Re: Crypto question: Hashing ultimate outputfor localuse

From: Ed Kennedy <ekennedyx_at_yahoo_dot_com>
Date: Mon May 02 2005 - 18:05:59 CDT

Hello:

Thank you Ron. Also, Keith, I am interested in your public key and network of trust concept but I had trouble following it. Could you try again? For an example of a clear explanation, see David Mertz's wonderfully clear discussion about hashes today. FYI: I do understand public or twin key cryptography on an elementary level.

-- 
Thanks, Edmund R. Kennedy
Always work for the common good.
10777 Bendigo Cove
San Diego, CA 92126-2510
USA
I blog now and then at: <http://ekennedyx.blogspot.com/>
  ----- Original Message ----- 
  From: Ron Crane 
  To: Open Voting Consortium discussion list 
  Sent: Monday, May 02, 2005 3:30 PM
  Subject: Re: [OVC-discuss] Crypto question: Hashing ultimate outputfor localuse
  This is a *very* important part of our mission. We must not assume that poll workers are tech-savvy. Our procedures will have to be very carefully and clearly written, and will have to be focus-group tested (and refined and tested again) before being finalized.
  -R
  On May 2, 2005, at 1:35 PM, Ed Kennedy wrote:
    Hello Keith:
     
    Respectfully, have you been a poll worker?  Poll workers are generally elderly and retired folks.  I've done a poll working gig and I have to back up Teresa here on the general ability level.  Please give poll work a try yourself before assuming poll workers can do various things. 
    --
     
    Thanks, Edmund R. Kennedy
     
    Always work for the common good.
     
    10777 Bendigo Cove
    San Diego, CA 92126-2510
    USA
     
    I blog now and then at: <http://ekennedyx.blogspot.com/>
    ----- Original Message -----
    From: Teresa Hommel 
    To: K@copetech.com ; Open Voting Consortium discussion list 
    Sent: Monday, May 02, 2005 4:32 AM
    Subject: Re: [OVC-discuss] Crypto question: Hashing ultimate outputfor localuse
    You have poll workers who can't find the on-off button on the computer, etc. How are they going to accomplish this task with hashes?
    Teresa Hommel
    Keith Copenhagen wrote:
    Hashing by itself is not a panacea,
    You start with a public ovc generated set of hashes that verify the  starting point.
    For each election then the people running the election generate the  original public
    private key pair (PK) and create a CD that contains a signed set.
    Then you build a web of trust (pyramid of delegation) based on PK the  propogates
    out to the polling station, and then back to the tabulated record.
    Correlating and verifying the integrity of the log(s), then allows you to  certify
    the election.  If you have parallel signed logs (ie. 1 in the tabulator,  and 1 in
    the operator's flash key) then it becomes virtually impossible to  successfuly tamper
    with the data.
    If you simply verify the hash at the polling place, then you run the risk  of an official
    duplicating the CD and running a parallel election and submitting that CD.
    -Keith
    On Sun, 1 May 2005 21:23:14 -0700, Ed Kennedy <ekennedyx@yahoo.com> wrote:
    Hello David:
    All very well and good.  However, who would generate the Election Day  startup hash of the whole disk if it must be customized for every  election at every location?  This introduces the need for another  'trusted' (read NOT) person in the administrative process and therefore  another weak point. I think that you (all) are going to have to go with  modules.
    Also, I think we're going to need some administrative process whereby  either all the poll workers or at least the poll captain signs off that  the hash they see is the one that was in the news paper.
    _______________________________________________
    OVC discuss mailing lists
    Send requests to subscribe or unsubscribe to arthur@openvotingconsortium.org
    _______________________________________________
    OVC discuss mailing lists
    Send requests to subscribe or unsubscribe to arthur@openvotingconsortium.org
------------------------------------------------------------------------------
  _______________________________________________
  OVC discuss mailing lists
  Send requests to subscribe or unsubscribe to arthur@openvotingconsortium.org

_______________________________________________
OVC discuss mailing lists
Send requests to subscribe or unsubscribe to arthur@openvotingconsortium.org
==================================================================
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
==================================================================
Received on Tue May 31 23:17:13 2005

This archive was generated by hypermail 2.1.8 : Tue May 31 2005 - 23:17:52 CDT