Why Digital Signatures Are Not Signatures
November 15, 2000 5:59 PM   Subscribe

Why Digital Signatures Are Not Signatures "When first invented in the 1970s, digital signatures made an amazing promise: better than a handwritten signature -- unforgeable and uncopyable -- on a document. Today, they are a fundamental component of business in cyberspace. And numerous laws, state and now federal, have codified digital signatures into law. These laws are a mistake." -- Bruce Schneier, November Crypto-Gram
posted by lagado (5 comments total)
 
On the topic of sensible warnings from Schneier, Secrets and Lies contains a discussion of Internet voting. After a careful analysis from which he concludes that the "easiest" attack on even a small-scale election is to bribe the vast majority of the election judges, he points out that Internet voting is susceptible to just about every other attack he's spent the previous 18 chapter detailing.

His question about what to do if a fully electronic election has a problem -- "Reboot the election and try again the following week?" -- seems oddly prescient.

[on a barely releated note, yes, you can find this passage (start of chapter 19, pages 289-293) in the index, but you'll have to look pretty hard. It's under "fair elections."]
posted by grimmelm at 10:32 PM on November 15, 2000


A suggestion I saw somewhere to rectify possible (probable?) software problems that might occur in an electronic voting situation is to print out a receipt of the votes cast to be checked by the voter, and then put that receipt in a locked ballot box. If there were any question about the veracity of the vote as tabulated by the (buggy) software, a hand count could be held with the printed receipts. There would be no question about the intent of the voter, because the candidates names would be printed on the receipt. You could even put a bar code on the receipt so a different computer system could verify the results electronically.
posted by daveadams at 8:02 AM on November 16, 2000


Indeed. This would solve my worst problem with electronic elections: currently a vote is a physical object. There are several reasons for that, and more importantly, several assumptions based on it that provide elections with most of the 9 or 10 necessary characteristics an election must have.

In short: how in hell do you recount a person's finger touching a touchscreen?

I think I'm going to assemble all the best "why electronic voting ain't there yet" pieces off the web, pay to have them copied, and pay to mail them in physical envelopes to the 67 county supervisors of elections and the Florida Election Commission.

I've got a bar feeling about this... <tm>
posted by baylink at 11:57 AM on November 16, 2000


So, let the voter mark his physical ballot as usual, and then run it through a stand-alone scanner so that he can verify his vote and catch any discrepancies before dropping it in the box.
posted by harmful at 1:15 PM on November 16, 2000


Yeah... I'm thinking about ways to fulfill all the other requirements while still making the vote a physical object. I'm currently considering OCR readable characters on SX-70 film. It's fairly rugged, and has the resolution to do 2D barcoding to allow encrypted blind signatures. It's about 50-70 cents a shot, but it's probably cheaper in quantity.

And you could even color code the presidential vote to make manual recounts easier. :-)
posted by baylink at 7:21 AM on November 17, 2000


« Older Judiciary Seeks Public Comment on Internet Access...   |   The Great Pyramids at Giza have never been... Newer »


This thread has been archived and is closed to new comments