Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

IP: not quite so, was Re: Perspective on election processes Risks Digest 21.13

From: Dave Farber <farber () cis upenn edu>
Date: Sun, 10 Dec 2000 11:03:51 -0800



Date: Sun, 10 Dec 2000 10:19:54 -0800
From: Ed Gerck <egerck () safevote com


Dave Farber wrote:


Date: Sun, 3 Dec 2000 9:59:37 PST
From: "Peter G. Neumann" <neumann () csl sri com>
Subject: Perspective on election processes


....

 * Voting by the Internet, even if only from well established polling
   places, is and will remain extraordinarily risky because of the 

inherent

   untrustworthiness of computer systems attached to the Internet and
   indeed the networking itself.  It should not be recommended for use
   in the foreseeable future.



The concern is justified but Peter ignores that there is a hacker-proof way
to make an Internet-connected computer as secure as a non-connected one.
The method was made public in its details and fire tested in a week-long
24-hour-a-day open attack test -- as reported in USA Today, Wired, and
in http://www.safevote.com/tech.htm

As long as the endpoints fully control the  cryptographic key agreement and
node addressing schemes used, the “Internet as a transfer medium” is extremely
reliable in accurately delivering opaque blobs of encrypted and certified 
data,
while Denial-of-Service (DoS) attacks can be forestalled by using the stealth,
moving target technology described in http://www.safevote.com/tech.htm.

Indeed, the Internet can support reliable and secure transactions, and does so
regularly, as long as all endpoints of the transactions are under the 
control of a
single authority ­ even if multiple keys are used. People are generally 
unaware
of this quality because it is not the “standard mode of operation” employed by
the public in web browsing or sending an email.

Further features of the security design are described in The Bell of 
November at
www.thebell.net, with design principles and limits in the website at
http://www.safevote.com/aboutus.htm , is exemplified in the demo at the 
website
at  http://www.safevote.com/demo2000/index.html , besides clarifications at
http://www.safevote.com/contracosta/index.html#Report  and
http://www.safevote.com/tech.htm

Cheers,

Ed Gerck




For archives see: http://www.interesting-people.org/
Previous By Date Next
Previous By Thread Next

Current thread: