[Allowed through because we were discussing this, but I must say this
is pretty content free... --Perry]
We are happy to see the recent discussion about the VoteHere Election
System, and the interest in secure Internet voting that it represents.
We acknowledge that our web site does not accurately reflect the protocols
on which we have built our products, and we will make the
appropriate changes. However, in creating the site, our intent was
only to provide marketing literature to the general public.
Regarding registration, our current authentication protocols for public
elections are based on a live ink signature or in-person appearance,
which is typical of mail-in balloting and poll-site voting, respectively.
We have worked out the details of the current protocols, including
security, feasibility and logistics, in consultation with election
officials from around the country.
Regarding our voting and encryption protocols, the techniques used in our
products are based on the established literature in secure voting
protocols. For competitive reasons, we have chosen not to publish the
algorithms or even release specific references to the literature at this
time. This is a painful decision because we are committed to the well-
established tradition of peer review in the cryptographic community.
It has long been our position that public scrutiny of any protocol
proposed for government elections is essential to protecting the
democratic process. A key component of our threat model is that
no election official, nor any provider of election services (including
ourselves) is a trusted player.
We want to assure the cryptographic community that we will publish
all technical details relevant to the security of our system at the
appropriate time. In addition, we have urged the Secretaries of
State with whom we are working to retain independent cryptography
experts to review our products during the certification process. In the
mean time, we ask that judgment about whether or not our products
are "snake oil" be deferred until our technical specifications are
published.
C. Andrew Neff
Chief Scientist, VoteHere.net
