Chaumian blinding & public voting?
Tim May
timcmay at got.net
Mon Nov 3 09:53:20 PST 2003
On Monday, November 3, 2003, at 02:44 AM, ken wrote:
> If we here can't agree on how to make machine voting both robust and
> private, then EVEN IF A PERFECT SYSTEM COULD BE DESIGNED it is
> extremely unlikely that a large number of people could be persuaded
> that it /was/ perfect.
>
> So if public confidence in the mechanisms of voting is considered
> desirable, no electronic or digital system is viable.
>
> > You can run an algorithm on any subset of codes, including just
> > your own,
> [...]
>
> you already lost 94% of the electorate. They are saying "huh?" and
> going back to whatever they were doing before the election rudely
> interrupted them.
>
I should have mentioned in my last response that there have already
been cases where the "electronic vote results" were accidentally posted
before the election polls had closed. This did wonders for belief in
the system.
One of the reported cases was somewhat understandable, not that this
affected overall suspicion of the system: some or most of the absentee
ballots had already been counted and recorded into the electronic
system. They were of course not supposed to be agglomerated with the
other electronic vote totals until after the polls closed. Someone made
a typical computer error and the partial totals were released ahead of
the polls closing. Apparently some number of voters planning to vote
thought the election was over and didn't vote.
Now with conventional, slow, paper-based systems of the sort we mostly
still use in the U.S., there are various "ontological safeguards," or
"speed bumps," which make this kind of "computer error" less of an
issue.
Any computerized system is likely to have glitches like the above, each
of which will cause some fraction of the electorate to think things are
rigged. As they probably will be.
(By the way, there are some possible crypto fixes, such as
"timed-release crypto." A beacon could broadcast an unlocking key at
some time well after the polls had closed, simultaneously unlocking the
many sealed ballot messages. Of course, Joe Sixpack will not understand
or trust this kind of complexity, either.)
SSL works because it is transparent (hidden from) to the user.
Likewise, the crypto used in lottery tickets (e.g., the Scientific
Games model) is transparent to the user and he doesn't have to pore
over crypto explanations before buying a ticket.
(I bought _one_ lottery ticket, for $1, just to see how the numbers
were done. Lotteries are of course a tax on the gullible and stupid.)
I see less chance that a crypto-based electronic voting system will be
adopted in the U.S. than that Robin Hanson's and John Poindexter's "let
CIA gamble on who gets assassinated" betting pool will rise from the
dead.
--Tim May
More information about the cypherpunks-legacy
mailing list