by pesterazor on 3/29/19, 12:11 PM with 6 comments
by brownbat on 3/30/19, 11:21 AM
> "Although it would be informally apparent that something had gone wrong..."
ie, there's a spectrum of voting attacks. Ballot stuffing is more powerful than ballot burning. If you can target specific districts or voters, then ballot burning can have the same effect on the overall outcome, so it is still incredibly serious, but just takes extra work. This is ballot burning.
> "it seems that our exploit would put the system in an “impossible state”, which would make it difficult to define a meaningful investigation process."
If I'm reading this right, ballot burning itself might have two subtypes -- invisible and leaving big messy scorch marks. This is the latter type. Still serious, but different. You could DoS an election's integrity, forcing emergency runoffs or stalling out democratic processes, or forcing a failover to legacy systems that might be easier to launch higher level attacks against.
This will probably add to the antipathy against electronic voting systems, but I don't blame Scytl-SwissPost for trying. Our current system features disappearing ballot boxes, local level ballot design flaws, and relies on the postal system for absentee ballots. Whatever the mix of media, part paper or electronic, we need to be working towards something more cryptographically sound.
https://en.wikipedia.org/wiki/End-to-end_auditable_voting_sy...