Secure, Secret, and Publicly Verifiable Voting

To: debian-vote@lists.debian.org
Subject: Secure, Secret, and Publicly Verifiable Voting
From: "Barak A. Pearlmutter" <barak@pearlmutter.net>
Date: Sun, 6 Mar 2022 11:31:22 +0000
Message-id: <[🔎] CANa01B+8+yd92A1_e8fn+F7Ta7yDZ1ncuRdxh6z_zH+5JK6smQ@mail.gmail.com>

In the discussion of the "voting secrecy" resolution, people seem to
have assumed that it is impossible for a voting system to be
simultaneously secure, tamper-proof, have secret ballots, and also be
end-to-end publicly verifiable meaning transparent verification of the
final tally, with voters able to verify that their own vote was
properly counted. (Our current system does not have secret ballots,
but does embody the other properties.)

As it turns out, magic cryptographic fairy dust allows *all* these
properties to coexist. This is not to say that we *should* have secret
ballots. Just that we *could*, without sacrificing transparency etc.

Some references:

* https://en.wikipedia.org/wiki/End-to-end_auditable_voting_systems

* D. Chaum, "Secret-ballot receipts: True voter-verifiable elections,"
in IEEE Security & Privacy, vol. 2, no. 1, pp. 38-47, Jan.-Feb. 2004,
doi: 10.1109/MSECP.2004.1264852.

* https://www.newyorker.com/news/the-future-of-democracy/can-our-ballots-be-both-secret-and-secure

* Josh Daniel Cohen Benaloh. 1987. Verifiable secret-ballot elections.
Ph.D. Dissertation. Yale University, USA. Order Number: AAI8809191.
URL https://www.microsoft.com/en-us/research/publication/verifiable-secret-ballot-elections/

Reply to:

Follow-Ups:
- Re: Secure, Secret, and Publicly Verifiable Voting
  - From: Adrian Bunk <bunk@debian.org>
- Re: Secure, Secret, and Publicly Verifiable Voting
  - From: Russ Allbery <rra@debian.org>

Prev by Date: Re: Reaffirm public voting
Next by Date: Re: GR Ballot Option: Allow, but do not require, secret voting
Previous by thread: General resolution: voting secrecy
Next by thread: Re: Secure, Secret, and Publicly Verifiable Voting
Index(es):
- Date
- Thread