RE: voting

[Trei, Peter]

> Perry E. Metzger wrote:
> 
> I'm a believer in the KISS principle.
> 
> A ballot that is both machine and human readable and is constructed by
> machine seems ideal. You enter your votes, a card drops down, you
> verify it and drop it in a slot. Ideally, the cards would be marked
> with something like OCR-B so that the correspondence between machine
> marking and human marking is trivial.
> 
> You can't have "hanging chads" or mismarks on optical cards because a
> machine marks it for you. You can always do a recount, just by running
> the cards through the reader again. You can prevent ballot stuffing by
> having representatives of several parties physically present during
> the handling of the ballot boxes -- just like now. You can verify that
> the counting mechanisms are working right by manually counting if
> needed.
> 
> Complicated systems are the bane of security. Systems like this are
> simple to understand, simple to audit, simple to guard.
> 
> Perry E. Metzger  [EMAIL PROTECTED]
> 
I think Perry has hit it on the head, with the one exception that
the voter should never have the receipt in his hand - that opens
the way for serial voting fraud.

The receipt should be exposed to the voter behind glass, and
when he/she presses the 'accept' button, it visibly drops into 
the sealed, opaque ballot box.

Peter

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Lottery Numbers

[R. A. Hettinga]

The New York Times

April 8, 2004
ONLINE DIARY

Lottery Numbers and Books With a Voice
By PAMELA LiCALZI O'CONNELL


 Pick a Number

Lotto players, note: it's awfully hard to come up with a truly random
number or number sequence.

 Most online random-number generators actually offer "pseudo-random"
numbers because computers aren't good at doing anything by chance. To
generate numbers that are truly random requires a source of entropy, or
disorder, outside the computer itself.

 A new site, randomnumbers.info, locates such a source in quantum physics,
specifically, the reflection of a light particle on a semitransparent
mirror. The site exploits this optical process to generate up to 1,000
random numbers on demand.

 "You need a quantum process if you want real randomness," said Grégoire
Ribordy, chief executive of Id Quantique, a commercial spinoff of the
University of Geneva, the project's originator.

 Other sites also offer true random numbers, said Mads Haahr, lecturer in
computer science at Trinity College, Dublin. His site, random.org, uses
atmospheric noise from a radio as a source of disorder; the random numbers
at HotBits (www.fourmilab.ch/hotbits) are generated by radioactive decay;
and LavaRnd (www.lavarnd.org) taps the unpredictability of lava lamps.

 Aside from players looking for an edge in Pick Six, true random number are
needed in applications like cryptography. But people also have used
random.org's output in unexpected ways. One writer used random numbers to
help decide on the next plot twist in his novel. Others have tapped the
site to determine the order of words asked in a spelling bee and to help
decide which chores on a list to do first.

 For some, then, random numbers are the holy grail of decision-support
tools: a truly unbiased source.





-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: Firm invites experts to punch holes in ballot software

[Roland C. Dowdeswell]

On 1081373018 seconds since the Beginning of the UNIX epoch
"Paul Zuefeldt" wrote:
>
>Maybe the receipt should only allow the voter to check that his vote has
>been counted. To get the detail you could require him to appear in person
>with his receipt AND a photo ID or some such, then only allow him to view
>his detail -- not print it.

I'd be slightly uncomfortable with this since the authorities should
not have a mechanism by which they can discover for whom I voted.

--
Roland Dowdeswell  http://www.Imrryr.ORG/~elric/

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: voting

[Perry E. Metzger]

"Trei, Peter" <[EMAIL PROTECTED]> writes:
> I think Perry has hit it on the head, with the one exception that
> the voter should never have the receipt in his hand - that opens
> the way for serial voting fraud.
>
> The receipt should be exposed to the voter behind glass, and
> when he/she presses the 'accept' button, it visibly drops into 
> the sealed, opaque ballot box.

Seems fine by me, except I'd make the ballot box only lightly frosted
-- enough that you can't read the contents, but light enough that poll
inspectors can visually assure themselves that the contents aren't
mysteriously altered during the course of the day.

By the way, I should mention that an important part of such a system
is the principle that representatives from the candidates on each side
get to oversee the entire process, assuring that the ballot boxes
start empty and stay untampered with all day, and that no one tampers
with the ballots as they're read. The inspectors also serve to assure
that the clerks are properly checking who can and can't vote, and can
do things like hand-recording the final counts from the readers,
providing a check against the totals reported centrally.

The adversarial method does wonders for assuring that tampering is
difficult at all stages of a voting system.

-- 
Perry E. Metzger[EMAIL PROTECTED]

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]