Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Doesn't the Blockchain, by design, record what is entered into it? So couldn't someone then figure out how you voted?


(without making any claim about "block chains for voting are good/bad")

Not really. Generally if you want to privately check something like this, you encrypt it for the recipient (government), and sign it with something that only you know. So the contents are hidden from everyone and nobody knows anyone's signature, but you can prove that your item is in the list, unmodified, and is therefore counted.

And then the chain would provide a quick way to check for "has not been modified since I checked", without needing to do the full check again.


Traditionally, you would sign with the government’s public key so that only they can decrypt it. But ballots are so low entropy that I’d be worried about brute forcing it (maybe some significant nonces can be added?) a solution where you use the block chain signed with certificates held in a central database is just… another case of people pushing blockchain without understanding it


Nah, not a problem. You generate a random number R and encrypt R || V where V is your vote.

(Or, equivalently, use something like CBC mode with a random i.v.)


Assuming uncontrolled public access to the blockchain, couldn't this also be used to prove to others that you voted "correctly", facilitating vote buying schemes?


Particularly if you do not publicly disclose the cert you signed it with: I'd be willing to bet there's some way to make it so you can produce a signing cert that'll claim you filled in any data you wish.

E.g. have your signature data be a class of values based on vote possibilities, but have all produce the same final signature. You could produce anything for anyone that way. I'm not sure if that'd be "forward secrecy" or "deniable encryption" or what, but there are a variety of systems that do similar things.

I am not a cryptographer and I don't know any concrete implementations that would have all the properties I want, but pieces of pretty much all things you could reasonably want in a voting system do already exist. And pretty often they can be layered together. The bigger problems in practice seem to be "people won't trust it" (which is defensible), "some of the fancier crypto is too new and not thoroughly proven" (which is very true, e.g. zero-knowledge proofs), and "implementers so far have been stunningly incompetent" (undeniable).

(edit: or I guess more easily, just sign the data after encryption, and throw away your encryption key. then you can claim whatever you like - it's encrypted, they can't know, and you can still show that it wasn't changed)




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: