US Election Assistance Commission - Voluntary Voting System Guidelines Vote
EAC Home
Introduction
View Guidelines
View Comments
Glossary

View Comments

Section CommentsGeneral CommentsGlossary Comments
 
Name :   Jordi Puiggali
Organization :   Scytl Secure Electronic Voting
Post Date :   9/9/2005

Section Comments
Section :  6.8.6.2
Page no. :  45
Line no.:  18
Comment :  Comments on Section 6.8.6 Electronic and Paper Record Structure
6.8.6.2 All cryptographic software in the voting system should be approved by the U.S.
Government's Cryptographic Module Validation Program (CMVP) as applicable.
Since this requirement is not mandatory (should be approved), we recommend to eliminate the “as
applicable” from it. Additionally, we propose to include an additional requirement to ensure that
cryptographic algorithms are publicly available and verified by the cryptographic community. The
use of proprietary algorithms (whose security cannot be checked by cryptographic experts) must be
discouraged. The text of this new requirement could be as follows:
6.8.6.2.1 All cryptographic algorithms used by the voting systems must be publicly available and
approved by independent cryptographic experts.