Tuesday, November 6, 2012

Internet voting

Here's how I would do internet voting.

The objectives are: voting should be anonymous, verifiable, support any system (instant runoffs would be nice), and early voting/revoting should be allow. Also only those allowed to vote should be able to cast a ballot.

First, you have to know what a public/private keypair is.

For our purposes, a keypair consist of a private key and a public key. A computer program generates the two of them. The private key must never be shared. The public key is shared with the world.

The private key can be used to sign things. The public key can be used to verify a signature. If a signature verifies, it must have been signed by whoever has the private key.

First, we give every voter a custom device that is similar to a USB key. Or maybe they have to purchase it from a vender. Either way, they have to have this device to vote using this system.

The USB key isn't a normal USB key. It contains keypairs. It doesn't allow you to access or copy the private key, instead it allows you to submit data to be signed, and it returns a signature. It has a few other operations, as required to implement the scheme described here. We'll call the USB device a Voting Key, or VK for short.

The voter takes their VK down to the courthouse or DMV. The VK has a keypair on it that identifies the voter. The clerk checks the voter's ID, and then inserts the VK into their computer. They copy public key and sign it with their own key, and upload it to their server. At the same time, the voter enters a password or passphrase into the computer.This process only has to happen once per voter. They can repeat it if they lose or break their VK.

Now they go home, go onto their computer, and vote. Here's what happens.

The voter inserts their VK into their computer. They have or install a special driver. They load a program or go to a special website. The first step is to obtain a ballot.

Their VK contains 1000 additional keypairs preloaded on it. (Or maybe they're generated after it's purchased.) These keypairs serve as ballots.

The program uses the VK and gets the public key of a new ballot. It signs the ballot with the voter's public key, and then sends this as a request to the server. The voter also enters his password, and this is hashed with a nonce and included in the request, to provide two-factor authentication. The server marks the voter as having obtained a ballot, and adds the ballot public key to a (publicly accessible) list of valid ballots for this election. It also signs the ballot, marking it as valid.

The original signature of the ballot by the voter's public key is then discarded, and never made public. The server software will have to be carefully audited to ensure this happens. In this way, we're ensuring only registered voters can vote, but we are also keeping the ballots anonymous.

The server will refuse to sign a ballot if one has already been issued for this election, if the voter is dead, or if he's lost the right to vote. In this way we have ensured only people allowed to vote can vote.

The voter then uses the program to obtain the items he's voting on, makes his choices, and submits. The VK then uses the ballot private key to sign the filled out ballot, and this signature is uploaded to the server.

All of the completed ballots are made publicly accessible.  The voter can download all of the ballots, and the program can determine the election results. The voter can determine that his ballot is amount those cast and that is is correct. But no one without access to the voter's VK can tell which ballot belongs to the voter.

If the election date isn't past yet, the voter can at any time recast his ballots, making different choices. The program uploads a new ballot. The ballot contains a sequence number, and the server signs it with a timestamp, and rejects invalid ballots or ballots with lower sequence numbers. In this way, we can allow early voting and allow changing your vote up until the closing of the polls.

Then, instead of replying on polls and surveys, we can watch the actual election results in real time, starting maybe 90 days before the end of the election. Instead of "go out and vote or your guy might lose!", it will be "your guy is losing, go vote!".

The format of the cast ballot is mostly unspecified here. That's because it doesn't matter, the system works regardless of what it is. In that way, it should work with any alternative voting system we want to use.