Building secure systems is difficult. It would be nice if we had a bunch of well-designed crypto building blocks that we could assemble in all sorts of ways and be certain that they would, no matter what, yield a secure system overall. There are, in fact, folks working on such things at a theoretical level [...]
Just before Christmas, I was invited by my friend and colleague Steve Weis to give a talk about voting with cryptography at Google. I’ve done about 10-15 talks of this kind, but this was a fun challenge: a very talented audience with an introductory understanding of cryptography (Steve had given 3 prior lectures on cryptography). [...]
The Swiss have implemented quantum cryptography to transfer votes to a central tallying authority. This is pretty cool, and I applaud the Swiss for trying new technologies to improve election security.
However, marketing this as “unbreakable encryption” is troubling. I can’t help but see this as a version of Gene Spafford’s warning writ large:
SSL is like [...]
[With apologies to my grandmothers, some of the most insightful people I've known.]
When you want to build a publicly accountable secure system, must you build to the lowest common denominator? The key example is, of course, voting. It’s clear that you have to build the user interface to the lowest common denominator: given minimal direction, [...]
In cryptographic protocols, we talk about “the adversary”, this entity that’s trying to screw up the security goals of your protocol. Applied security folks also talk about adversaries, though they talk more often about “threats” and “threat models.” In any case, there’s some dark, shadowy, evil figure fighting against you. In a well architectured system, [...]
Facebook launched a platform that lets third-party developers add Facebook applications. This is visionary, and it’s very very cool (though I’m not sure it’s the revolution everyone is talking about.) The problem, of course, is authentication. Take a look at the Zoho Facebook application. Zoho is a separate company. They have their own accounts. So [...]
Google just released Google Desktop for Mac, and that got me thinking again about the Google and Privacy issue I wrote about here and here. I said that Microsoft might have an interesting privacy advantage, because your data lives on your computer, and their software doesn’t need to send much info to the mothership. By [...]
Yesterday, I gave an introductory lecture to high school juniors and seniors in Ms. Reiner’s AP Computer Science at the Boston Latin School. Ginger (Reiner) is an old friend who became a high school teacher after a fast-paced software engineering career: the world needs more people like her. It was a fantastic experience, in large [...]
In response to my recent post regarding open-audit voting, Ronald Crane expresses a number of doubts regarding cryptographic auditing of elections, concluding “I don’t see that crypto voting solves much.” I am responding in detail here because Ronald is deeply misinformed. There are certainly points regarding open-audit techniques that merit in-depth discussion, but the points [...]
First, I need to express solidarity with Avi, who went out on a limb and professed his love of American Idol. I, too, am a closet American Idol fan, and I completely agree: if only the voting were verifiable! I personally think Jared should have qualified for the final 12.
But on to the immediate issues, [...]
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Jun | ||||||
| 1 | 2 | 3 | 4 | 5 | 6 | |
| 7 | 8 | 9 | 10 | 11 | 12 | 13 |
| 14 | 15 | 16 | 17 | 18 | 19 | 20 |
| 21 | 22 | 23 | 24 | 25 | 26 | 27 |
| 28 | 29 | 30 | 31 | |||
Benlog by
Ben Adida is licensed under a
Creative Commons Attribution-Share Alike 3.0 License.
RSS