* Re: [gentoo-project] Re: [gentoo-project] Gentoo Council Elections Results for term 2014-2015 [not found] <20140717164843.07C80E0938@pigeon.gentoo.org> @ 2014-07-17 17:13 ` Rich Freeman 2014-07-17 17:49 ` Manuel Rüger 0 siblings, 1 reply; 5+ messages in thread From: Rich Freeman @ 2014-07-17 17:13 UTC (permalink / raw To: gentoo-project On Thu, Jul 17, 2014 at 12:48 PM, email@missionaccomplish.com <email@missionaccomplish.com> wrote: > Elections should not be transparent, voters should be anonymous so that > people are more likely to actually vote. Tend to agree. I was actually thinking of ways to improve upon things. One thought I had was an e-cash like system. Voters would be given credit to make a single vote in the form of an e-cash-like token, with a serial number. The user generates the serial number, and the voting system would not know who has what serial number, but it would know that legitimate users can only generate one each. Then voters would give the token to the voting system and record their vote. The master ballot would include the serial numbers, so voters could check that their ballots are present, and assure themselves that the total count looks OK. The software itself could be something standard - there are lots of solutions already out there. The only thing that would be tweaking is that we need software to sign tokens, and software to check/redeem them. In case anybody isn't familiar with e-cash, the principle is this: 1. You generate 1000 tokens with unique serial numbers and encrypt them all with 1000 private keys and give all the encrypted tokens to the "bank." 2. The bank picks 999 of the tokens and asks you to send their corresponding private keys. The bank checks that all 999 are valid, and you get in trouble if any aren't. 3. If all are valid, then the bank signs the 1000th token blindly and sends it back to you. 4. You then decrypt the signed token - the algorithm preserves the signature integrity and ensures that the bank can't ID the decrypted token using its knowledge of the encrypted token. 5. You can then spend the token, which has an intact signature from the bank validating it. I'd have to dig up the details of how it works, but the idea is that the bank can sign a token without actually seeing its content, while being assured that the content is valid. Overkill perhaps, but an algorithm like this would allow people to anonymously vote in a secure manner. The medium that data is exchanged in could be whatever we want it to be. Generating the token is somewhat interactive, but submitting the ballots is one-way so it could be email, file drop, web, whatever. The token could include a public key for validating a ballot as well. Just some random thoughts. Rich ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [gentoo-project] Re: [gentoo-project] Gentoo Council Elections Results for term 2014-2015 2014-07-17 17:13 ` [gentoo-project] Re: [gentoo-project] Gentoo Council Elections Results for term 2014-2015 Rich Freeman @ 2014-07-17 17:49 ` Manuel Rüger 2014-07-17 19:22 ` Ulrich Mueller 0 siblings, 1 reply; 5+ messages in thread From: Manuel Rüger @ 2014-07-17 17:49 UTC (permalink / raw To: gentoo-project -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 07/17/2014 07:13 PM, Rich Freeman wrote: > On Thu, Jul 17, 2014 at 12:48 PM, email@missionaccomplish.com > <email@missionaccomplish.com> wrote: >> Elections should not be transparent, voters should be anonymous >> so that people are more likely to actually vote. > > Tend to agree. > > I was actually thinking of ways to improve upon things. > > One thought I had was an e-cash like system. Voters would be > given credit to make a single vote in the form of an e-cash-like > token, with a serial number. The user generates the serial number, > and the voting system would not know who has what serial number, > but it would know that legitimate users can only generate one > each. > > Then voters would give the token to the voting system and record > their vote. The master ballot would include the serial numbers, so > voters could check that their ballots are present, and assure > themselves that the total count looks OK. > > The software itself could be something standard - there are lots > of solutions already out there. The only thing that would be > tweaking is that we need software to sign tokens, and software to > check/redeem them. > > In case anybody isn't familiar with e-cash, the principle is this: > 1. You generate 1000 tokens with unique serial numbers and > encrypt them all with 1000 private keys and give all the encrypted > tokens to the "bank." 2. The bank picks 999 of the tokens and asks > you to send their corresponding private keys. The bank checks that > all 999 are valid, and you get in trouble if any aren't. 3. If all > are valid, then the bank signs the 1000th token blindly and sends > it back to you. 4. You then decrypt the signed token - the > algorithm preserves the signature integrity and ensures that the > bank can't ID the decrypted token using its knowledge of the > encrypted token. 5. You can then spend the token, which has an > intact signature from the bank validating it. > > I'd have to dig up the details of how it works, but the idea is > that the bank can sign a token without actually seeing its content, > while being assured that the content is valid. > > Overkill perhaps, but an algorithm like this would allow people to > anonymously vote in a secure manner. The medium that data is > exchanged in could be whatever we want it to be. Generating the > token is somewhat interactive, but submitting the ballots is > one-way so it could be email, file drop, web, whatever. The token > could include a public key for validating a ballot as well. > > Just some random thoughts. > > Rich > There are already existing anonymous end-to-end verifiable voting systems, e.g. Prêt à Voter ( http://www.pretavoter.com/publications/PretaVoter2010.pdf ). So there's no need to invent the wheel again. In short it could work like this: Candidates list: A B C D ==== "OnionA" Each election official (one after another) permutes the candidate list, and crypts it into the onion (which stores the original candidate order). The voter gets a ballot form looking like this: B A D C ==== "h(g(f(Onion)))" She then makes her choices and splits the candidates from the form. 3 2 4 1 ==== "h(g(f(Onion)))" Encrypts it with the public key of the election official that permuted it at last and casts her vote. The official receiving the vote, looks at the onion undoes her permutation on the choices, publishes it and sends it to the next official (who does the same) until the initial ballot-creating official gets the candidate list and publishes it. As long as the election officials don't cooperate and share their knowledge, your vote is kept secret. Cheers Manuel -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQJ8BAEBCgBmBQJTyAykXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ4MDA1RERERkM0ODM2QkE4MEY3NzY0N0M1 OEZCQTM2QzhEOUQ2MzVDAAoJEFj7o2yNnWNcPVQP/1LND2QGiJHa5FwvWwLRcLMm NCxLh4aG37xu7eRcyPFQD6+EaLOl9FRpc7hY62Z421u0MMRBiGqiBOoQw8zbYSMd YXcJN6GcShBh8VXD4ru+38kaJ7EszdoBHfAMdApbO+gh0PN4VDOgQRArWTMikNjp 9l3B36aTvW3wEwlOENSDIDZR0LLMvr8No9wMIfLYGRNHX0g2guQpcBiVYnLoVps3 rJGQxPuMWccl35fk40eoJl2tLU8w4LXhH6JwOOEmqypQYYG8BHzTOdK0yw1YcSR2 +Pd6QlR0WvoLAMbKtYmNIDXkr323L7XBl/u4hH5l/IM87I6k5qiAsUHuJe1/TC2o YGxyWXFrxEYzYMaaN9M0r96RQTv1BumZAFHlpA+K/NENe+PVzkEDLMmIw6yDRNdA wbdYF8lcuH0aKW2AMhqlQnX8veoAr0W/+QCIehNqELyhSWLGIm97gLd8/fBWEgc8 ozvaMkfb/9F/UxRBQlqH9BYvq+/FBXRUwakU6KVA7Ri2/vhn75RNQMZjVbYix49M GsEuS1tfhVABnlxciTchwXfUxlBifatUkaHVkYalkpxNUtl5pCs1zpWI7SKi1m5W 44bd1aEeFxkKu0DP7y3F9uG8hU4OUqyT2H/1QocJAp4FZ0zyjqUDeVPWOwrCBRPZ R6NVyxCmy/sLBpK1lamW =0nf9 -----END PGP SIGNATURE----- ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [gentoo-project] Re: [gentoo-project] Gentoo Council Elections Results for term 2014-2015 2014-07-17 17:49 ` Manuel Rüger @ 2014-07-17 19:22 ` Ulrich Mueller 0 siblings, 0 replies; 5+ messages in thread From: Ulrich Mueller @ 2014-07-17 19:22 UTC (permalink / raw To: gentoo-project [-- Attachment #1: Type: text/plain, Size: 485 bytes --] >>>>> On Thu, 17 Jul 2014, Manuel Rüger wrote: > There are already existing anonymous end-to-end verifiable voting > systems, e.g. Prêt à Voter ( > http://www.pretavoter.com/publications/PretaVoter2010.pdf ). > So there's no need to invent the wheel again. We have used Helios Voting [1] for the latest election of the QA team lead, which is a system very similar to the above. It doesn't support Condorcet voting, though. Ulrich [1] https://vote.heliosvoting.org/ [-- Attachment #2: Type: application/pgp-signature, Size: 490 bytes --] ^ permalink raw reply [flat|nested] 5+ messages in thread
[parent not found: <20140717164842.84127E091D@pigeon.gentoo.org>]
* Re: [gentoo-project] Re: [gentoo-project] Gentoo Council Elections Results for term 2014-2015 [not found] <20140717164842.84127E091D@pigeon.gentoo.org> @ 2014-07-17 16:53 ` Alex Xu 0 siblings, 0 replies; 5+ messages in thread From: Alex Xu @ 2014-07-17 16:53 UTC (permalink / raw To: gentoo-project [-- Attachment #1: Type: text/plain, Size: 407 bytes --] On 17/07/14 12:48 PM, email@missionaccomplish.com wrote: > Elections should not be transparent, voters should be anonymous so that people are more likely to actually vote. 1. please don't top-post 2. please use the standard -- before signature. 3. not that everyone actually voted anyways. only ~34% turnout, which is more than 22% worse than the 2012 US presidential election turnout of ~57.5%. [-- Attachment #2: OpenPGP digital signature --] [-- Type: application/pgp-signature, Size: 819 bytes --] ^ permalink raw reply [flat|nested] 5+ messages in thread
* [gentoo-project] Re: [gentoo-project] Gentoo Council Elections Results for term 2014-2015
@ 2014-07-17 16:48 email
0 siblings, 0 replies; 5+ messages in thread
From: email @ 2014-07-17 16:48 UTC (permalink / raw
To: gentoo-project, gentoo-project
[-- Attachment #1: Type: text/plain, Size: 1327 bytes --]
Elections should not be transparent, voters should be anonymous so that people are more likely to actually vote.
Thank you,
Fernando Reyes
GPG BDD75DD7
Mission Accomplish, Inc.
http://missionaccomplish.com
Email: design@missionaccomplish.com
Tel: 7187100008
Cell: 3479275477
----- Reply message -----
From: "Alexander Berntsen" <bernalex@gentoo.org>
To: <gentoo-project@lists.gentoo.org>
Subject: [gentoo-project] Gentoo Council Elections Results for term 2014-2015
Date: Thu, Jul 17, 2014 11:59 am
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 17/07/14 16:26, Rich Freeman wrote:
> Sure, as much process as technical, but if the elections team is
> looking for something to keep them busy until next year, this might
> be worth some attention. It is also the sort of thing that anybody
> could contribute to.
There's another technological and sociological solution to be
considered: defining the problem out of existence. I.e. make elections
transparent.
- --
Alexander
bernalex@gentoo.org
https://secure.plaimi.net/~alexander
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iF4EAREIAAYFAlPH8uoACgkQRtClrXBQc7XWLwEAjlvEHEapSqziv8esqRSfeUYH
l/WTqlTI39vfBrJ4Qs4BAI3fud3tzeKoHfZ0Z4pvK8oDQaDv035SjRNNH7atlegP
=vQQa
-----END PGP SIGNATURE-----
[-- Attachment #2: Type: text/html, Size: 1539 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in threadend of thread, other threads:[~2014-07-17 19:22 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <20140717164843.07C80E0938@pigeon.gentoo.org>
2014-07-17 17:13 ` [gentoo-project] Re: [gentoo-project] Gentoo Council Elections Results for term 2014-2015 Rich Freeman
2014-07-17 17:49 ` Manuel Rüger
2014-07-17 19:22 ` Ulrich Mueller
[not found] <20140717164842.84127E091D@pigeon.gentoo.org>
2014-07-17 16:53 ` Alex Xu
2014-07-17 16:48 email
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox