Re: securing electronic ballots

From: charlie strauss <cems_at_earthlink_dot_net>
Date: Wed Nov 26 2003 - 09:58:35 CST

Getting back to the original question. chaum's proposal

two points: 1) I think he's solving the wrong problem and 2) I think I
can offer some suggestions about how to defeat his system

first I think this whole need for secret ballots and avoiding giving
human readable receipts the voter can take home is being overplayed.
For example, if I vote by absentee ballot right now, all these legends
about coerced voting are also operative. Similarly, right now many of
the optical scan systems suck your ballot in, read it and plop it in a
nice neat stack all in order. But we really dont worry about that
since the box is locked and its implausible that hours later anyone
could associate you with your vote.

If you want to argue the point I'd say its much more plausible that
some one with a hidden video camera or a hidden key-logger would watch
over your shoulder as you vote.

So what I'm saying is that only a feeble sort of crypto to put a thin
veil over things is all that is neccessary to give out receipts and
preserve secret balloting. hard cryto is a waste of effort and
complicates things.

for example, here's a good-enough solution: give the voter a valid
receipt, perhaps with a crytpto tag to mark it as real; then in the
voting area lobby you can have a practice voting machine that also
creates any recepits you want. This is good enough to fool any thug
who demands to see your receipt. But the whole thing is human readable
so its effective.

Second It seems to me that there are several ways to trivially defeat
chaum's method if I read his paper correctly.

printer problems masking machine error.
Chaum's method depends critically on the printer never glitching. on a
normal human readable ballot if the paper misfeeds slightly or the
printer glitches or a blob of ink lands on it its still usable. On
chaum's it invalidates the receipt (unknown to the voter till after
they leave the poll) . I would predict that there would be far more
such errors every voting day than there would ever be fraud/errors in
which voters actually checked their ballots and found out they had been
cheated--everyone would just assume it was a printer glitch.

Traditional deliberate fraud methods:

method 1) the printer prints out a receipt that looks like it verifies
your ballot. but really a bad machine prepares a valid looking one
just to fool you--it has nothing to do with what is recorded inside.
Later on you go to check your ballot and it does not match any record.
So what? Why should anyone believe you? To me it would be more
plausible that you are a crank and your ballot is a forgery perhaps as
an attempt to call attention to yourself or as part of a conspiracy to
disqualify votes in a certain targeted precinct. Targeted complaining
about voting irregularity is already a well known activist tactic and
your complaint would be assumed to be just that. If an attempt were
made to add codes to the ballot as an anti-forgery measure this would
make the fraud even easier. The fraudulent or error prone voting
machine merely puts out garbage tags or tags from last election. Now
if you complain they test your ballot and see that it doesn't even have
a valid tag--then they really think you are a crank.

method 2) ballot box stuffing. dont worry about swindling the real
voters, just add in additional ballots and bump up the reported number
of people going to the poll.

Crypto methods: maybe I'm missing some key point in chaums methods
yet, but I did read through the paper, and it does not actually create
a secret receipt as he claims.

method 3) does chaum's method actually accomplish its goal of secret
ballots? Consider how the vote is stored in the computer. Either the
vote is encoded in the bit pattern itself or the bit pattern is just a
key used to sign the real ballot. In the latter case, its trivial to
cheat--the machine just signs the wrong ballot. On the otherhand if
the vote is encoded in the bit pattern then it must be invertable to
read the vote at election headquarters and thus the decode key is known
and possibly could leak out. (consider that it might leak even a month
or year AFTER the election, not just before election day) Your secret
ballot is not so secret anymore. The same can be said even if the
pattern is just a non-invertable seeded md5 hash. To be useful someone
has to know the seed,and that could leak--making the ballot invertable.

= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
Received on Sun Nov 30 23:17:09 2003

This archive was generated by hypermail 2.1.8 : Sun Nov 30 2003 - 23:17:13 CST