Firm invites experts to punch holes in ballot software

Trei, Peter ptrei at rsasecurity.com
Wed Apr 7 16:10:34 EDT 2004


> Ian Grigg[SMTP:iang at systemics.com] wrote:
> 
> Trei, Peter wrote:
> > Frankly, the whole online-verification step seems like an
> > unneccesary complication.
> 
> It seems to me that the requirement for after-the-vote
> verification ("to prove your vote was counted") clashes
> rather directly with the requirement to protect voters
> from coercion ("I can't prove I voted in a particular
> way.") or other incentives-based attacks.
> 
> You can have one, or the other, but not both, right?
> 
> It would seem that the former must give way to the latter,
> at least in political voting.  I.e., no verification after
> the vote.
> 
> iang
> 
Yes, that seems to be the case. Note that in the current
(non computer) systems, we have no way to assure 
that our votes  actually contributed to the total, but the 
procedural stuff of having mutually hostile observers to 
the counting process makes deliberate discarding of 
one side's votes less likely. (Non-deliberate losses - 
such as the recent failure to record cards marked 
with the wrong kind of pen - can still happen).

VoteHere, while they seem to be well-meaning, have
not solved the problem. Mercuri & Rivest have 
described how to do it right; we just need someone
to buld or retrofit the machines appropriately.

Peter Trei


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list