E-voting must be backed up with paper ballots, say crypto experts

A panel of distinguished cryptographers at the RSA Conference in San Francisco weighed in on a variety of issues, including...

A panel of distinguished cryptographers at the RSA Conference in San Francisco weighed in on a variety of issues, including electronic voting and rights management for digital media.

Speaking at the annual Cryptographers Panel, Ronald Rivest, co-creator of the RSA encryption algorithm, backed calls for paper ballots to supplement insecure electronic voting technology, while fellow luminaries Paul Kocher and Whitfield Diffie predicted heated battles between privacy advocates and intellectual property owners over the issue of digital rights management.

Rivest cited recent analysis of Diebold electronic voting systems following a leak of the source code for those systems as evidence that such systems were inadequate to ensure the authenticity of votes cast.

He added that analysis of the Diebold source code showed that programmers for those companies failed to use accepted authentication methods to secure voting data and cast doubt on the ability of Diebold or other companies to patch the code in time to guarantee the results of approaching elections such as the 2004 US presidential elections.

To ensure the outcome of elections where electronic voting kiosks are used, municipalities should implement voter verifiable technology that would produce a paper copy of each ballot that is cast, Rivest said.

Rivest cautioned against the "digitising" of votes. "We know only too well the difficulties of securing complex electronic systems," he said.

Technology companies and municipalities should "go slow", and "keep it simple", relying on paper ballots and audit trails to verify the data collected by electronic voting kiosks.

Kocher, president and chief scientist of Cryptography Research noted "failed economies" in a number of areas of technology adoption that are causing pain for corporations and ordinary computer users.

The inability of entertainment companies to control the technology used to play music and films has resulted in a flood of piracy that is hurting those companies, Kocher said.

Similarly, the way e-mail is sent and received makes it easy for spammers to flood users' in-boxes with unsolicited messages.

The technology community and private sector needs to address those issues if it wants to solve problems such as piracy and spam. Failing that, government regulation may be needed to mandate security standards, he said.

Concerns about piracy and terrorism may spell the end of computers and computer networks that are entirely controlled by their owners, said Diffie, chief security officer at Sun Microsystems.

The battle between entertainment companies and their customers over digital duplication of songs and videos and the federal government's desire to tap into data sent over voice over internet protocol networks may yield to built-in surveillance features that report on how computers are being used.

The panel of cryptography experts was also critical of Microsoft, weighing in on a variety of issues, including the company's security plans and revelations that its Windows source code was recently leaked onto the internet.

Adi Shamir of the Weizmann Institute of Science in Israel, another RSA algorithm creator, said that the release of the proprietary source code probably would not pose a security risk to Windows users, but showed that Microsoft was not in control of its code.

If the company had fingerprinted its released code, it would have quickly been able to say where the leaked code came from. The fact that the company initially appeared confused about the source of the leak showed that even simple security measures are sometimes ignored by powerful companies, he said.

The leak of the source code posed ethical problems for legitimate security researchers, who risk violating the law in analysing the code - a problem that virus writers and online criminals do not have. Microsoft should, officially, release the leaked code passages for analysis and enable security researchers to legally examine it, he added.

Kocher was also critical of the security measures Gates outlined in his speech, noting that none of the company's proposed measures involved simplifying Windows, but instead required more additions to the already massive code base.

Kocher said that Microsoft should look for ways to make Windows less complex.

Paul Roberts writes for IDG News Service

Read more on IT risk management