Posts Tagged 'encryption'

The Philippine National Public Key Infrastructure

About time. Original article from Inquirer.net: CICT explores use of digital signatures.

MANILA, Philippines–The Commission on Information and Communications Technology (CICT) has secured a $2.3-million grant from South Korea to help establish a national public key infrastructure (PKI) standards body in the Philippines.

This PKI body will be responsible for issuing digital signatures (or digital certificates) for individual and business users transacting with government-run websites.

It’s nice to know that got some grant so that the government can do some action. Doc Mana has been ranting about creating an infrastructure a few months ago during press releases about the modernization of the national elections.

Even if we did not receive a grant, the Philippines can creatively setup an infrastructure. Given that PKI technology is not new and a lot of local companies are providing these service anyway, we can simply setup a national federation of Certification Authorities (CAs) in the Philippines issues these public keys.

Probably most of the funds of the grant will go into the pilot deployment on government organizations like the BIR (which volunteered). But hey, how about Comelec? You guys have a deadline right?

Technical aspects of election computerization

I was invited (via Facebook events) to attend the first CSP Kapihan discussing the technical aspects of computerizing the Philippine elections. Dr. Pablo Manalastas and Ms.Ito Gruet gave very interesting ideas and pointed out key concepts that the Comelec missed out in the planned pilot testing in the ARMM elections.

Doc Mana stressed out that the Vendors demonstrating ballot counting equipment simply saw the digital signatures as a burden to them despite the fact that the electronic documents such as ballots or election returns from the precints have to be digitally signed according to the law. His blog discusses what does it mean for a document to be digitally signed in detail. To my law school and lawyer friends, what does the e-commerce bill and election modernization bill really mean by digitally signing?

It was very interesting to note Ms. Ito Gruet’s point on the current election process. Of the 25-40 days that consumes the canvassing of votes, only one day is spent in the precint-level tallying. After that, the generated election returns will travel to various levels of canvassing boards to declare winners for municipalities, provinces and the Philippines. The the use of digital recording equipment or optical mark readers will only improve the counting on the election return generation. Clearly the bill describing the modernization of Philippine elections failed to analyze the entire process properly and misidentified the bottlenecks. I like Ms. Ito’s group’s suggestion to deploy a simple web app that will facilitate submission of election returns. With this we can simplify the communication process and reduce the possiblity of missing election returns as it travels to various boards of canvassers.

I had a fruitful discussion with Doc Mana and Dr. Bill Torres, grandfather of the Philippine internet and president of MozCom Philippines on how to deploy the system. In the process of submitting the encoded election return, the board of election inspector will digitally sign the submission to guarantee the authenticity of the data transmitted. In terms of deployment, we can integrate the DepEd’s school computerization program since most of the precints are public schools and the officers are the teacher. When the election season is not around, the computers can be used for their teaching materials. This is an efficient way of utilizing taxpayer’s resources for IT infrastructures. For communications, we can use our mobile phones as GPRS modems to send encoded data to the central database.

But with these suggestions comes new challenges to the system. Instead of political magnates using guns, goons and gold to propel their electoral machinery, they will be commissioning hackers to send denial of service attacks to Comelec’s web server so that no-one will be able to submit results of the election retur ns. Engineers building the system must be vigilant to prevent these attacks.

Links: