[5786] in cryptography@c2.net mail archive
Re: snake-oil voting?
daemon@ATHENA.MIT.EDU (Ed Gerck)
Mon Sep 27 20:37:39 1999
Message-ID: <37EFFF98.7EFC4C5E@nma.com>
Date: Mon, 27 Sep 1999 16:36:56 -0700
From: Ed Gerck <egerck@nma.com>
MIME-Version: 1.0
Cc: cryptography@c2.net
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Anonymous wrote:
> There is a wide variation in the amount of validation done at polling
> places. In the local region none of this is done; you are asked to sign,
> bug your signature is not checked. No ID is required, and observers
> from political parties are not present.
In California, the situation regarding validation is different and improving
security-wise, see http://www.ss.ca.gov/elections/elections_q.htm with:
In late 1995, the Secretary of State was authorized by the Legislature and Governor to begin development of our
first-ever statewide voter registration database. By building this cumulative database and eliminating many of
the duplicate or erroneous registrations, known as "deadwood", currently on the 58 county's voter rolls, the
state and counties can reduce election costs and take another step toward prevention of fraudulent voting. For
the first time, county elections officials will be able to maintain their voter registration files with the assistance of
other elections offices throughout the state, as well as interfacing with the Department of Motor Vehicles and
the Bureau of Vital Statistics. Duplicate registrations can be cancelled, persons who have died can be removed
from voter rolls, and cross-county registrations can be updated once the CALVOTER database is in place.
Of relevance here, is that cryptographic protocols may have a better security support if
registration data is reliable and can be verified in more than one channel (eg, using DMV data).
> It seems clear that the system is primarily oriented towards preventing
> fraud by election officials and those involved in setting up the
> electronic voting.
I can't see VoteHere providing that, as I explained before -- the system
is more towards "One Name, Any Vote" than what it claims to be, as
"One Person, One Vote". There is no way you can verify if a vote
with my name was just stuffed into the ballot, for example -- but if everyone
would verify and if everyone would have just one name and if everyone
would be 100% honest and if everyone would tell all the others what
it verified, then it would work ;-) but, then, no protocol is necessary
or even possible for the sheer size of msgs involved.
Cheers,
Ed Gerck
