Benlog

The Swiss have implemented quantum cryptography to transfer votes to a central tallying authority. This is pretty cool, and I applaud the Swiss for trying new technologies to improve election security.

However, marketing this as “unbreakable encryption” is troubling. I can’t help but see this as a version of Gene Spafford’s warning writ large:

SSL is like using an armored truck to transport rolls of pennies between someone on a park bench and someone doing business from a cardboard box.

Now, a vote is worth more than rolls of pennies, but the analogy remains appropriate: so what if the pipe is super secure, unbreakable even, if the voting machine isn’t secure? And, more importantly in the case of voting, who cares if the encryption is unbreakable if a citizen can’t verify that her vote made it into the final tally? After all, what happens to that super secure data once it comes out at the other end? How can your average citizen check that it was tallied appropriately?

That’s what most people don’t get about open-audit voting with cryptography: the techniques are not all that much about encryption, they’re mostly about public accountability and verifying that the election was performed correctly. Whether you’re using RSA, Elliptic Curves, Lattices, or quantum crypto, matters little.

What matters is how much assurance the voter gets that the election was run correctly. And quantum crypto doesn’t achieve much on that front.