I've attached below Rick's reply to this thread. Rick
Carback is a member of
the PunchScan team.
- Taral
---------- Forwarded message ----------
From: Rick Carback
Date: Dec 16, 2007 12:01 PM
Subject: Re: Fwd: Fwd: PunchScan voting protocol
I think there are some misconceptions/assumptions in play
here about the
privacy available in current systems. Punchscan was designed
to provide an
unconditional levels of integrity into the voting process,
not to improve
privacy over the status quo. Election officials, ultimately,
are still
responsible for protecting the privacy of voters. The
cryptography is meant
as a tool to be used by election officials that prevents
anyone from
arbitrarily changing vote totals without getting caught. I
do not think that
Punchscan is noticeably worse than current systems in terms
of privacy
protection and it is still unclear to me if there is any
real difference at
all.
As for specific responses:
"Well, that's the right question. That's the sort of
question
the punchscan team should be asking themselves, and
answering
in more detail that I have heretofore seen. What threats
does
punchscan claim to defend against? What threats does it
leave
to be mitigated by other (non-punchscan) means?"
We have talked about this stuff and published it -- we're
still talking
about it, see:
http://pu
nchscan.org/papers/ibs_carback.pdf
http:/
/punchscan.org/papers/receipts_clark.pdf
http:
//punchscan.org/papers/patterns_popoveniuc
http://punc
hscan.org/papers/pip_essex.pdf
There will be more publications in the future. Also, you
might want to check
out our VoComp submission:
http://punchscan.org/
vocomp.php
Unlike any other team at the competition, we were more
careful with our
claims and our analysis of our system. Part of that is the
reason why we
won.
"As an example: Let's look at the plant where the
ballots are
printed. Suppose somebody attaches a tiny "spy
camera" to
the frame of one of the printing presses, so as to obtain
an
image of both parts of the two-part ballot (for some subset
of the ballots)."
In a traditional system, you can put the spy cameras in the
polling place
so you can watch each voter vote. That will allow you to
*directly* target
and identify each voter in a location where election
authorities exert *less
* control over the surrounding environment. By contrast,
attacking the
printer provides you with a decryption of the ballots but
not who used them
-- you still have to go out and find each voter, and the
only reliable way
to do that is to catch them in the act of voting, because
they could have
got rid of the receipt or swapped it (Alternatively,
receipts could be given
to third parties, e.g. LWV, this is what EPIC suggests). In
that sense, this
example is unrealistic. This is especially true when you
include machines in
polling places that know how voters vote (in punchscan, they
don't), and the
myriad of ways a voter could expose their choices to a
coercer. See:
http://punchscan.org/b
log/?p=6
http://punchscan.org/b
log/?p=7
The comment about "partial exposure risk" looks
like a misunderstanding, so
I'll ignore it....
"Ah yes, but what is being assumed about the
/properties/ of
this Election Authority? Is the EA omnipresent and
omnipotent,
like the FSM, or does it have boundaries and limitations?
For example, does it ever need to rely on employees or
subcontractors?"
This information is in the original papers, but the EA is
responsible for
generating the data, supervising the printing and packaging
(which should
include tamper-evident protections), and coordinating the
shipment of
ballots to polling places. Essentially, all the things a
central authority
would be responsible for in a current optical scan system.
It would also be
responsible for generating keys for the scanning equipment
and controlling
authentication to the bulletin board, but that is all part
of the bulletin
board component that could be generic to any E2E system.
I might post this to the blog, but I am sort of busy. I will
let you know
when/if I do.
-R
------------------------------------------------------------
---------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography"
to majordomo metzdowd.com
|