Re: Chaum's punchscan



David Wagner wrote:
Mike Amling wrote:
You and xmath could open up www.drive-the-rascals-bankrupt.com, in which you tell voters who fill in enough about either sheet what they can provide to sellyourvote.com in step 1 to vote any way they please while still having at least a 50% chance of collecting from step 3.

I don't see it. You have approximately a 0% chance of collecting if you
just ignore the instructions and vote any way you like. The chances that
your voting pattern matches the instruction precisely, in every race, are
nil. Keep in mind that a typical ballot has more than just one race with
just two candidates; a typical ballot, here in the US, may have dozens
of contests, and many races may have more than two candidates running.

Doh! You're right, of course. I wasn't thinking straight. Too much time spent with those one-race two-candidate example ballots.

You could also imagine that www.sellyourvote.com might try to somehow
arrange negative consequences for voters who defect from the contract.
(For instance, imagine if the web site threatened to infect your computer
with a virus if you don't follow instructions.

Indeed, the only interface to sellyourvote.com might well be through a downloaded rootkit-rife application.

Even if that threat is a
bluff, it might be enough to deter some cheaters. Or, you could imagine
that www.sellyourvote.com might anonymous publish the names and addresses
of everyone who tried to sell their vote but later reneged -- as selling
your vote is a felony offense, the threat of naming names might be enough
to make honest people think twice about signing up at www.sellyourvote.com
and then trying to cheat the vote-buyers.)

Maybe. sellyourvote.com could publish the registered voter's name and address, (which are public record), paypal id, the contents of the sheet she retained (and could have shown to anyone), and some (possibly faked) contents from the sent sheet (which the EA is duty bound to destroy after recording information that is redundant with the retained sheet). What could they publish in this era of identity theft that could be near enough for a conviction, arrest, indictment or second look? OTOH, if payment is always a direct deposit into the voter's checking account...

I think it's dangerous to set
up any situation where the vote-buyer can tell whether voters voted the
way they were asked or not.

"..voted..", definitely. "..marked one of two sheets..", not so much.


An ordinary mail-in voter could remail an unmarked ballot and signature samples to China, Anguilla or Tonga. Granted, it's not as convenient as using a web site.

Right. And, with the time it takes mail to go out and come back, the
attack might not work. And, if this kind of attack did become prevalent,
it would be pretty easy to recognize it at county headquarters, just by
looking at the postmarks on the envelopes.

They're mailed back from various popular overseas vacation spots. I hear Tonga is beautiful this time of year. :)

--Mike Amling
.