Are Old Ways of Government Engagement With Citizens Out-dated?
Are Old Ways of Government Engagement With Citizens Out-dated?
Yesterday over two million UK-based citizens decided that they wanted their voice to be heard, but unfortunately the sheer weight of numbers crashed the UK Petition site:
Each, perhaps, wanted their voice to be heard, and not be part of the ‘we represent the people’. For each it was an instance of time that they wanted their voice to be heard, and just waiting for the next vote to come along.
For our new generations, the Internet is just the default, and everything can be fast and electronic. Why wait for give years to let your voice be heard, when you can poll every citizen in an instance, and gather the real ‘will of the people’? For many to hear the statements of the ‘will of the people’ and ‘I represent the people’, have been said so many times to present a single vote that happened at an instance of time. Overall it just doesn’t seem to reflect this fast moving society, which could understand the true will of the people at any instance in time. Is what really is democracy in the 21st Century?
And so in this new information age, we thus need to move away from our traditional ways of citizen engagement around referendums and elections, and create systems which are truly trustworthy and where everything can be accounted for. I, personally, do not advocate fully on-line voting, as few people would really trust this, and could it actually be build (given the IT disasters of the past). But I do believe we can build systems where every single part of the process can be accounted for, and audited. We also need to make sure that every single vote counts and means something.
You know I’m going to mention blockchain here, so I am, as it provides a way to creating an infrastructure which is auditable. But I’m also going to add in the usage of cryptography in order to create a solid foundation — the digital trust part. For many of our citizens, this will just seem like some magic, and they will hope that it is built properly, but we cannot continue to use paper-based votes which are counted by humans.
What does good looks like?
In 2016, The Economist hosted the Kaspersky Lab’s Cybersecurity Case Study Competition and laid out a challenge to 19 invited academic teams [challenge] [our submission] with the objectives:
Can technology play a greater positive role in democracy and the way people make important decisions about the future of their countries? With digital voting, a new wave of challenges rolls in: from guaranteeing the anonymity of voters to the prevention of fraud, all the while ensuring the security of the voting system itself. One small vulnerability or oversight could very well change the course of a nation’s history.
The key technical challenges included:
- Voter privacy and vote counting — Making sure that the votes of citizens were generated stored and counted in a way which preserved the privacy.
- Voting under duress — Make sure that any votes which were greater under duress were accounted for.
- Availability of interim results — If required, the election system could release interim results.
- Undecided voters — This allowed votes to identify that there were undecided at a given point.
- Voting aftermath — This involved verifying the integrity of the vote.
A technical solution
Our election processes are often archaic, where we still put a cross on a piece of paper and then wait for it to be manually counted. Then we must compile all the results from different voting stations and again wait for the result to be compiled. We must then hope that the whole infrastructure is fair and honest in the way that the votes are collected and counted.
But why shouldn’t each citizen have their vote to be completely anonymous and after the votes have been cast, for every citizen to view the result? The instance the votes are finalised, every citizen could then view the result, without waiting for a government to count and process the votes. It might be possible for us to, to “peek” at the votes currently cast, without actually knowing who had currently voted.
Let’s look at an example, where Bob, Alice and Eve want to vote but to keep their votes secret. Once all the votes have been cast, they should then be able to see the result, without actually revealing the voting intents (normally we would have a much larger population, of course, and the larger the population, the greater the anonymity will be):
In order to illustrate the voting process, I have created a simple example to illustrate using this [paper] and which was recently used by researchers at Newcastle University [paper] as part of The Economist Challenge of voting:
The maths involve a bit of understanding of discrete logarithms (please contact me if you want to learn a bit about his). Please also excuse the copy-and-paste graphics, as LinkedIn doesn’t implement maths layout. The code that follows, though, is my own and is unique in illustrating a simple example.
Initially, we pick a safe value of g and a prime number p. I have selected g=2 and p=67 (if you want to see how to pick g, watch here). We then define a number of voters, who generate a random value (xi). They then broadcast the value of:
Publici=g^{xi} ( mod p)
It should not be possible to determine x_i given Public_i. Each voter keeps their xi value secret, and will prove to Trent that they know it (using Zero Knowledge Proof — ZPF).
Next all the votes regenerate a set of new keys:
This is the multiplication symbol, where we multiply the values of gxi from 1 to i-1 and divide for i+1 to n. Within discrete logarithms, the divide operation is an inverse function. I appreciate that this bit of maths look a bit strange so here is the Python code that I created:
# Bill Buchanan Code
import random
import math
import sys
g=2
p=67
nvoters = 5
voter = [int] * nvoters
public = [int] * nvoters
Y = [int] * nvoters
make_votes = [int] * nvoters
vote = [int] * nvoters
vote[0]=0
vote[1]=0
vote[2]=0
vote[3]=0
vote[4]=0
def extended_euclidean_algorithm(a, b):
"""
Returns a three-tuple (gcd, x, y) such that
a * x + b * y == gcd, where gcd is the greatest
common divisor of a and b.
This function implements the extended Euclidean
algorithm and runs in O(log b) in the worst case.
"""
s, old_s = 0, 1
t, old_t = 1, 0
r, old_r = b, a
while r != 0:
quotient = old_r // r
old_r, r = r, old_r - quotient * r
old_s, s = s, old_s - quotient * s
old_t, t = t, old_t - quotient * t
return old_r, old_s, old_t
def inverse_of(n, p):
"""
Returns the multiplicative inverse of
n modulo p.
This function returns an integer m such that
(n * m) % p == 1.
"""
gcd, x, y = extended_euclidean_algorithm(n, p)
assert (n * x + p * y) % p == gcd
if gcd != 1:
# Either n is 0, or p is not a prime number.
raise ValueError(
'{} has no multiplicative inverse '
'modulo {}'.format(n, p))
else:
return x % p
print "Votes: ",vote[0],vote[1],vote[2],vote[3],vote[4]
print "----"
for i in range(0,nvoters):
voter[i] = random.randint(1, 30)
for i in range(0,nvoters):
public[i] = g**voter[i] % p
for i in range(0,nvoters):
Y[i]=1
for j in range(0,i):
Y[i] = (Y[i] * public[j]) % p
for j in range(i+1,nvoters):
Y[i] = Y[i] * inverse_of(public[j],p) % p
for i in range(0,nvoters):
print "Public value: ",public[i]
for i in range(0,nvoters):
print "Y value: ",Y[i]
for i in range(0,nvoters):
make_votes[i] = (Y[i]**voter[i])*(g**vote[i]) % p
result = make_votes[0]
for i in range(1,nvoters):
result = (result *make_votes[i]) % p
for i in range(0,nvoters):
print "Vote ",make_votes[i]
print "---"
print "Vote tally: ",math.log(result)/math.log(g)
Once ready, the voters then create:
and where vi is the vote for voter i. In discrete logs:
is the same as:
If you look at the code, this is coded as:
make_votes[i] = (Y[i]**voter[i])*(g**vote[i]) % p
Once all the votes are created we then compute and which results in:
We then just take the inverse log, and we can determine the votes:
print "Vote tally: ",math.log(result)/math.log(g)
Here is a test run for all No votes:
Votes: 0 0 0 0 0
----
Public value: 36
Public value: 19
Public value: 23
Public value: 52
Public value: 64
Y value: 2
Y value: 28
Y value: 42
Y value: 49
Y value: 61
Vote 36
Vote 54
Vote 62
Vote 24
Vote 24
---
Vote tally: 0.0
and then for all “Yes”:
Votes: 1 1 1 1 1
----
Public value: 10
Public value: 8
Public value: 61
Public value: 43
Public value: 38
Y value: 59
Y value: 30
Y value: 34
Y value: 5
Y value: 63
Vote 57
Vote 65
Vote 22
Vote 16
Vote 60
---
Vote tally: 5.0
Here is an outline of the method [here]:
So what?
Within the Blockpass Identity Lab we are happy to now collaborate with Agora — a Swiss-based voting technology company [here] — and who are actively supporting elections around the World. Their moto is:
Bringing our voting systems into the 21st century
and their whole focus has been on applying cryptography and Blockchain methods to address the problems of our existing engagement/voting systems. We will be setting up an auditing node in our shiny new lab, and will be evaluating some of the methods involved. At the core of any election/citizen engagement infrastructure is identity, and we are keen to investigate new methods in properly identifying citizens, and protecting the rights to privacy.
Agora’s passion is …
… spreading fair and transparent elections around the world, and […] to offer great value for global human rights.
Their infrastructure moves away from our existing engagement platforms and creates a more open world which is more trustworthy [here]:
Conclusions
We must change! We must change! We must change! To still be identifying ourselves with a bit of paper, and then marking a cross on a bit of paper, which then gets put in a van and then rushed to a whole lot of human counters. That is 20th Century methods, and not methods from an information age.
We need ways to involve our citizens in the democratic process and the Internet is the natural place for this to happen. Would it be too costly to setup ways to engage with citizens? No! Could it be secure? Yes! Could it be trustworthy? Well, that’s up to our politicians to make sure that we move to a world where every single citizen counts, and where we are not just crosses on a ballet box.