Re: Re: securing electronic ballots

From: Clay Lenhart <clay_at_lenharts_dot_net>
Date: Tue Nov 25 2003 - 15:45:40 CST

> One weakness of the system is the one I've raised a couple times.
> Voters cannot understand how the system works (in any meaningful
> detail). For example, imagine I were a voter who did not have any

This is a good point here. If you don't mind, I would like to generalize it. "Voters should not be able to defeat the security." This includes voters' ignorance too.
> According to Chaum's system, the poll workers are SUPPOSED TO shred one
> layer on my way out. Anyone who has been to a polling place knows that
> it would not be of great practical difficulty to "forget" to place a
> layer in the shredder prior to leaving the building. Even should I make
> such an omission, the electronic vote was already recorded when the
> receipts were printed.

The receipt idea, in general, is interesting. It is a way to verify that your vote exists without discovering the contents of the vote. It would require voters to verify it, however. That limits its usefulness, because the feedback is delayed (you have to wait until *enough* voters complain).

I would like to focus on a scheme that interested organizations can verify the votes even at the expense of voters being able to verify their individual votes. The organizations (or even journalists) should have access to the verifing data so that they are able to act quickly.

> The question remains open on how we handle the gap between electronic
> and printed ballots. I do not think WE (EVM2003) can merely decide an
> approach; what might be done in a particular situation is subject to
> jurisdictional law and court challenges to outcomes. Perhaps, however,
> the OVC can provide *recommendations* for how to handle these
> anticipated gaps.

I tend to think that the electronic safeguards will tell us when a manual count of the paper trail is needed. Electronic safeguards cannot prevent the modification of the bytes stored on the disk, so it can't prevent the electronic version from being modified. The best we can do is detect the changes. I believe the goal of electronic safeguards is to detect inserts, updates, and deletes -- not prevent them.

= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
Received on Sun Nov 30 23:17:08 2003

This archive was generated by hypermail 2.1.8 : Sun Nov 30 2003 - 23:17:13 CST