Про онлайн-голосование
В блоге Шнайера, кстати, обсуждается инициатива по электронному онлайн-голосованию на московских выборах: https://www.schneier.com/blog/archives/2019/03/russia_is_testi.html
Сам он пишет, что "bad idea" (дословно).
В комментах доставляет обилие брызжущих слюной троллей -- в диапазоне от "в России нет никаких выборов, и везде побеждает Путин!" и вплоть до "Россия хочет обзавестись лучшей выборной системой, чем у нас! Как они посмели!!"
Однако, есть пара годных комментов по существу -- один, пожалуй, даже перетащив к себе:
IC • March 12, 2019 1:56 PM
Not sure why the electronic/online voting system is insecure by definition, as seem to be implied by the post.
This is not applicable to the whatever thing Russians are implementing, but let’s assume the following…
1. Everyone has a voting ID or simply an electronic passport (which is a smartcard with it’s corresponding PIN or password). This voting ID or electronic passport contains a private-public key pair.
2. When someone wants to issue a vote, a unique ID for the elections is generated by the smart card (it’s a random number basically).
3. When the voter chooses and confirms an option, her vote and unique ID is signed by the private key alongside some additional info such as approximate time and place.
4. The unique ID, the vote, additional info and signature are sent to the election’s server and are validated against the public key (previously obtained from a valid voter ID/passport). Once the vote is verified, it is registered in the system.
5. The unique ID, the choice and additional info is printed on physical paper. The signature is printed as well as the hexadecimal string.
6. All of the above is also stored inside the voter ID/passport, so it can be retrieved later as well.
7. The vote is published on the public list, which is accessible for everyone for counting and vote verification. The voter can check his vote, unique ID and signature at any point in the future. The date and place of voting are approximate to ensure anonymity.
I do realize that the anonymity may be compromised when the vote is validated against the public key which is stored on some central server. Maybe one way to try to secure it a bit more is to have two distinct systems such that the voter ID and the person’s ID are not associated, but can be physically on the same smart card (it can contain two “virtual” cards, so to speak, but no system shall have the info on which voter ID belongs to which person’s ID).
Surely it’s not a perfect system (and surely it can be improved), but assuming it is robust and well implemented, I think it’s probably more reliable than traditional voting system and it’s more resilient to attacks.
(Конец цитаты)
Лень вдумываться, и тем более, переводить -- но, вроде, выглядит как реалистичный протокол...
Сам он пишет, что "bad idea" (дословно).
В комментах доставляет обилие брызжущих слюной троллей -- в диапазоне от "в России нет никаких выборов, и везде побеждает Путин!" и вплоть до "Россия хочет обзавестись лучшей выборной системой, чем у нас! Как они посмели!!"
Однако, есть пара годных комментов по существу -- один, пожалуй, даже перетащив к себе:
IC • March 12, 2019 1:56 PM
Not sure why the electronic/online voting system is insecure by definition, as seem to be implied by the post.
This is not applicable to the whatever thing Russians are implementing, but let’s assume the following…
1. Everyone has a voting ID or simply an electronic passport (which is a smartcard with it’s corresponding PIN or password). This voting ID or electronic passport contains a private-public key pair.
2. When someone wants to issue a vote, a unique ID for the elections is generated by the smart card (it’s a random number basically).
3. When the voter chooses and confirms an option, her vote and unique ID is signed by the private key alongside some additional info such as approximate time and place.
4. The unique ID, the vote, additional info and signature are sent to the election’s server and are validated against the public key (previously obtained from a valid voter ID/passport). Once the vote is verified, it is registered in the system.
5. The unique ID, the choice and additional info is printed on physical paper. The signature is printed as well as the hexadecimal string.
6. All of the above is also stored inside the voter ID/passport, so it can be retrieved later as well.
7. The vote is published on the public list, which is accessible for everyone for counting and vote verification. The voter can check his vote, unique ID and signature at any point in the future. The date and place of voting are approximate to ensure anonymity.
I do realize that the anonymity may be compromised when the vote is validated against the public key which is stored on some central server. Maybe one way to try to secure it a bit more is to have two distinct systems such that the voter ID and the person’s ID are not associated, but can be physically on the same smart card (it can contain two “virtual” cards, so to speak, but no system shall have the info on which voter ID belongs to which person’s ID).
Surely it’s not a perfect system (and surely it can be improved), but assuming it is robust and well implemented, I think it’s probably more reliable than traditional voting system and it’s more resilient to attacks.
(Конец цитаты)
Лень вдумываться, и тем более, переводить -- но, вроде, выглядит как реалистичный протокол...