> Date: Mon, 29 May 2000 07:52:24 -0400
> From: Dan Geer <[EMAIL PROTECTED]>
> There is no doubt whatsoever that the sanctity of a vote once
> cast can be absolutely preserved as it is moved from your house
> to the counting house. What cannot be done, now or ever, is to
> ensure the sanctity of the voting booth anywhere but in a
> physical and, yes, public location attended to by persons both
> known to each other and drawn from those strata of society who
> care enough to be present. There are no replacements for the
> voting booth as a moment of privacy wrapped in inefficient but
> proven isolation by unarguable witness, a place where we are
> equal as in no other. Move the dispatch of a vote to a remote
> browser and $100 bills, concurrent sex acts, a pistol to the head,
> wife-beating or any other combination of bribes and coercion is
> an undiscoverable concommitant of the otherwise "assured"
> integrity of the so-called vote.
There are a number of results in the crypto literature on receipt-free
voting, most recently (that I'm aware of) one presented by Kazue Sako
at last month's Eurocrypt 2000. Receipt-freeness means that voters
cannot demonstrate to third parties how they voted, and thus addresses
the bribery and coercion issue.
For an oversimplified example of how this might work, consider a
yes/no referendum with an advance registration process during which a
coin is flipped to select a random bit that will be xor'd with the
vote. For example, voting could be with red and blue, and the coin
flip determines which color means yes. Later, in the privacy of her
browser, the voter casts her red/blue vote, and no observer can tell
what it stands for. Coercion to vote either red or blue randomizes
the vote. That's still a threat, but a less serious one. (I think
Sako and Hirt's scheme may address this as well, but I'm not sure.)
Additional tricks can be used to ensure correct tallying of the vote
and to protect its anonymity (against an untrusted polling authority).
A completely different tack is to allow voters to cast as many ballots
as they like and count only the last one. This effectively defends
against buying and forcing of votes because the voter can always vote
again. (I gather that corporate proxy voting works this way.)
Although internet voting may be hunky-dory from a cryptographer's
perspective, there are some cogent (both technical and political)
arguments against its feasibility at this time. Cf. the report of
California's task force at http://www.ss.ca.gov/executive/ivote.
Sorry if I'm repeating stuff that's already been said--I just joined
this discussion in the middle.
Ray
