Re: Voting Security (was: The Next Genaration)

Joe Abley <jabley@hopcount.ca> Thu, 12 September 2019 18:20 UTC

Return-Path: <jabley@hopcount.ca>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 155E4120219 for <ietf@ietfa.amsl.com>; Thu, 12 Sep 2019 11:20:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.996
X-Spam-Level:
X-Spam-Status: No, score=-1.996 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=hopcount.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NOMxkcsE7F5N for <ietf@ietfa.amsl.com>; Thu, 12 Sep 2019 11:20:53 -0700 (PDT)
Received: from mail-io1-xd2a.google.com (mail-io1-xd2a.google.com [IPv6:2607:f8b0:4864:20::d2a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 783E812020A for <ietf@ietf.org>; Thu, 12 Sep 2019 11:20:53 -0700 (PDT)
Received: by mail-io1-xd2a.google.com with SMTP id k5so31803866iol.5 for <ietf@ietf.org>; Thu, 12 Sep 2019 11:20:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hopcount.ca; s=google; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=aOHdftzg5oqJcH9pkIHYwUTLwzIttpn4KPDXFYiB0JM=; b=CwFpz3inDWsluv43W288VomCB5BIAy+mFpNR9iHbZYNZufHT0w7Ts8SUzJnjlBrkxW aoRwT26HvcXaNqr0M0Rkb9w4C7+qUJKpHTatbR9bHOvOwudCpAQz2PRfkfI26CYdxXdE kQA4bNuiuKKT4t3ae4e2FbU9WimXaaqAq8GAo=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=aOHdftzg5oqJcH9pkIHYwUTLwzIttpn4KPDXFYiB0JM=; b=E6wjkpRZriuu45VLJc5fbgdDMo7/+/A32d1Ihw8OmISg1dMStIkzgxElChU2QsnjBW pdWFznEpPAr7gTp1KWklCeJaTqO5F4GcnBLRWqa5qec4isNK80m5z15EEy2zz4AlQAkT 2VLI33gDFX4cVcLLKxbGs5vyDJ0Lc412Q4Cz8fdA93zzzTjzbNWKunW+mF2KMeeOsYT2 JrVydK6ZP6M7G7lyCza7Ujf2NtgRksl9aJLgFdbgH+RWYrguijc6mE0jfjoDrYyKvNJj m0O1XTDSEe7aSM6k+iuP1/apd6dlGtPnf23DgwnMIFgc31UTbRlIR36qG1/HhunbDWxN XuoQ==
X-Gm-Message-State: APjAAAWGj6ZA1YKLMtm6jKcAvhIPkBFl4BBXm+LvRIT5dw5CvmtdYWh/ /83kY6inT+srACoSwThfFmXaeA==
X-Google-Smtp-Source: APXvYqzjhAr+KXi2nj+x60N8zK7UCtqTMOqniA9PmMu01224hHytWzPGlUUFlArHjxnS534Wnd2JSg==
X-Received: by 2002:a5d:9842:: with SMTP id p2mr1051926ios.226.1568312452555; Thu, 12 Sep 2019 11:20:52 -0700 (PDT)
Received: from ?IPv6:2607:f2c0:e786:128f:8913:6b55:bb34:d282? ([2607:f2c0:e786:128f:8913:6b55:bb34:d282]) by smtp.gmail.com with ESMTPSA id s22sm19465919ioj.71.2019.09.12.11.20.50 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 12 Sep 2019 11:20:51 -0700 (PDT)
From: Joe Abley <jabley@hopcount.ca>
Message-Id: <B7BC79DD-617E-4FFA-A414-76C5C0287C00@hopcount.ca>
Content-Type: multipart/signed; boundary="Apple-Mail=_D36CE310-01E2-46F4-ADAB-4602E25ADDC8"; protocol="application/pgp-signature"; micalg=pgp-sha1
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Subject: Re: Voting Security (was: The Next Genaration)
Date: Thu, 12 Sep 2019 14:20:49 -0400
In-Reply-To: <CABcZeBMp7dzvTGnPTk=q79pf5KYiMd0eepEXiyFw=imPNkSfBg@mail.gmail.com>
Cc: shogunx@sleekfreak.ath.cx, IETF Discussion Mailing List <ietf@ietf.org>
To: Eric Rescorla <ekr@rtfm.com>
References: <CAChr6Sz3j0iLGsB2bGvfitPzCkiTCJYHfmUF5S-8zPYMt1r+3A@mail.gmail.com> <6.2.5.6.2.20190911094010.0c933fa8@elandnews.com> <20190911194723.GC18811@localhost> <6.2.5.6.2.20190911131143.11401cb8@elandnews.com> <CAMm+Lwi2CDBCDUhMG7Z487G-BYVp4rRJ=YG73Z=M=TkZ=jaAbQ@mail.gmail.com> <alpine.DEB.2.21.1909121135080.32554@sleekfreak.ath.cx> <CABcZeBMp7dzvTGnPTk=q79pf5KYiMd0eepEXiyFw=imPNkSfBg@mail.gmail.com>
X-Mailer: Apple Mail (2.3445.104.11)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/HCA_qp6vF3poJesW8YkyiBHBYVg>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Sep 2019 18:20:56 -0000

On 12 Sep 2019, at 11:56, Eric Rescorla <ekr@rtfm.com> wrote:

> [Changing the subject line because this is a change of topic.]
> 
> On Thu, Sep 12, 2019 at 8:37 AM <shogunx@sleekfreak.ath.cx <mailto:shogunx@sleekfreak.ath.cx>> wrote:
> IMHO, if the interest is in protecting the democratic process, the first
> place we should look is the digital voting infrastructure, as that is the
> vector most abused.  Knowing what I do about network and computer security
> in general, I have come to the conclusion that hand counted paper ballots
> with a strong chain of custody are the only way to ensure a free and fair
> election.
> 
> This is pretty off-topic for IETF, but might be interesting to people.
> 
> I certainly agree that software independence (https://en.wikipedia.org/wiki/Software_independence <https://en.wikipedia.org/wiki/Software_independence>) is a good objective for voting systems, and hand-counted paper ballots are one good way to achieve that. However, there are voting environments where they are problematic. Specifically, because the time to hand-count ballots scales with both the number of ballots and the number of contests, in places like California where there a large number of contests per election it can be difficult to do a complete hand-count in a reasonable period of time.
> 
> One good alternative is hand-marked optical scan ballots which are then verified via a risk limiting audit (https://en.wikipedia.org/wiki/Risk-limiting_audit <https://en.wikipedia.org/wiki/Risk-limiting_audit>). This can provide a much more efficient count that still has software independence up to a given risk level \alpha.

The theory and practice of elections and the specific challenges with on-line voting is a whole ecosystem of its own with conferences, journals and an active community of academics, vendors and governments discussing a fairly broad spectrum from information theory, statistics and cryptography through to operational and platform security, software quality, public policy and law.

I am no expert in any of this but I happen to have an academic supervisor who is. If anybody would like an introduction to that world e.g. as an alternative to trying to reinvent it at the IETF, I'd be happy to make one.


Joe