The National Committee for Voting Integrity (NCVI)

National Committee for Voting Integrity

Members | News | Archive | Issues | Research
[Laws] [Standards] [Tech] [Documents] [Acronyms] [Who's Who] [States] [Problems]

Voting Cryptography FAQ

by Bruce Schneier

Contributions by Doug Jones

What is cryptography?

Cryptography is the science of mathematical security. On modern computers, cryptography includes encryption, authentication, and integrity. A good introduction to the concepts can be found here:

http://www.webopedia.com/TERM/C/cryptography.html

What is symmetric cryptography?

Encryption uses a mathematical key to provide secrecy. Symmetric cryptography refers to encryption systems that use the same key to encrypt and decrypt. A longer explanation can be found here:

http://www.webopedia.com/TERM/S/symmetric_key_cryptography.htm

There are many books that explain these concepts in more detail. We recommend Chapter XX of Secrets & Lies: Digital Security in a Networked World, by Bruce Schneier.

What is public-key cryptography?

This is a modern form of cryptography, where a different key is used for encryption and decryption. Many modern security systems make extensive use of public-key cryptography. See:

http://www.webopedia.com/TERM/P/public_key_cryptography.html

Can there be unquestioned assurance that the key remains secret?

Of course not. Keys are either known by people, or stored in devices that people have access to. No matter what protocols and procedures are used, people are always prone to making mistakes The most we can do is minimize our reliance on secrets and then build procedural safeguards around the few secrets that we depend on people to keep.

How can voters be sure the key is kept secret?

They can’t. They have no choice but to trust those who have access to the key.

How can cryptography be used to enhance voting technology security?

Cryptography can be used for several purposes in voting systems. It can be used to prevent eavesdropping, for example, in network links between the computers on which votes are cast and the central computers that record those votes. Where Internet voting is used, cryptography becomes an essential safeguard to voter privacy.

Cryptography can be used to authenticate voting data, giving very high assurance that it really did come from a particular voting machine and has not been tampered with in any way. This can be used to prevent forgery of precinct voting records. Software authentication can be used to prevent acceptance and use of unauthorized voting system software.

Can encryption replace the need for paper records of votes cast?

No. The security problems encryption solves are important, but there are other voting security problems that encryption does not solve. For some more information, please see:

http://www.schneier.com/crypto-gram-0312.html#9
http://www.schneier.com/crypto-gram-0411.html#1
http://www.schneier.com/crypto-gram-0411.html#2

There are some very ingenious proposals to use encryption in ways that permit a voter to be assured that their vote was counted as intended without allowing that voter to prove to anyone else how they voted. Some of these schemes promise paperless elections. Other schemes give the voter a printed copy of their encrypted ballot, proving to the voter that this ballot really does indeed include their selections in the voting booth, and then destroying the proof before the voter walks away.

How can you ensure that cryptography is being applied correctly?

One of the most difficult problems with cryptography is that only a very small number of people really understand today's best cryptosystems. There are more people who understand how to correctly use these systems but who do not necessarily understand their underlying mathematics, but even this group is relatively small. Most people, therefore, are forced to trust the words of the experts. See:

http://www.schneier.com/essay-028.html

Why isn’t keeping the security details of voting systems a good idea?

The relationship of security and secrecy is subtle, and counterintuitive. The idea that secret equals secure is not true. For a longer explanation, see:

http://www.schneier.com/crypto-gram-0205.html#1

More on the History of Cryptography

Where does the word cryptography come from?

The word "cryptography" is taken from the Greek word "kryptos" meaning hidden and graphein meaning writing. Cryptography is the science of hidden writing or more accurately the study of encrypting or encyphering messages so that their content is obscured until they are decrypted or decyphered. Typically, the encryption process uses a key or password, the encryption key, and the message can only be decrypted if the correct decryption key is given.

What is symmetric key encryption?

The oldest form of cryptography, dating back at least 2000 years, uses the same key for encryption and decryption. With symmetric key encryption, the sender and receiver of the message must each keep the same key or password as a secret in order to guarantee their privacy when they exchange encrypted messages.

Other Online Resources on Cryptography:

RSA's FAQ on Cryptography

home | privacy policy | email: info@votingintegrity.org