RE: Firm invites experts to punch holes in ballot software
From: owner-cryptography@metzdowd.com [mailto:owner-cryptography@metzdowd.com] On Behalf Of Trei, Peter Sent: Wednesday, April 07, 2004 1:17 PM [SNIP]
Frankly, the whole online-verification step seems like an unnecessary complication.
Except to those of us who don't trust the system. Implemented correctly it could be cheap and complications could be hidden from the voter. It could be cheaper - no need to pay people to do an audit when "the people" will do it for you. You only need a small fraction of "the people" to verify their votes to get a high level of confidence that the election is valid. You only need one failure to cast doubt on the election. This requires an un-forgeable receipt that cannot be used for coercion. Un-forgeable we have been doing for a while now with lots of different PK options. A receipt that cannot be used for coercion cannot give any indication to others of who you voted for. Right now this is a big complication (at least to me - I don't know how to create such a receipt that doesn't require mental gymnastics on the part of the voter). -Michael Heyman --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
Maybe the receipt should only allow the voter to check that his vote has
been counted. To get the detail you could require him to appear in person
with his receipt AND a photo ID or some such, then only allow him to view
his detail -- not print it.
Paul Zuefeldt
----- Original Message -----
From:
From: owner-cryptography@metzdowd.com [mailto:owner-cryptography@metzdowd.com] On Behalf Of Trei, Peter Sent: Wednesday, April 07, 2004 1:17 PM [SNIP]
Frankly, the whole online-verification step seems like an unnecessary complication.
Except to those of us who don't trust the system. Implemented correctly it could be cheap and complications could be hidden from the voter. It could be cheaper - no need to pay people to do an audit when "the people" will do it for you. You only need a small fraction of "the people" to verify their votes to get a high level of confidence that the election is valid. You only need one failure to cast doubt on the election. This requires an un-forgeable receipt that cannot be used for coercion. Un-forgeable we have been doing for a while now with lots of different PK options. A receipt that cannot be used for coercion cannot give any indication to others of who you voted for. Right now this is a big complication (at least to me - I don't know how to create such a receipt that doesn't require mental gymnastics on the part of the voter). -Michael Heyman --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
On 1081373018 seconds since the Beginning of the UNIX epoch "Paul Zuefeldt" wrote:
Maybe the receipt should only allow the voter to check that his vote has been counted. To get the detail you could require him to appear in person with his receipt AND a photo ID or some such, then only allow him to view his detail -- not print it.
I'd be slightly uncomfortable with this since the authorities should not have a mechanism by which they can discover for whom I voted. -- Roland Dowdeswell http://www.Imrryr.ORG/~elric/
I wasn't suggesting the authorities have access to your vote. The role of
the authorities is to provide the polling/vote-verification facility and to
enforce physical security. You would keep your receipt private, using it
for two purposes: 1. To unlock a voter registration record to be used by the
authorities to verify your physical credentials.
2. Having been verified as the true owner of the receipt, to allow you to
view your vote detail in private.
Paul Zuefeldt
----- Original Message -----
From: "Roland C. Dowdeswell"
On 1081373018 seconds since the Beginning of the UNIX epoch "Paul Zuefeldt" wrote:
Maybe the receipt should only allow the voter to check that his vote has been counted. To get the detail you could require him to appear in person with his receipt AND a photo ID or some such, then only allow him to view his detail -- not print it.
I'd be slightly uncomfortable with this since the authorities should not have a mechanism by which they can discover for whom I voted.
-- Roland Dowdeswell http://www.Imrryr.ORG/~elric/
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
participants (3)
-
Michael_Heyman@NAI.com -
Paul Zuefeldt -
Roland C. Dowdeswell