[Perry, please use this one if possible] Matt Blaze wrote: > an even more important problem > than psychic debunking, namely electronic voting. I think "intuitive > cryptography" is a very important open problem for our field.
Matt, You mentioned in your blog about the crypto solutions for voting and that they have been largely ignored. The reason is that they are either solutions to artificially contrived situations that would be impractical in real life, or postulate conditions such as threshold trust to protect voter privacy that would not work in real life. Technology-oriented colleagues are not even aware why threshold trust would not work in elections. Thus, the first problem of voting is that neither side (paper vote vs e-vote accepts that voting is hard to do right -- and that we have not done it yet. The real-world voting problem is actually much harder than people think. Voting is an open-loop process with an intrinsic "vote gap", such that no one may know for sure what the vote cast actually was -- unless one is willing to sacrifice the privacy of the vote. This problem is technology-agnostic. A solution [1], however, exists, where one can fully preserve privacy and security, if a small (as small as you need) margin of error is accepted. Because the margin of error can be made as small as one needs and is willing to pay, it is not really relevant. Even when all operational procedures and flaws including fraud and bugs are taken into account. The solution seems fairly intuitive. In fact, it was used about 500 years by the Mogul in India to prevent fraud. The solution is also technologically neutral, but has more chances for success, and less cost, with e-voting. Best, Ed Gerck [1] In Shannon's cryptography terms, the solution reduces the probability of existence of a covert channel to a value as close to zero as we want. The covert channel is composed of several MITM channels between the voter registration, the voter, the ballot box, and the tally accumulator. This is done by adding different channels of information, as intentional redundancy. See http://www.vote.caltech.edu/wote01/pdfs/gerck-witness.pdf I can provide more details on the fraud model, for those who are interested. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
