Firm invites experts to punch holes in ballot software

Trei, Peter ptrei at rsasecurity.com
Wed Apr 7 13:16:46 EDT 2004


Major Variola (ret) wrote:

>Peter, what would be wrong with having a machine in the booth that
>prints
>any valid receipt BUT is not connected to the voting system.  "To vote
>use the red machine; if you're being coerced you can use the blue
>machine
>to print as many receipts as intimidators."

>A trade off between (mild) user complexity and the desire for receipts
>(without coercion).

The system described allows the user to take a reciept (which has
only numbers on it) and use a website to determine that the vote
was recorded correctly.

A decoy receipt would also have to pass this test.

Frankly, the whole online-verification step seems like an
unneccesary complication.

* Both real and decoy receipts would have to be in the database
for verification - which bothers me a lot.

* There seems to be no provision for recounts - what are they 
supposed to do - have everybody send in their receipts? How can you
tell the decoys from the real?

I give VoteHere kudos for releasing their source, but it doesnt
solve the e-voting problem.

Peter Trei

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list