3

There are a few grass roots initiatives to introduce blockchain as a ledger for election voting. My criticism of the ones I have seen, at the time I saw them, is that they did not adequately address the paradox of anonymity vs identity. Our election system is currently grounded on the preference that only people meeting a citizenship identity requirement a are allowed to vote anonymously. It's a bit neurotic in a sense. Without side tracking into political theories of our electoral process, i was thinking of solutions that meet our existing requirements.

Could SAML be used to engineer an anonymous blockchain where voter eligibility is validated?

I'm envisioning a system where the voter makes a claim as being an eligible voter, the election commission verifies the claim, and that validation is passed anonymously to whoever is adding to the chain.

The only issue I've thought of so far is that there is a possibility to associate a validated claim between the chain and the election commission. But, I think using PKI and not persisting validation data could mitigate that.

Jonathon Anderson
  • 171
  • 6
  • Awesome idea! The SAML authority can keep a record of who voted, then pass an anonymous claim to the voting system (blockchain or otherwise). I agree that the trick will be making sure there is absolutely no way to back-trace Vote -> SAML Claim -> SAML Identity, which in practice is probably harder than it sounds. And nearly impossible to convince tin-foil-hattists that such a reconstruction is impossible. Still, probably better from a privacy perspective than some current systems. – Mike Ounsworth Jul 25 '18 at 15:25
  • If anyone is interested in taking this on as a project... let me know :D https://github.com/NonSecwitter/SamlChain – Jonathon Anderson Jul 25 '18 at 15:34
  • You must trust that the SAML authority does not retain record of tokens. Should I post this as answer? – usr-local-ΕΨΗΕΛΩΝ Jul 25 '18 at 20:26
  • I'm curious whether there is a way to prevent back-tracing even if the SAML authority DOES hold records. – Jonathon Anderson Jul 26 '18 at 13:54
  • Hmm. I can imagine a paper system where someone verifies your ID card, marks you down in the database as having voted, and hands you a serial-numbered voting slip. Since the serial number on the slip is not recorded with your name, that should do. I'm not enough of a SAML expert to know if the equivalent is possible. – Mike Ounsworth Jul 26 '18 at 14:16

0 Answers0