On Wed, Nov 12, 2003 at 04:38:07PM -0800, Ernest Prabhakar wrote: > >What was the goal of that receipts??? > >1) To remember who you voted for? > >or > >2) To verify your vote was counted? > > > >1) is silly. > >If 2) is possible for you, it is possible for the mafia too. ;-) > > I don't get #2 at all. I've actually been confused by this. If by > receipt we mean a full plaintext list of all the votes you made, then I > can see how it would be a security risk. However, it would think it > would be fairly trivial to create an ecrypted receipt that could > -verify- a vote without actually revealing the vote (at least without > massive conspiracy). > > For example, each vote could be used to create a 'private key - public > key' pair, as in public key infrastructures (PKI). The private key > would be used to hash a cumulative vote tally, and the public key would > be given to the voter (along with: you are the 1523rd voter). It > should be mathematically possible to audit the vote tallies, and for > the voter to confirm that his private key was used at a given step, > without revealing any information about the private key. The first > voter would hash a random seed, so that even his/her vote would not be > decipherable.
So you get to confirm that you voted, but not that your vote went to the person you wanted to vote for? I don't think that's what people are looking for in verifiability. Then again, it's probably the best kind of verifiablity you can get without enabling coercion. But that's a really complicated system for such a small gain. -- Rob Speer ---- Election-methods mailing list - see http://electorama.com/em for list info
