Firm invites experts to punch holes in ballot software
Trei, Peter
ptrei at rsasecurity.com
Wed Apr 7 16:10:34 EDT 2004
> Ian Grigg[SMTP:iang at systemics.com] wrote:
>
> Trei, Peter wrote:
> > Frankly, the whole online-verification step seems like an
> > unneccesary complication.
>
> It seems to me that the requirement for after-the-vote
> verification ("to prove your vote was counted") clashes
> rather directly with the requirement to protect voters
> from coercion ("I can't prove I voted in a particular
> way.") or other incentives-based attacks.
>
> You can have one, or the other, but not both, right?
>
> It would seem that the former must give way to the latter,
> at least in political voting. I.e., no verification after
> the vote.
>
> iang
>
Yes, that seems to be the case. Note that in the current
(non computer) systems, we have no way to assure
that our votes actually contributed to the total, but the
procedural stuff of having mutually hostile observers to
the counting process makes deliberate discarding of
one side's votes less likely. (Non-deliberate losses -
such as the recent failure to record cards marked
with the wrong kind of pen - can still happen).
VoteHere, while they seem to be well-meaning, have
not solved the problem. Mercuri & Rivest have
described how to do it right; we just need someone
to buld or retrofit the machines appropriately.
Peter Trei
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list