Re: Joint paper for WPES 2004

From: David Mertz <voting-project_at_gnosis_dot_cx>
Date: Sun Jun 06 2004 - 09:40:48 CDT

We're looking for < 15 pages, right? The outline seems reasonable for
that, just checking for how much detail a given thing covers.

> 1. Introduction - Why a secret ballot? [< 1 page?]

> 2. Secret Ballot Requirements [<1 page?]
> FEC rules/Timing of ballots kept/Contents of ballots kept/not linked

> 3. How Secrecy Could Be Compromised [2-3 pages?]
  ++ Introduce concept of covert channel
> Recording clickstreams, sequence of voter information, timestamp of
> voter information (EBI timestamped in file system or database).
> Voter check-in system linked to registration data
> Does smart card given at voter check-in contain any personally
> identifying data?
  ++ At conference, Avi Rubin mentioned a Tempest attack. OVC doesn't
solve this, but paper should probably make a mention.

> 4. OVC System Overview [2 pages?]
  ++ Include a rundown of the design even as not specifically related to

> 5. OVC Balances Security, Reliability and Privacy
> Privacy issues in 2-D barcode...Obscuring done in 1-D barcode [1 page?]
> Smart card; EBI; ballot ID; RII. Printed ballot/privacy folder; BVA;
> multiple languages. [4 pages?]
> Privacy issues in open source.  [1 page?]
> "Public" tallying; precinct results. (break down for Ranked Pref);
> write-in. [2 pages?]
  ++ Improper vote disclosures via "special votes" (write-ins, patterns)

> 6. Conclusions. [1 page?]

> 7. References. [1-2 pages?]

Do those seem about right for distribution estimates?

I think I've worried about covert channels and timestamp/sequence leaks
about as much as anyone, so probably section 3 makes sense for me to
do. I haven't thought as much about the registration and smartcard
issues though; so if someone else wanted those.

I think anyone can do the overview, I'd be happy to, but don't care too
much either way. The FEC rules I think I understand from Doug's
characterization, but I have no special knowledge. Then again, it
seems like a brief parameter.

I think Arthur, as presenter, should make the conclusion, and probably

On the section 5 stuff, I'd particularly be interested in looking at
the open source bullet; and probably the barcode one. The list of
components and their various issues I mushed together in the
abridgment, I guess the EBI/ballot-ID parts are one I've particularly
discussed. The folder/BVA/languages, not so much; smartcard seems
repeated from section 3, but maybe other issues will be addressed. The
canvassing stuff I'll probably defer on too.

Is anyone else beyond Arthur and I interested in participating as
co-author. I'm sure he and I can do it; but most certainly if someone
like Charlie or Doug want to join, that would be wonderful (or other
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
Received on Wed Jun 30 23:17:09 2004

This archive was generated by hypermail 2.1.8 : Wed Jun 30 2004 - 23:17:29 CDT