Most states rely on paper bureaucracy to ensure that the state can function and provide services. Paper bureaucracy has been part and parcel of how we maintain states and corporations since the Chinese invented the first paper bureaucracy systems of management 3000 years ago.
But as you all probably know, bureaucracy kinda sucks. It costs a lot to maintain, and in the worst cases bureaucracy can turn a state into a labyrinthian monstrosity that can be near to impossible to navigate.
Estonia is a Baltic country that in recent years has been embarking on reform programs that are intended to change this. Estonia is a “Paperless state” meaning a state that has effectively removed all paper from it’s bureaucracy and replaced it with a digital state structure. In this short video I would like to introduce you to the digital state and argue for it.
One thing I commonly hear as an argument against electronic voting is security and ease of vote tampering. Is Estonia solving this issue and, if so, how?
Idk if you watched the video but the reason it works is mentioned in the video, if not explored in detail.
You have a digital id and a digital signature that is tied to you as a citizen.
Each vote has to be signed with your personal voter signature.
I watched though about half of it, before concluding that this video is only going to be a summary video that won't answer my questions fully.
Digital ID and Digital signature are absolutely necessary, though depending on how those two are implemented I could still see fraud and vote manipulation being feasible. I was hoping someone with more knowledge about how Estonia is doing its security and verification systems to ensure records aren't being modified maliciously.
I’m happy to revisit and explain, but I don’t have much time to type right now - the wikipedia page for estonia has great info; you will need a basic understanding of cryptographic hashing and merkle trees
There should also be a 30sth page doc about how the e-voting machines are set up, configured and secured somewhere. But it is in Estonian and I can't be arsed to find it now
https://en.m.wikipedia.org/wiki/Estonian_identity_card
It's actually fascinating. Asymmetric keys with public keys hosted by the government and the private key in your ID.
A 4 digit pin1 code is required to use the authorization key and a 5 digit pin2 is required to use the signing key.
The average Estonian signs 50 documents per year using this method.
Everyone in Estonia has to have an ID card, which contains the RSA keys and x.509 certs for giving digital signatures.
And all the software is open source :)
Regarding electronic voting, you can either have reliable and secure, or anonymous, but not both. Sounds like Estonia went for option 1.