Why Anonymous Electronic Voting has Security Issues
In Australian Greens MP Adam Bandt's post "Do you think should people be able to enrol to vote online?", a number of people in the post also wanted to actually vote online (or electronically).
My response to that is that electronic voting is currently not possible to secure because of the requirement to preserve anonymity of voting.
With most electoral voting systems today, an essential part of the system is that the vote cannot be linked with the original voter. If votes can be linked to voters, then you open the likelihood that people may not vote honestly, because they can targeted due to the nature of their vote.
The difficulty is that all electronic data is essentially trivially copiable, and an edited version is usually indistinguishable from an original. For example, your computer copies the digital original every single time you look at something online - that's how it gets from the server to your computer so that your computer can even display it to you.
This text you are reading now has been copied in that way lots of times, and you could trivially make more copies of it, edit it however you like, and release a digital text which has been modified, but is in exactly the same format to the original text and nobody can truly verify which one was the real original.
There is only one kind of electronic data that is not editable in that way - that is electronic data which has been securely digitally signed in a non anonymous fashion. That means that if the data is edited, the digital signature will no longer match. For example, digital signatures are used by online banking systems to verify to your web browser that the online website you are talking to is actually the bank you think it is, not someone else pretending to be the bank.
The problem is, digital votes that are secure and verifiable must remain attached to their original digital signature - which fully identifies the voter. Once you detach the digital vote from the digital signature, they can immediately be trivially copied and faked (just like this unsigned digital text you are reading), and cannot be verified using any means.
No matter how much auditing you do on the software and hardware, at any point between the detachment of the digital signature and the final vote count, there is the possibility of trivial and currently impossible to check and verify against digital vote fraud.
Paper votes are physical objects which are much much harder to create copies and fakes of. Once the voter is identified, they can be given a blank voting paper, and the physical vote can then be passed around and verified without having any link to the voter any more.
As regards the original question posed, enrolling to vote online is actually fine, just like Internet banking and similar systems, the point is to be identified to prove that you are you. It could even tie in well to the electoral system at booths - secure identification that ties in with your digital enrolment at the tick off point in order to receive the physical voting papers would actually improve voting security, not decrease it.
In short: Online voter registration, no worries. Online voting, just no.
See http://thorfinn.dreamwidth.org/54451.html (
comments). Please read DW OpenID Help if you want to comment there