Perry E. Metzger wrote: > Complicated systems are the bane of security. Systems like this are > simple to understand, simple to audit, simple to guard.
I fully agree, but there is a wide variety of voting schemes out there, of varying complexity. In a ballot with only very few options, your proposal makes sense. But in some cases, the complete description of a vote doesn't necessarily fit onto an A4 paper sheet. Our own municipal elections are so complicated that you fill in your votes at home and bring the paperwork to the election office. In the U.S., some of the simple votes are linked to dozens of plebiscites, and you'll have a hard time to print that onto a small piece of paper, too. But I can't see why computerized voting is so important. Here in Germany, the pencil-and-paper method is doing just fine. Volunteers do the counting, so there is no monetary incentive to automate this process. It means that we have to wait a few hours (or even days, in case of the municipal elections) before preliminary official results are available, but this doesn't seem to be a significant problem, IMHO. However, I'm sure our own paper-based voting system would fall apart if subjected to the same scrutiny as Diebold's voting machines. It's just a different kind of insecurity. -- Current mail filters: many dial-up/DSL/cable modem hosts, and the following domains: postino.it, tiscali.co.uk, tiscali.cz, tiscali.it, voila.fr. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]