Name: Was YOUR vote counted? (feat. homomorphic encryption) - Numberphile
Uploaded: 2020-03-27T18:13:28.000Z
Duration: 8 min 34 s
Description: Thousands of YouTube videos with English-Chinese subtitles! Now you can learn to understand native speakers, expand your vocabulary, and improve your pronunciation...

new innovations in voting systems. And so I'd like to tell you about end-to-end

which is the buzzword that academics are using to describe this.

Now,Which means really that you can verify the whole flow of

information, from your head, as to who you think you want to vote for,

all the way through the casting of the vote and the tabulation

so that you can verify that every step of the way is going the way it should

and that your vote counts the way you intended,

that the final result is the accurate representation of everybody's votes.

you can have a certain amount of verifiability. The lovely thing about paper ballots

is that you can see that, you know, what you wrote down is what you intended. And so that's a

But once you've cast the paper ballot, you're trusting the chain of custody of those paper ballots

to make sure that the count is done right

and that the ballots being counted are the right ones.

Brady: "Talk to me about this selfie thing. Some people like to take a photo of their ballot, don't they?"

Yeah, it's a lot of fun, and I think it may increase voter participation

to have a little more fun like that in the ballot booth and so on, too.

The thing that is worrisome about it, though, from

a security point of view, is that, you know, with a selfie of you casting your ballot,

you can sell your ballot. And that's one of the things that we've learned the hard way over many many decades,

is that you don't want to enable people to sell their ballots.

So you shouldn't leave the voting booth with any kind of proof as to how you voted.

You shouldn't have a receipt saying you voted this way, you shouldn't have a copy of your ballot,

you shouldn't have anything that proves how you voted.

Because that can be worth, you know, 20 bucks to the, you know, to you,

from the guy down the bar who wants to, you know, buy your vote. Or maybe coerce you.

So, yeah, how can you possibly know that your vote was counted the way you wanted?

This is a hard question, and it makes a fascinating research area. And it turns out

you can thread this needle with a bit of care and a bit of cryptography, a bit of mathematics.

So the idea would be that you get a receipt when you vote.

And the receipt is not the plain text as to how you voted

but an encryption of how you voted. So it's something that you can't sell down at the bar,

because it's not something that's interpretable by somebody else.

Brady: "So what is it, like a number, or a barcode, or...?"

It's a number or a barcode or something like that. It represents how you voted.

and, the new thing here in these end-to-end verifiable systems

is the copies of all the receipts get posted on the web.

So say, Brady, and here Brady's receipt, and Ron, and here's Ron's receipt, and so on and so forth. Everybody's name and their

Nobody can tell how anybody else voted. You can't sell your vote based on that posting. But it's all on the web,

and it's all there for anybody look at. And you can look at it, and you can see that, yep,

they've got my receipt right, and that receipt is an encryption of my vote, right?

So that's the key thing. You know your vote is in the pile,

and you know your vote is in the pile the way you think it should be,

because you have reason to believe, as I'll explain,

that your encryption of your vote is actually correct.

Brady: "Everyone's encryption looks different, though."

So it's not a simple encryption in a deterministic way. It's a good point.

Yeah, so if everybody's voting for Alice, all the Alices don't look the same, and all the Bobs don't look the same.

So there's a couple of subtleties here. One is, well, how do you verify the tally then? So somebody is announcing that

Alice won. And so, all these encrypted votes are

primarily for Alice, and there's some for Bob, but there's more for Alice.

That's the assertion that the election officials have made. How do they know? How do they

convince anybody that that's right? And they'd like to convince everybody that that's right without showing the decryptions of everybody's vote.

So they've got this pile of encrypted votes and an announced result,

and you'd like to know,... if you're an election official, you'd like to convince everybody that's the right result.

So there's a number of ways of doing this, and there's quite a large literature on this. Here's a way

that's pretty simple to describe. So you could use something called homomorphic encryption.

What does that mean? So it means that you can multiply

ciphertext together and end up with them representing the sum of their plaintext.

So, encryption of a one times an encryption of a two will give you an encryption of a three, right?

So you end up adding the plaintext when you multiply the ciphertext. So this is cool.

You can do lots of wonderful things with this. And in particular, you can do the tally for the voting system.

For example, if your vote is a vote for Alice, you might have an encryption of a one.

And if your vote is a vote for Bob, you might have an encryption for a zero. And suppose Alice and Bob are the only two candidates.

So then, each ballot is either a one or a zero, and basically what you want to do is add them up.

But they're ciphertexts, so you don't see the ones and the zeros.

But you can use this homomorphic property, you can multiply all these ciphertexts together

end up with a number which represents the sum of all of the

plaintext ballots. And that sum is just the number of votes cast for Alice then, right?

So the tally for Alice is the sum of all these things. And Bob is just the number of votes minus the tally for Alice,

of course. So if Alice has more than half, she wins.

So there, you can multiply these ciphertexts together and get a ciphertext that's the ciphertext for the sum,

and that ciphertext can be decrypted publicly

in a way that everybody can see is proper. So you can see yes that is... and everybody could also do this multiplication,

So that is, they can check that that's the ciphertext to decrypt,

and the election officials could decrypt that in a nice way

and show that that's the proper decryption, so that we have the right tally for Alice.

So that's one part of what you need to do then, is everybody can verify the tally from these encrypted things.

And that's cool, right? So that's one part of it. The other part you want to

deal with is the fact that you need to know that your ciphertext is really representing your vote, right? So you go into the

voting booth, you're getting this receipt,

and you want to know that that receipt really represents your vote. So you vote for Alice, and you get this receipt which is a

you can't decrypt that ciphertext. In fact, you shouldn't be able to decrypt that

ciphertext, because then you could sell your vote, just like you could with a selfie, right? So you want to know that that

ciphertext is really for, say, Alice, if you're voting for Alice.

Maybe this matchbox analogy is not a bad way to explain it. How do you

know that you've got a good match? You're going on a camping trip, you can, you're allowed to take only one match

Well, you could take a box out of the drawer, you can say well,

Subtitles ListPlay Video

Was YOUR vote counted? (feat. homomorphic encryption) - Numberphile

subtle

properly

fascinating

accurate