[E-voting] E-voting experts call for revised security guidelines

Michael McMahon michael at hexmedia.com
Thu Oct 6 18:51:12 IST 2005

Marian Beddill wrote:

> Mr. McMahon;
> With all due respect, you are absolutely WRONG on "the main issue".
Well. I disagree with you.

> The main issue for internet voting is NOT "the loss of secrecy" - it 
> IS the loss of ability to verify (to "audit", to "double-check") the 
> report of the tally of votes - and the associated loss of ability to 
> rectify the count, should a problem be identified or even claimed.
> If the tally cannot be independently verified, then fraudulent insider 
> intervention can cause the report of the winner to be whatever the 
> fraudster wishes it to be.
> And the purported schemes to let individual voters login to some 
> dataset to see something about their votes to "prove the validity of 
> the tally" is as solid as the breath from a hot fox watching the hens.
I don't have the details of the system in question, but consider the 
following one.
Each student goes to a central office with their photo ID, and picks up 
a sealed
envelope containing a PIN. This PIN is used to identify their vote in 
the tally.

A secure https web  link is used to communicate the vote and the PIN to the
voting system.  When polling closes, the election authority publishes a 
file containing
the complete list of votes including each voters PIN. The file is simply 
on a web site somewhere.

There are two things each voter can do after downloading the vote file.

1) check that their vote as cast is included in the file

2) check the results tally with the data in the file. This will
    be done by software, which has to be trusted, but you
    don't have to trust any particular implementation. You
    can check with several different implementations if you wish.
    What is the probability that multiple counting systems from different
    sources will all produce the same erroneous result?

Aside from the software used to verify the vote, what else do you
have to trust ? Well nothing really. We have already conceded
that this is not a secret ballot. The sealed PINs may help to conceal
the votes from the election authorities though.

So, where is the problem with this?


More information about the E-voting mailing list