
Specification of secure polling used by Hong Kong pro-demo primaries - phantomathkg
https://github.com/hkpori/popvote4-spec
======
totetsu
> It is created by The Hong Kong Public Opinion Research Institute (HKPORI)
> for large-scale electronic polling. It is designed for non-government and
> unofficial polling as a mean to measure and express public opinions in
> authoritarian regimes. In consideration of the politically-sensitive nature,
> the system must guarantee strong privacy to the voters.

This is a great real world tool for democracy. It's a shame it got ignored.

> ### Threat Model
    
    
      We require PopVote 4.0 to be secure with respect to a highly resourced adversary (e.g., state-sponsored actors) with the following capabilities:
    
      * The adversary may perform passive attacks on internal systems such as monitoring all network traffic, capturing the database's binary log, or saving packets for later inspection.
      * The adversary may conduct active attacks on internal systems such as compromising application servers, failing to store data, or corrupting the database. But they may not compromise an air-gapped system.
      * The adversary may perform a large-scale distributed denial-of-service attack on the internet-facing servers.
      * The adversary has complete knowledge of all resident's identity documents, and hence they may enumerate all valid ID document numbers quickly.
      * The adversary may corrupt a threshold of **Polling Authority** or **Tallying Authority** member.
      * The adversary may corrupt certain voting station personnel. But the adversary may not control majority personnel in the same voting station.
      * The adversary may perform any polynomial-time computation.

