the Internet itself appeared far
from ready for prime time, with experts concluding that “Internet voting
. . . cannot be made secure for use in real elections for the foreseeable
future.”
5
The leading computer-based market solution, direct-recording
electronic (DRE) voting machines, elicited even greater concerns: although
such machines exhibited broad and pervasive susceptibility to fraud, they
operated as impenetrable “black boxes,” utterly opaque to inspection by
either voters or auditors. The overall and somewhat surprising conclusion
of these investigations was that “the best solutions are voting systems
having a 'voter-verifiable audit trail,' where a computerized voting system
prints a paper ballot that can be read and verified by the voter.”
6
Today, interest in voter-verifiable systems has unleashed a cryptographic
renaissance of sorts. The deployment of elections implementing
end-to-end
voting
(E2E), the ability for voters to verify their votes have been correctly
counted, has become crypto's newest social cause. It combines a practical
real-world issue with an interesting mathematical problem: how can one
issue a verifiable ballot to voters without providing them with the neces-
sary proof to sell their vote? A classic cryptographic conundrum, it has
generated a small research boom complete with conferences, books, field
trials, and a multitude of proposals for concrete systems.
7
Perhaps the most
