Re: Renewed anonymity concern in OVC design

From: Arthur Keller <arthur_at_kellers_dot_org>
Date: Thu Jul 08 2004 - 21:36:39 CDT

>On Thu, 8 Jul 2004 13:50:53 -0400, David Mertz
><> wrote:
>> > For that matter, someone can take a miniature camera into the voting
>> > booth.

Alan Dechert added:

> > > There is no end to this line of inquiry.
>> The camera does not prove that the ballot was actually cast, rather
>> than merely printed. A voter who wished to avoid complying with
>> vote-coercion/buying, but keep her kneecaps intact, can defeat the
>> attack. Specifically, photograph an uncast ballot, send it to
>> bad-guys, either spoil it with poll-worker or simply do not cast it.
>> In contrast, a voter has no similar recourse for the
>> ballot-ID-memorization attack.
>> There is an end to this line of inquiry... it just may not occur at the
> > same place as the beginning of the inquiry.

At 10:59 AM -0700 7/8/04, Joseph Lorenzo Hall added:
>It seems that the problem here is that the voter and colluder (that's
>not a word, is it?) can easily remember the numbers... how about
>chaning that? Make them 20-digit numbers or symbols that are hard to
>remember (I can't imagine what). Is the concern with 20-digit numbers
>that this constitutes another possible covert chanel?

I do think that this is a potential problem. Addressing that problem
may open up another problem.

One of the uses of the 4-digit number is for reconciling spoiled
ballots. The ballot ID of spoiled ballots is entered into the BRP as
part of the reconciliation procedure.

We need an alternative for that process.

Best regards,

Arthur M. Keller, Ph.D., 3881 Corina Way, Palo Alto, CA  94303-4507
tel +1(650)424-0202, fax +1(650)424-0424
= The content of this message, with the exception of any external 
= quotations under fair use, are released to the Public Domain    
Received on Sat Jul 31 23:17:07 2004

This archive was generated by hypermail 2.1.8 : Sat Jul 31 2004 - 23:17:15 CDT