Slashdot Mirror
Maryland Town Tests New Cryptographic Voting System
ceswiedler writes "In Tuesday's election voters in Takoma Park, MD used a new cryptographic voting system designed by David Chaum with researchers from several universities including MIT and the University of Maryland. Voters use a special ink to mark their ballots, which reveals three-digit codes which they can later check against a website to verify their vote was tallied. Additionally, anyone can download election data from a Subversion repository and verify the overall accuracy of the results without seeing the actual choices of any individual voter."
457
This is an interesting idea, but I wonder what additional cost and labor is involved? I know the Florida ballot count debacle wasn't all that long ago, but are we that concerned about votes not being counted?
All that really matters after reading TFA:
Chaum says he hasn’t decided on a cost yet for jurisdictions who will license it after the initial adopter but says he can easily sell it for half the cost of current optical-scan voting systems, which run about $6,000 apiece.
Very good stuff. I would just avoid using the word "subversion" when talking about it. You know, because of its double meaning
Maybe I'm missing something, but for this to be truly secure against the problem of being able to see who somebody else voted for, you would have to have a distinct set of three-digit codes for every ballot, or at least such a large number of distinct ballots that no person could practically conspire with a few other people to figure out that XWP in the third field means Hillary Clinton. Wouldn't printing each ballot individually result in a tremendous cost compared with traditional ballot printing? I'm just trying to understand how this could be feasible on a large scale....
Check out my sci-fi/humor trilogy at PatriotsBooks.
Before one of the current election systems players sues them for being all mean and competitive, after the fashion of TDS?
It does what many people would have said is impossible: It allows voters to verify that their votes were cast and counted correctly, but does not provide them with any way to prove to anyone who they voted for. An audit trail, without opening the door to coercion. This is a major improvement over traditional voting technologies.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
... obviously it is DRE (700), serial number 34491.
Let's hope that this new system prevents premature revelation of election results...
Firehed - Unfortunately, thanks to medical breakthroughs, common sense is not as common as it once was.
The image in wired.com shows a two letter code "JX" appearing in the oval. The article mentions "three digit" codes. Nice.
I like where they are going with several of these things, but why go with paper and magic markers? Why not use the same exact concept, only put it on a computer, print out a receipt with the codes and serial number, and go from there? It seems like a no brainer. Not only does it reduce overhead in terms of manpower, but it also reduces the amount of paper wasted, the cost of these "special markers", etc.
Ok, so this system proves that your vote reached the tally server, but how does it prove that your vote is actually in the total?
I'm serious. Just because your vote wasn't lost, doesn't mean it was counted. This helps guard against grievous mistakes, not against wholesale fraud.
I won't join Slashcott. OTOH, If Beta goes live, I just won't be back until it's fixed. Sorry Dice.
Transparency fail.
Analogies don't equal equalities, they are merely somewhat analogous.
Quoting TFA
"When polls close, voters can go to the election office website, type in their ballot serial number and see a rendition of a ballot, showing the three-digit codes for their votes. This way voters can be assured that their ballot was included in the final tally."
One would hope there are no web logs kept, because simply checking your ballot would reveal your identity, and someone is sure to wrangle a subpoena for that.
Sig Battery depleted. Reverting to safe mode.
This system assumes three things:
Heh, just like an academic.
Good luck with that. ;)
It appears as though we can only see the code for a candidate if we reveal it with the invisible ink; checking the others would ruin the form.
Lobby your legislators to switch your jurisdiction to approval voting. This system allows voters to sort candidates into two bins: desirable and undesirable. Once your jurisdiction uses approval voting, you can mark two candidates that you'd be happy with (e.g. a Democrat and a Green, or a Libertarian and a Conservative), and both votes will be counted.
A quick surfing of the Scantegrity Wikipedia article and the links above didn't definitively answer an interesting (to me) question: can it be applied to a ranked voting system such as IRV or Condorcet?
The offhand solution would be to use Scantegrity's technology with a matrix of bubbles for ranks vs. candidates. Anyone familiar with this work know whether this has been addressed? I skimmed through the IEEE article as well, and found no mention of any ranked voting systems.
Seemingly very easy to implement...
http://www.punchscan.org/
...on fulldisclosure in 3...2...1...
Have paper and select who you like, drop into a sealed box.
Election workers keep eyes open. At the end of the day reps of all the people involved stand around in a open room and count.
Takes time, expensive, but hard to fake.
If you cannot make it, postal or an election worker comes to you.
As for digital, open source, simple and all parties can see the unit, code.
On the day you press and its collected at a central point.
Instant and the press love it.
The problem with the above is no room for profit or stuffing.
Your part of the world has to have been so corrupt, at war or new to democracy to get it working.
In the US you are told its so open free and fair and transparent every day.
Is it? Why are AMT sellers making the closed source units? With cable pundits and talking heads screaming at you "they are used in banks, its fine", dont mind the party political rants by the owner.
Enigma, cryptoAG ect all gave perfect service on the day.
In Capitalist West a nice man owns the IP to your vote.
In Soviet Russia a nice gov owns the IP to your vote.
In both parts of the world, you have a right to vote.
As Stalin said "It's not the people who vote that count. It's the people who count the votes."
The end count is the elephant in the room, not just the cute open source, optical-scan $x,000 input device.
Domestic spying is now "Benign Information Gathering"
is 42.
so they are saying that my forum captcha and craigslist copy and paste is more secure then the vote verification thing?
Dont Judge The situation by the Misfortunate. Goga.
This is the place they like to call the "Berkeley of the East". It's so liberal it's almost a parody. I think the MD Democratic Party keeps it around as a pure strain in a petri dish so that they can pretend they are also liberal.
It also means that if Takoma Park thinks it's a good idea, everyone else in MD will think it's a joke and ignore it.
"As God is my witness, I thought turkeys could fly." A. Carlson
I have real doubts about allowing voters to check how they voted AFTER they leave the polling place. By allowing a voter a way to verify how he voted you open the door to all sorts of abuses. A voter could sell his vote and the buyer could have a way to check he indeed did vote the way the buyer wanted. Another abuse is employers threatening his employees with firing if he did not vote the way the employer wanted.
The problems might be overcome if the voter would have to visit the election clerks office and prove his identity and was also alone when he viewed the way he voted.
If candidate a loses to candidate b, you are going to have millions of A voters claiming that their vote wasn't counted properly. Not to mention that you are walking out of the booth with proof of who you voted for.
I don't see a single thing in this system that would prevent vote buying. You get a receipt with your choices on it, encoded in some form, yes? You can then go to a website, and enter codes, to see who you voted for, yes? True, only the individual voter (or someone possessing the receipt) can do this.. but that doesn't matter a damn to a vote buyer. Why? Because, as this system's designers seem to have forgotten, the voter is complicit in vote buying. The voter gets money for turning over his receipt and secret knowledge, whatever that may be, to the person who wants a verified vote for his candidate.
It's rare that you're presented with a knob whose only two positions are Make History and Flee Your Glorious Destiny.
Read the paper on it people. They've though this through a whole lot better than 99.99% of the people here could.
http://www.scantegrity.org/papers/ScantegrityII-EVT.pdf
For sure there are no stupid things like the vote checking showing who you voted for.
Hear hear!
I believe FPTP is killing our political system by making it a constantly devolving lesser-of-two-evils non-choice.
Getting a well-working computerized voting system is a first step to implementing something more sensible than First Past The Post.
It completely misses the point. The point is not that a system is "impossible" to manipulate. The point is that _every_ voter has the ability to check the vote.
Just compare it with the pen and paper based system. Everybody can understand it. You have a box which must be empty when they start voting. And people come in, get a piece of paper each, fill it out in private fold it and throw it into the box. At the same time his name gets crossed out on a list. Now everybody can check this fairly easily.
Now let's look at whatever machine-based system you've got. You've got this machine, either mechanical or electronical. You usually cannot look inside of it. You cannot tell if the levers are labelled correctly or if the firmware is really what it's supposed to be. Even if you have sourcecode that's completely unusable for the 90% of people who cannot read code. Relying on others is not an option as the others could be against you. Just imagine a party forming beeing against computers, which programmer would help them?
How about combining new tech and old tech for a new solution: instead of using pen and paper you use voting machine, which prints your vote on a paper (ballot card), and also stores the vote in some database. You then drop the ballot card for voting box (same as you do now). Electronic votes are used for result approximation and for press and news etc (you can use simpler scheme than in TFA), and the paper votes are still the official result and are counted and verified by hand. Obviously this does not cut down costs, but gives you the security of a current pen and paper system, yet delivering speedy results and other benefits electronic systems have.
Speedy results don't help us when we can't act on them and have to wait for the hand count to be completed.
Glad to know the freedom loving angels at MIT are thinking about these things.
Let's see:
Include code on card.
Reproduce who they correctly voted for on the site.
Automatically choose the winning candidate anyway.
Freedom in action folks!
With the exception of the 'magic ink', I proposed this exact mechanism on Slashdot about 18 months ago. I'd provide a link to the post, but it was a comment on someone else's thread, and apparently they get purged after a time. Ain't that ducky? I've finally proven to my own satisfaction that I'm far smarter than everyone keeps telling me, and the proof is gone. Maryland, if you're looking for someone with a huge ego to help out with that/my system, drop me a line.
- The Kessel run is for nerf herders. I can circumnavigate the entire Central Finite Curve in a lot less than 12 parse
I believe one of the benefits of and primary arguments for a secret vote is that one may vote their conscious without fear of reprisal or other repercussions. The paper ballot fulfills this perfectly.
The system described here has a double edged sword. If the voter can log on to verify their vote, then someone else can force them to log on a prove they voted "correctly".
A simple solution would be to enable a voter to only confirm their vote was tallied correctly at the registrar's office, after providing picture ID, allowing only the voter to view the confirmation, and not providing any kind of receipt.
When Fascism comes to America, it will call itself Anti-Fascism, and tell you to give up your guns.
are you serious? From the way you describe Texas it sounds like you have never been here. Maryland and New England are the top spots in the nation? All i can say is please keep encouraging people that think like you to stay out of Texas.
Why not use CVS instead of subversion? then you could have your CVS Voting System? And all the bearded admins would be happy. You want your admins to be happy.
Slashdot's rate-of-post filter: Preventing you from posting too many great ideas at once.
I sure this new system is not where electronic voting needs to be in the end but the fact that people are working on making these systems better truly puts my mind at ease.
We're kinda touchy about this. ;)
Slashdot has run stories about this system before, too, and it's awesome. But yeah, this was developed largely at the University of Maryland, Baltimore County.
I still prefer this: http://sifter.org/~simon/journal/20081009.html (if I don't say so myself...)