Benlog

security, privacy, transparency.
« The Turning Point Zinger?
You know it’s election season when… »

Voting @ Google

Filed under: crypto, voting — December 26, 2007 @ 2:00 pm

Just before Christmas, I was invited by my friend and colleague Steve Weis to give a talk about voting with cryptography at Google. I’ve done about 10-15 talks of this kind, but this was a fun challenge: a very talented audience with an introductory understanding of cryptography (Steve had given 3 prior lectures on cryptography). I was able to start at the beginning but go quite a bit deeper than I usually do.

Oh yeah, and the whole thing, all 92 minutes of it, is available on YouTube.

I’ve just watched it: nothing like watching yourself on video to give you a new year’s worth of cringing. I’m particularly annoyed with myself that I gave no credit to Josh Benaloh, and that, while I gave some credit to Ron Rivest, David Chaum and Andy Neff, I did not give them nearly enough. These guys are the fathers of modern cryptographic voting. Nothing I’ve done compares to what they’ve done. Here are a few things I should have said:

  • Josh Benaloh came up with the first coercion-resistant voting protocols, the first homomorphic tabulation protocols, and a number of ideas that pre-date and inspire Scratch & Vote.

  • David Chaum invented blind signatures, the Punchscan system which pre-dates and inspires Scratch & Vote, and a number of fantastic ideas that are the crux of many voting protocols.

  • Andy Neff designed and built the practical human-verifiable interactive protocols I refer to in passing, you know, the protocols that go from the toy-feel of Scratch & Vote and make crypto voting truly workable and practical. He’s thought more about and done more to explain/characterize forced randomization attacks than anyone else.

  • Ron Rivest, beyond his numerous contributions to modern cryptography, has been the strongest driving force on the policy front to create a future for cryptographic voting.

Thanks to Steve for the opportunity to give this talk and have it recorded on YouTube for everyone’s benefit/entertainment. And thanks to the Google crowd for a great turn-out (the video doesn’t do it justice, a lot of folks had to leave before the Q&A session and the audience shots in the end), the fantastic questions, and generally the openness to this kind of talk.

(At minute 46, you hear some noise, I make a comment about how “my wife will find this amusing”, and it’s not clear what’s going on: Google is a dog friendly environment, and there was a loose beagle in the crowd. I’m a dog person, so no problem, and the Google work environment is pretty cool, I have to say.)

8 Comments »

  1. Mike:
    December 27th, 2007 @ 10:22 am

    I enjoyed your talk. Assuming you don’t have time for more crypto-voting posts, where can we find more?

  2. Punchscan » Video Link:
    December 27th, 2007 @ 3:21 pm

    [...] Check out this video of Ben Adida at Google giving an overview of cryptographic voting and read his afterthoughts. [...]

  3. AllAboutVoting:
    December 28th, 2007 @ 7:00 pm

    Great talk. I especially enjoyed the first half of the talk before you had to dive into deeper mathematics where studying a paper is a better approach to understanding the technique then glancing at slides for a few minutes.

  4. Well done video on verifiable voting « All About Voting:
    January 4th, 2008 @ 12:46 pm

    [...] He also adds a few afterthoughts. [...]

  5. Stefan:
    January 6th, 2008 @ 6:29 pm

    Around min 35, when you mention randomization attacks and forced abstaining attacks, just a brief comment: it can be shown that the two attacks are equivalent (to have the same effect they require the same amount of effort)

  6. ben:
    January 7th, 2008 @ 2:02 pm

    Stefan: that’s probably true in theory, but in practice forced-randomization is easier if you can check the ballot receipt right away: just wait for your voter to come out of the poll and ask to see his receipt.

  7. Glass Box Voting » Blog Archive » Theory and Practice of Cryptography talk by Ben Adida:
    February 13th, 2008 @ 2:18 pm

    [...] I just watched a very good talk on voting cryptosystems and the cryptographic principals and primitives behind them.  I found the link here. [...]

  8. Scott Shorter:
    February 13th, 2008 @ 2:20 pm

    Very interesting talk, provides a good introduction to the arcana of voting crypto for nonacademics.

RSS feed for comments on this post. TrackBack URI

Leave a comment

Line and paragraph breaks automatic, e-mail address never displayed, HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>