Re: Security markings on the ballot

From: Arthur Keller <arthur_at_kellers_dot_org>
Date: Fri Oct 24 2003 - 00:37:06 CDT

What do you think about printing the ballots on special paper
pre-printed with color ink that says County of XXX Ballot etc., like
a real ballot, with a serial number printed on a perforated tear-off
stub the voter can keep. That allows for some control over ballot
stock, and makes it harder to substitute ballot forms.

Best regards,
Arthur

At 3:28 PM -0400 10/23/03, David Mertz wrote:
>I've thought a bit more about the security marking since last night. I
>still think the image (even if we play with placement), is a poor
>security measure.
>
>I wouldn't mind using an image to make the ballots "feel" more official
>than a plain paper would; but I don't want to sell this as a security
>feature.... we might be able to convince some non-tech-savvy elections
>officials that it had to do with security--but as soon as someone who
>actually understand cryptography and security comes along, we would have
>egg on our face.
>
>What I WOULD like to do, is use a placeholder for the actual
>cryptographic signature during the demo. That is, I proposed what I
>think is the right protocol--but Doug had some doubts, and I am quite
>happy with bracketing that discussion until after the demo. But for the
>demo, we could still mark the place where the crypto WOULD go in the
>production system. I.e. some quick ASCII art:
>
> +----------------------------------------+
> | 4216 4216 |
> | |
> | OFFICIAL BALLOT |
> | GENERAL ELECTION |
> | SANTA CLARA ... |
> | |
> | |
> | |
> | President -------> Rachel Carlson |
> | |
> |-- ...etc... --|
> |-- --|
> |-- --|
> |-- --|
> |-- --|
> |-- --|
> |-- --|
> |-- --|
> |-- --|
> |-- --|
> |-- --|
> | |
> | |
> | |
> | |
> | Authentication Code: 123456 |
> | |
> | 4216 4216 |
> +----------------------------------------+
>
>That is, we could actually use the fixed code '123456' for the demo,
>just to show where such a thing might go, and how it might look. Anyone
>who wants more info, can talk to me or Doug (or to someone) about
>cryptographic hash functions, encryption algorithms, key disclosure
>schedules, and so on. And I can update the Architecture to contain a
>(speculative) discussion of how we might eventually handle such things.
>
>Yours, David...

-- 
-------------------------------------------------------------------------------
Arthur M. Keller, Ph.D., 3881 Corina Way, Palo Alto, CA  94303-4507
tel +1(650)424-0202, fax +1(650)424-0424
==================================================================
= The content of this message, with the exception of any external 
= quotations under fair use, are released to the Public Domain    
==================================================================
Received on Fri Oct 31 23:17:04 2003

This archive was generated by hypermail 2.1.8 : Fri Oct 31 2003 - 23:17:07 CST