Discover more from Frankly Speaking

Security engineer. Recovering VC and academic sharing random thoughts on security.

Over 4,000 subscribers

Already have an account? Sign in

Frankly Speaking, 5/28/19 -- Secure Voting

A weekly(-ish) newsletter on random thoughts in tech and research. I am an investor at Dell Technologies Capital and a recovering academic. I am interested in security, blockchain, and devops.

Frank Wang

May 28, 2019

If you were forwarded this newsletter, you can subscribe here, and view old newsletters here.

Hope everyone had a good Memorial Day weekend. Sorry for the newsletter mishap last week! I'm still trying to figure out the best workflow and tooling in Mailchimp for this newsletters. Surprisingly, it's harder than I expected. Honestly, I would like more HTML customization power, but I digress... I would appreciate any Mailchimp tips or other great newsletter creator suggestions.

WEEKLY TECH THOUGHT

This week, I will discuss an interesting secure voting scheme. I thought this would be relevant given current concerns around election integrity.

Peter Y A Ryan from University of Luxembourg has a project Selene, a new way to do vote verifications. I only provide a high level overview in this post.

The Challenge: Why is secure voting so hard? The correctness of an election should be universally demonstrable, while ensuring all ballots remain private. No one has a god’s eye view of the correct answer. We need to resolve the tension between verifiability and the need for ballot secrecy. We also don’t want to trust officials, software, hardware, etc. We want a solution that is sufficiently easy to use and to understand for the electorate at large.

In a sense, we want end-to-end verifiability. Some key requirements are the following: integrity/accuracy, individual verifiability, universal verifiability, and eligibility verifiability.

We have secrecy requirements: ballot secrecy, receipt-freeness, coercion resistance. On top of that, we want availability, usability, understandability, accountability, accessibility, resilience, etc.

This is what makes voting so difficult. However, once we have votes in encrypted form, the rest is technically fairly straightforward, essentially a distributed secure computation. The real challenges is at the edges: to provide a usable way for the voter to encrypt her vote in a way that gives her high confidence that her vote is correctly encoded while not providing a means to prove this to a third party.

Internet voting poses a host of new problems: insecure client devices, insecure internet, DoS attacks, coercion, etc.

Peter presents Selene. To avoid having to deal with complicated math in a Medium blog post, I’m going to discuss the high level idea behind Selene. First, assume a standard Diffie-Hellman/El Gamal style setup. Tellers hold shares of a threshold election public key. Voters have secret signing and trapdoor keys. The goal is to ensure that each voter is assigned a unique tracker number, to notify each voter his/her tracker (after trackers/voters have been published) in a way that provides high assurance but is deniable.

Selene seems to provide a high degree of transparency for the verification while providing a good level of receipt freeness. However, if there are serious coercion threats, Peter is looking to a second version of Selene that can be used but at the cost of transparency of verifiability.

This is a very high level view of the ideas surrounding secure voting and its difficulty. Selene makes strides to make secure voting a lot more usable and transparent. For more details on the exact cryptographic scheme and more details on the Selene ideas, please take a look at his slide deck.

Secure voting is much harder than people imagine. It's not so much securing the actual voting, but it's the verifiability and auditability guarantees that need to be achieved.

TWEET OF THE WEEK

Titles can be deceiving, especially in Silicon Valley startups.....

LET'S BE FRANK

This is the first week of the renamed section, which I give kudos to my friend, Justin Solomon.

This week, I'm going to talk about a somewhat non-technical issue, but an important one: compensation. It's a question I get asked a lot as a VC because we see compensation across many companies and can see how they affect culture, retention, and subsequently execution.

My overarching philosophy, which I learned from observing great executives and senior management, is to always compensate your top performers above market rate. This way, you don't lose them over pay. If there are other reasons they want to leave, that's fine, but it shouldn't be pay.

The signal you send to someone by not making sure they are not happily compensated is that you don't care about their retention. We are in a market where there is a severe talent shortage in tech, and they can move to a company who properly compensates that person for their performance. You lose a top performer and a lot of value over arguably a small amount of cash. The long term impacts on your company could be huge.

It's important to remember that your top performers aren't delusional or confused about what market rate is. There's a reason they are a top performer! Don't use the potential of the company as a reason to "short change" them.

Employees want to work with managers who care about them. Pre-emptive raises or adjustments on their pay is another way to show that a manager cares about them. Being empathetic is most of the important characteristics of a great manager.

I talked about one specific way to think about compensation and focused on top performers. I'm interested in hearing other thoughts too. I'm happy to discuss over email frank.y.wang@dell.com as well as help you think through your compensation strategy. Just send me a note!

To many, this is a sensitive topic, but I believe we should be more transparent about it.