Ed Gerck[SMTP:egerck@nma.com]
John Kelsey wrote:
At 11:05 AM 4/9/04 -0400, Trei, Peter wrote: ....
1. The use of receipts which a voter takes from the voting place to
'verify'
that their vote was correctly included in the total opens the way for voter coercion.
I think the VoteHere scheme and David Chaum's scheme both claim to solve this problem. The voting machine gives you a receipt that convinces you (based on other information you get) that your vote was counted as cast, but which doesn't leak any information at all about who you voted for to anyone else. Anyone can take that receipt, and prove to themselves that your vote was counted (if it was) or was not counted (if it wasn't).
The flaw in *both* cases is that it reduces the level of privacy protection currently provided by paper ballots.
Currently, voter privacy is absolute in the US and does not depend even on the will of the courts. For example, there is no way for a judge to assure that a voter under oath is telling the truth about how they voted, or not. This effectively protects the secrecy of the ballot and prevents coercion and intimidation in all cases.
I'd pretty much dropped this topic after it became clear that Mr. Leichter's only response to the problems that people pointed out in VoteHere's scheme (in particular, its vulnerability to vote coercion, and lack of recountability) was to attempt to redefine them as non-problems. However, since the topic has arisen again..... Ed's got a very good point. I always prefer security which relies for its integrity on the laws of nature, rather than on people behaving with integrity. Peter Trei