Re: Re: securing electronic ballots

From: Clay Lenhart <clay_at_lenharts_dot_net>
Date: Mon Nov 24 2003 - 12:07:07 CST

> Moreover, even raising the issue of ballot-stuffing is only a first pass
> at a threat model. For example, none of these crypto codes address the
> malicious or accidental -destruction- of valid ballots. Ballot
> validity, however, *IS* being addressed in an OK way for the demo, by
> utilizing watermark images with variable placement (tied to the
> precint/machine, so pre-printed false ballots are visually
> recognizable). Whether or not that is in the final system, I don't
> know... but it shows to politicos that we are considering the right
> issues.

David, you forget that the scheme I had can detect deleted ballots.

Since the parties declare which keys were used in the election, missing keys not used on ballots could indicate deleted ballots.

I know you are working hard on the demo, but I don't think it makes sense to avoid talking about this until later. I think we have a very interesting and challenging problem that will take some time to work out: detecting inserts, updates and deletes of ballots without being obtrusive to the voting process.

It's not like we could do something behind your back. When you have time again, we'll bring you up to speed on where we are and address concerns that you may have.

= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
Received on Sun Nov 30 23:17:07 2003

This archive was generated by hypermail 2.1.8 : Sun Nov 30 2003 - 23:17:13 CST