Re: Barcode Redux

From: Arthur Keller <arthur_at_kellers_dot_org>
Date: Fri Jun 04 2004 - 18:09:50 CDT

At 3:24 PM -0400 6/4/04, David Mertz wrote:
>Even an information-limited barcode can leak *some* information
>though. If the barcode includes one bit more than the globally
>optimal encoding, it could answer the improper question "Is this
>voter a registered Democrat?" If it includes two bits leeway, it
>could answer the first question plus "Did this voter vote in the
>last election?" If it includes maybe ten bits of padding it could
>identify which house in the precinct the voter lives in.
>
>Putting contests at bit boundaries, it should be noted, means the
>encoding is not the globally optimal one. It requires cleverness to
>conform to a basic encoding and still hide information, but some
>mathematicians are very clever.
>
>Moreover, as soon as we put in crypto codes, there's some more room
>for leakage. For example, let's say we use a 64-bit RSA signature.
>It might seem like that 64-bits is simply exactly what is needed for
>the specified key. But key selection might not be truly random: for
>example, I might choose primes selectively during key generation,
>thereby leaking info by the pattern of my selection.
>
>All that said, I'll push the slogan I made up before: You can fit
>fewer dangerous things in a jewelry box than in a truck trailer!

Where does all this information come from? The inputs are the voter
and the vote enabling info (smart card, dumb card, activation code,
whatever).

Note that if it weren't for us CS types complaining about the
unreliability of DRE's, voters *would* trust them. So why would
voters care about what's in the bar code when they can verify their
vote is in the bar code?

Best regards,
Arthur

-- 
-------------------------------------------------------------------------------
Arthur M. Keller, Ph.D., 3881 Corina Way, Palo Alto, CA  94303-4507
tel +1(650)424-0202, fax +1(650)424-0424
==================================================================
= The content of this message, with the exception of any external 
= quotations under fair use, are released to the Public Domain    
==================================================================
Received on Wed Jun 30 23:17:06 2004

This archive was generated by hypermail 2.1.8 : Wed Jun 30 2004 - 23:17:29 CDT