If I summarize your comments correctly, the weak point is the vote pool manager.
I agree that the vote pool manager is an issue, but the paper and the presentation present a web-of-trust technique to build vote pools in a decentralized way.
So then there is no vote pool manager (or state, for that matter) anymore.
I considered the problems with vote pool and vote conduction separately.
The motivation to do so was that indeed in many countries the paper ballot registry permit entrance to the voting booth based on passport.
In Germany for instance, you have to show your passport in order to vote. And then two students have a list on which they strike through your name.
That could be as well done in a TLS email system but the point is: When we do things digitally, we suddenly impose far higher restrictions on security.
I understand and respect that. But, the vote pool is something that exists regardless of the voting procedure (paper, digital, mail,..).
I have developed a system for digital voting.
This can be used for making polls, votings, and referendums.
The system operates via solving two tasks:
1) n Individuals organize themselves in "pools". In a pool, each there is a 1:1 relation between account and individual. The mechanic in use is mutual approval of public key.
2) Via a large random number game, n "public vote keys" are generated and announced, such that each voter holds the private key to one of the public vote keys. People can then anonymously post their votes via TOR in a blockchain and authenticate them via their private vote key. Everyone can verify and count everyone's vote.
Implications:
i) Votums, referendums, polls, opinion studies, etc become fast, cheap (just the electricity), unforgeable, and verifiable. This increases trust, participation, frequency of use, and thus increases the ability of political participation for citizens in a country.
ii) Even if governments would wish to prevent a votum/ referendum/ polls/ opinion study/ etc, they are unable to do so, because the system is decentral. This means, anyone can ask anything and everyone can vote on everyone and see all votes. This could end dictatorships.
iii) Votum results stay on the internet and can be used to put political pressure on leaders and fighting corruption.
iv) Pools can be organized beyond borders of countries, thus fostering a global democratic formation of the people.
v) confirmation bias, fake news, internet bubbles can be countered because everyone can compare the presented information with poll results. (For instance: How many people trust this fact?)
I believe the presented method is the first algorithmic means to generating truth:
Philosophy teaches that there is no fact nor truth. However, a mere mirror of what the people vote is a factual depiction of their truth.
If anyone knows how to move this forward, then post an email distributor and let's form a team to implement it.
IMO, this is worse than paper votes, because there is a central point of failure - the voting pool manager.
The voting pool manager can accept an arbitrary number of public keys from Sybil, who may vote as many times as she chooses.
In a paper voting system, Sybil is limited to how many polling stations should could visit in a day, because her physical presence in the station would be noticed by station watchers if she attempted to vote more than once at any given station. Even then, there are additional checks and balances, because she first needs to register herself at each polling station.
In a purely electronic system, nobody is able to observe Sybil.
Right, the idea that original validation of a key yesterday is equal to validation of the key today is erroneous.
Requiring a voter to inhabit both a time and a place to vote significantly reduces all types of fraudulent activity. Obviously, there's leeway out from there to mail in ballots and other convenience, but the fact that spatial reality has to play apart means there's a huge reduction of a single panopticon-like voter who can submit valid votes today and tomorrow.
This goal is similar to solving DRM with software security. It's impossible. If one could open source a hardware security you might get closer to closing off the number of attack vectors.
On a positive note, this stuff is coming, regardless of how I'll advised it is without considering exactly why in person voting and address level checks are required to geometrically reduce a DDoS type of vote system attack.
Also even if you ignore the technical problems with electronic voting (which are numerous): electronic voting systems are incredibly vulnerable to disinformation campaigns. With paper voting (at least in germany), anyone can attend and help the count. The system is transparent, open and very easy to understand. That doesn't make it immune to manipulation, but it is the closest we got so far.
With electronic voting, only one category of people even has the ability to understand the system, so "the average citizen" can only ever rely on "experts". And let's be honest, even for individual programmers and computer scientists it would take a large amount of effort to investigate.
Get some news going that the system is flawed and you can't tell anyone to just go and check and verify for themselves, and we all know it's not hard to find "experts" that will gladly support that claim, even if it isn't true.
The US has paper votes. Didn’t stop Trump from discrediting the election.
The media used for voting doesn’t matter if trust is questioned. No single individual is able to count all paper votes either, so it’s fundamentally about citizens trusting authority.
Mail-in voting is substantially different to voting in person at a voting station, and has a much larger attack surface. It should be absolutely minimized or potentially even eliminated or replaced with something more secure.
Also, some states use electronic voting/counting machines, which should be looked at with suspicion. How can you, as somebody who wants to verify the integrity of an election, observe that they are not subject to vote manipulation?
Paper voting has the same central point of failure as the above proposal, they effectively have a voting pool manager, which is the State itself (though different in each State). These are notoriously bad at managing the voter pool, and issue ballots for the dead and people who have long emigrated. There are issues with people who have moves states and are issued ballots in multiple states - under mail-in voting they can trivially vote twice. If they were forced to vote in person they would have to make the trip between states on voting day.
I didn't claim that paper votes are immune against it. But having voting that is a complete black box for everyone will amplify it.
> No single individual is able to count all paper votes either
Compare "I can't count them all myself but I can see and understand the way it works" with "I can't count them myself and I can't even understand how the system and validation work".
Imagine if trump could've slapped some claims about faulty tech, broken tech security, untrustworthy developers etc. on top of the rest.
Tbh. No end-user ever cared about what a product was build on.
Even if you're a programmer that loves opensource and nodejs.
If the best solution for your food business is from a local cash register company with a closed source dotnet solution. You're gonna want his product for your company.
Using Blockchain in your product doesn't make it a good product. It potentially limits it ( eg. No undo button within 1 minute, slow db, ..)
If I summarize your comments correctly, the weak point is the vote pool manager.
I agree that the vote pool manager is an issue, but the paper and the presentation present a web-of-trust technique to build vote pools in a decentralized way. So then there is no vote pool manager (or state, for that matter) anymore.
I considered the problems with vote pool and vote conduction separately. The motivation to do so was that indeed in many countries the paper ballot registry permit entrance to the voting booth based on passport. In Germany for instance, you have to show your passport in order to vote. And then two students have a list on which they strike through your name. That could be as well done in a TLS email system but the point is: When we do things digitally, we suddenly impose far higher restrictions on security. I understand and respect that. But, the vote pool is something that exists regardless of the voting procedure (paper, digital, mail,..).