Maybe the receipt should only allow the voter to check that his vote has been counted. To get the detail you could require him to appear in person with his receipt AND a photo ID or some such, then only allow him to view his detail -- not print it. Paul Zuefeldt ----- Original Message ----- From: <Michael_Heyman@NAI.com> To: <cryptography@metzdowd.com>; <cypherpunks@al-qaeda.net> Sent: Wednesday, April 07, 2004 3:14 PM Subject: RE: Firm invites experts to punch holes in ballot software
From: owner-cryptography@metzdowd.com [mailto:owner-cryptography@metzdowd.com] On Behalf Of Trei, Peter Sent: Wednesday, April 07, 2004 1:17 PM [SNIP]
Frankly, the whole online-verification step seems like an unnecessary complication.
Except to those of us who don't trust the system. Implemented correctly it could be cheap and complications could be hidden from the voter. It could be cheaper - no need to pay people to do an audit when "the people" will do it for you. You only need a small fraction of "the people" to verify their votes to get a high level of confidence that the election is valid. You only need one failure to cast doubt on the election. This requires an un-forgeable receipt that cannot be used for coercion. Un-forgeable we have been doing for a while now with lots of different PK options. A receipt that cannot be used for coercion cannot give any indication to others of who you voted for. Right now this is a big complication (at least to me - I don't know how to create such a receipt that doesn't require mental gymnastics on the part of the voter). -Michael Heyman --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com