Hacker News new | ask | show | jobs
by zepolen 3013 days ago
> There's a correct way to merge two ballots cast by the same private key: discard them both

What about the scenario where someone puts a gun to your head and forces you to vote for them - and you can't change your vote at a later period?
3 comments
tantanel 3013 days ago
In Estonia they allow you to vote multiple times and only the latest vote counts. They even allow you to then go and vote in the booth which renders your e-vote invalid. I don’t know the internals of how they store the votes but I can’t think of a way to do this without the side effect of knowing who voted for whom.
link
toast0 3013 days ago
If you do this with two systems, the e-vote could be encrypted to the second system, but submitted to the first system. During voting hours, the first system would collect the votes and apply the latest value wins rules. Then, once voting is complete, it sends the votes (without envelope information) to the second system to tally. In order to know who voted for whom, you need collusion between the systems.
link
geofft 3013 days ago
Hm, do they intend to solve that problem? (Can't the person with a gun just force you to destroy your private key after voting?)

One answer would be to just include the old ballot in the new one, so it's clear which one to invalidate if you see both.

I guess now that I'm thinking about it you also want to prevent ballots from being cast once the election is over, and timestamping an event as having happened before a given point is a valid use of an actual blockchain.

link
zepolen 3010 days ago
Two ways:

1. Votes can replace older votes - although this has issues because they could just make sure you don't vote again by pulling the trigger.

2. Let the voter assign 1 and 2 to A and B himself when receiving the private key - which means that when the time to click 1 or 2 comes - only the voter knows if 1 => A or 1 => B which makes it impossible to know who he is voting for.

link
walrus01 3013 days ago
blockchains don't solve problems at OSI layer 1 nor will they protect you from rubber hose cryptanalysis:

https://en.wikipedia.org/wiki/Rubber-hose_cryptanalysis

link