On Fri, 15 May 2009 02:22:07 +0100, Alex Macfie 
wrote:

> I'm skeptical that any workable system for computerized voting is
> possible. The problem is one of simple logic: a system that is both
> secret and verifiable (by people without specific technical (i.e. IT)
> knowledge) does not seem to be logically possible to achieve.

That's not strictly true. People generally accept that web sites where  
they enter bank details, for example, are secure. A voting system using  
similar security methods could generate a printed voter record, a printed  
record for verification and an electronic record to be tallied. The  
electronic record would be secure in a similar way to a password, with the  
addition of a publicly visible vote to go into the tally. The printed  
records would be subject to physical security in the same way as ballots  
now are, and the verification copy could have an indirect identifier in  
the same way as the ballot now does. The pre-print processing could be  
completely invisible inside specialized hardware, as could the tallying  
process. (That's just one example architecture, though it's probably the  
one I've seen suggested most often. The key point is that you can have  
physical and virtual black boxes that hide anything you want hidden.)

The problem, as you imply, is getting voters to trust the tallying process  
without being able to see under the hood. The methods used are simple  
enough to explain, even if implementing them isn't. (See also STV, where  
there's an anologous problem of trust.) The damage has been done by the  
Diebold rumours and other problems in the US with systems which don't even  
start to use a valid architecture.

Regards,

Helen

-- 
Using Opera's revolutionary e-mail client: http://www.opera.com/mail/