this post was submitted on 31 May 2024
117 points (94.0% liked)
Technology
59377 readers
3846 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
One thing I commonly hear as an argument against electronic voting is security and ease of vote tampering. Is Estonia solving this issue and, if so, how?
Idk if you watched the video but the reason it works is mentioned in the video, if not explored in detail.
You have a digital id and a digital signature that is tied to you as a citizen.
Each vote has to be signed with your personal voter signature.
I watched though about half of it, before concluding that this video is only going to be a summary video that won't answer my questions fully.
Digital ID and Digital signature are absolutely necessary, though depending on how those two are implemented I could still see fraud and vote manipulation being feasible. I was hoping someone with more knowledge about how Estonia is doing its security and verification systems to ensure records aren't being modified maliciously.
I’m happy to revisit and explain, but I don’t have much time to type right now - the wikipedia page for estonia has great info; you will need a basic understanding of cryptographic hashing and merkle trees
There should also be a 30sth page doc about how the e-voting machines are set up, configured and secured somewhere. But it is in Estonian and I can't be arsed to find it now
https://en.m.wikipedia.org/wiki/Estonian_identity_card
It's actually fascinating. Asymmetric keys with public keys hosted by the government and the private key in your ID.
A 4 digit pin1 code is required to use the authorization key and a 5 digit pin2 is required to use the signing key.
The average Estonian signs 50 documents per year using this method.
Everyone in Estonia has to have an ID card, which contains the RSA keys and x.509 certs for giving digital signatures.
And all the software is open source :)