Re: VoteHere

From: charlie strauss <cems_at_earthlink_dot_net>
Date: Thu Dec 14 2006 - 12:23:09 CST

-----Original Message-----
>From: Joseph Lorenzo Hall <>

Thanks for the astute comments and links Joseph. I think I feel the same as you appear to: there's a lot of promise for cryto but the mathematical community is not addressing the needs of people to trust the process without having to have faith in things they don't understand.

I think the resolution of the problem is really simple. You just have an ordinary paper ballot system. Plus you have a separate channel that uses encryption. It's an entirely parallel path. If it failed or got corrupted we dont' care, the election still works. The election workers never even see it or deal with it. Nor does the voter excpet possibly picking up a reciept. It's just silently in the background prevent a whole host of possible transport issues. It it adds another onion layer to the task of stuffing or altering the paper ballots. it catches all sorts of tabulation errors.

But the really big payoff is this: it allows us to audit the normal voting counting process ourselves. The key realization here is that we make it a parallel process. We are not depending on crytpo to secure the election.

>3. Charlie brought up the camera-phone problem. Charlie, is there a
>system that doesn't suffer from a camera-phone attack? How confident
>would a vote-buyer or vote-seller have to be for this to serve as
>proof of a vote cast? This is similar to the ["analog hole"] problem
>in DRM/TPM research: if the voter gets to see their ballot, they'll
>always have ways of recording it.

Well I think there is an imporant nuance here. In the paper ballot system a filled in paper ballot is not a proof of vote, nor is a picture of it. Only ballot irretreivable deposited in the ballot box is proof, and you can't take a picture of that.

Let me contrast that with three other scenarios where a photo is proof of vote.
1) The under-glass voter verified paper trails like Edge system. In those the ballot is displayed and if the voter presses CAST then notation is made on the tape a below the displayed votes that the ballot was cast. At that moment a photo would show the irretreivably cast ballot and would be a proof of vote.

2) In the votehere system, numbers, not candidate names, are printed on the receipt. The connection between the numbers and the names is displayed on the screen. A photograph of the screen would reveal the meaning of the numbers on the receipt. (or at least would do so with high probability since it would be unlikely to see a screen and a receipt with the same series of numbers)

3) In ron Rivest's 3-ballot there are three places where a camera photo would be proof of vote. One of these does not even require a camera. If the voter writes down the ID numbers on the three ballots or takes a photo of it, he can later prove how he voted because it would be unlikely for three randomly chosen ballots in the published set to form a valid cryptographic triple. THus the vote buyer can be nearly certain that any three numbers he is given are proof of the vote.

In general most (but not all) crypto systems connect a specific voter with a specific published ballot through an ID number. Crytpo is being used in part to obfuscate the connection while allowing verification.

Now I don't think it has to be that way. And there are fancy crypto tricks like homomorphic encryption (like the El Gamal buzz word Vote Here touts) that try to allow vote totals to be computed without ever having to look at individual ballots. Ron Rivest's system did exactly that all on hand marked paper without any fancy crypto. (it had other problems). And I believe that the Punch-Scan method has a simmilar trick up it's sleave.

>Joseph Lorenzo Hall
>PhD Student, UC Berkeley, School of Information
>OVC-discuss mailing list

OVC-discuss mailing list
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
Received on Sun Dec 31 23:17:14 2006

This archive was generated by hypermail 2.1.8 : Sun Dec 31 2006 - 23:17:16 CST