Re: Election Theory - How to assure a fair

From: Clay Lenhart <clay_at_lenharts_dot_net>
Date: Sat Sep 27 2003 - 01:38:44 CDT

On Fri, 2003-09-26 at 23:55, David Mertz wrote:

>
> His intention is certainly good, but the details don't work. For a
> system that is FAR simpler, and has all the advantages and none of the
> disadvantage of Clay's suggestions, see:
>
> http://gnosis.python-hosting.com/voting-project/initial-digests/0109.html

I'm pretty serious about security and tampering of votes. I admit that
the procedure is more complicated. However I challenge you to find a
way to forge votes using it.

The problem with David's plan is the MACHINE-ID can be thrown out and
replaced with a different one by election officials. Then they can
create fake ballots. A central counting authority could also generate a
MACHINE-ID and any vote they want and publish it as if it were real. In
fact the document says "The stored hash still provides protection
against simple data corruption of the ballot, but not against insertion
of malicious ballots."

> There are more than two political parties in the USA. In fact, the
> specific parties that appear on ballots vary by jurisdiction (usually
> state) and contest.

The number of parties doesn't matter. You could sign ballots with 3
keys. To prevent fraud, you would need at least 2 parties.

>
> Authorizing a set of parties to distribute keys in this manner is
> extremely messy and error prone, at best. It's an invitation to fraud
> and coersion at worst. In any event, this sort of change would require
> major change to national election law; quite possibly constitutional
> change in relation to state vs. federal jurisdictional authorities.
> Needless to say, that's not the job of EVM2003.
>

The error prone issue can be addressed by the voting machine and ballot
machine. They can verify that the right keys are signing the ballot.
Fraud, coersion? This is always there, even in paper ballots. It is
good to point this out, however. With my system, the more parties
involved in signing votes, the more difficult it is to do this sort of
thing (I'm assuming that you are thinking that someone pays a party
represitive to get the private keys)
Constitutional change? I'm not a constitutional lawyer. I obserived
elections in El Salvador in '99 and found that the political parties
play a part in making sure the elections are done correctly. I think it
is a good idea.

>
> |On election day, the voter (with help) would take a smart card
>
> Bad idea. This hardware could be lost, sold, stolen, etc. Voting
> becomes contingent on distribution and retention of extra hardware.

Don't get lost in the smartcard. It could be be floppy disk. I would
add that the parties, each, should give you a disk. You don't want to
hand a disk with a private key from party A and give it to party B.

-Clay

==================================================================
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
==================================================================
Received on Tue Sep 30 23:17:09 2003

This archive was generated by hypermail 2.1.8 : Tue Sep 30 2003 - 23:17:09 CDT