Re: MORE Questions from election officials

From: David Mertz <voting-project_at_gnosis_dot_cx>
Date: Tue May 04 2004 - 02:06:10 CDT

On May 4, 2004, at 2:49 AM, james_in_denver wrote:
> Just briefly reviewed the "Chaum" method, what I am thinking of appears
> to be along those lines. What I see/hear as being important is for any
> voter, at any time, to be able to pull out a stub from their ballot,
> enter a code printed on that ballot (hopefully at any internet-browser
> pointing at that particular elections web-site), and be able to review
> their voting record.

Can they review that record while an "interest party" has a gun pointed
at their head?

If so, it's a no-go. The anonymity requirement is that it is
impossible to prove that a voter voted a certain way once she is
outside the polling place. If the voter can construct such a proof,
the vote-buyer or vote-coercer can demand such a proof construction.

Chaum's method doesn't disclose this information. The voter takes a
secret (key) with her out of the polling place, but the secret is
constructed in such a way as not to allow reconstruction of the actual
vote. Instead, the secret just enables a mathematical proof that the
voter's vote was included in the vote aggregation.

It's not identical to the following, but the concepts are close enough.
  If you are familiar, at least in passing, with public-key cryptography
like PGP/GPG, think of a scenario:

(1) Voter goes to polling place with public key K_pub in hand.
(2) Voter votes, and has vote encoded with a one-time key.
(3) One-time key is destroyed when voter leaves, and voter cannot take
it with her.
(4) Voter signs *encrypted* vote with K_pub.
(5) After polling closes, all the signed/encrypted votes are published
on internet.
(6) Voter can use her matching private key K_priv to validate signature
created with K_pub. But the underlying vote is still encrypted with
destroyed one-time key.

If the bad guys hold a gun to Voter's head, they can force her to
reveal K_priv. But all they can do then is prove that -some- vote was
signed using K_pub, not the content of that vote. Voter is free to
claim "yes I voted as ordered"... but not even voter can prove or
refute the claim of a specific vote.

Chaum's system is actually a bit more complicated and clever than this.
  But in outline it is similar.
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
Received on Mon May 31 23:17:08 2004

This archive was generated by hypermail 2.1.8 : Mon May 31 2004 - 23:18:15 CDT