Checked elections

baltinfo.ru

In connection with the well-known events, I thought about how to eliminate the possibility of juggling the results of any voting in principle.

I see two options: voting should be either open or secret, but with the possibility of verifying the results. Regarding the first one, I think, nothing particularly needs to be explained - this is like voting in LiveJournal, where you can always see who voted how and therefore it simply makes no sense to fake it - the risks are too high.
')
But the mechanism for organizing a verified vote, in my opinion, is a more interesting topic for discussion. Under the cut, I will present my idea and questions that arose along the way.

Disclaimer. Habr is an apolitical resource, so the questions “and who needs it” and “how to translate it into reality” are not discussed in this topic. I ask you to consider this as a case that needs to be solved in the framework of the general theme of designing an electronic state.

My proposal on the organization of the polled vote is the following: to introduce the division of entities into 1) the voting results of the voter and 2) the results of the counting of votes.

In both cases, these data should be stored in encrypted form, and will be available only once by the “keys” set by the same voter - separately for each result. The vote counting system will be available only general, impersonal data. After each data check, the key will be set anew to ensure that no one puts a nose in there without your knowledge.

Anyone can compare the results of their voting and the vote that is recorded in the vote counting system. These results can be optionally unloaded - for example, to provide them with an independent recount of votes.

Questions

The first question: two keys - is it sufficient or redundant (can you do with one?)

The second question: how to organize the generation and storage of these keys? Should they be defined by the user or can it be generated by the system? Should they be memorized as a PIN of a bank card or can they be sent to mail / telephone?

The third question: how to protect yourself from unscrupulous voters who can use the key once, and then declare that their account has been hacked and accuse the electoral commission of fraud?

Voting process

Of course, with such electrification of the elections, they can be held not only at the polling stations. Strictly speaking, they can be simply carried out completely online - using the base of the same portal of public services (at least some of it will be good :). And polling stations can be left only for people, principally offline - retirees, for example, who will vote using special terminals.

Effect

Legality. The scale of fraud will be reduced - simply due to their verifiability, the risks of “stuffing” will increase.

Increase turnout. Probably, when voting online will increase "turnout" - the number of voters. Although some sacrality of this process will be lost, but nowadays convenience and speed, I think, are still more important.

Economic effect. First, the Internet in Russia is used by 50 million people, only 110 registered voters. Thus, it is possible to reduce the number of polling stations by at least 30-40%. Secondly, the process of manual vote counting is canceled - the most time consuming and time consuming. All costs will be associated only with system administration.

PS

It would be interesting to calculate the cost of developing and implementing such a system, in order to compare with the announced fourteen billion rubles (almost half a billion dollars, for a minute) the introduction of web-cameras in polling stations as countermeasures against fraud.

UPD An extremely interesting presentation on TED.com: www.ted.com/talks/david_bismark_e_voting_without_fraud.html (the content starts at 3:50, there are Russian subtitles).

The proposed mechanism differs from mine for the better: the number of entities is reduced, the key for confirming the voting results is not needed - the bulletin itself performs its function. And the role of the second key, as I understood from the prez, is performed by the QR code on the newsletter. The downside is that this is a purely offline voting option. But the idea looks very beautiful. It can be supplemented with the possibility of self-scanning the newsletter (with an appeal to the IC staff only if necessary - an option for grandmothers).