Election officials and those with whom they give the task of certifying machines want and need to understand how a machine claims to do what it does. I think the only one that meets this kind of a standard now, that I’ve seen, is the PunchScan scheme… although I don’t claim to have investigated them all.

I’ve seen very smart people struggle with Neff’s scheme, for example. We need to do better.

I think you’re mistaken and, unfortunately, you’re helping to spread FUD about crypto voting (though you’re certainly not the only one): election officials hear that crypto voting isn’t ready, and so they don’t investigate any further.

In a “normal” voting system, election officials aren’t expected to understand how a computer really works, or even how an optical scanner really works. And yet we use these machines. The point is that *some expert* understands it, and any another expert can verify it. There’s no need to hold crypto voting to a higher standard on this issue.

What matters is how a voter votes. In many schemes, in particular Neff’s, that process is extremely simple and can easily be explained.

It’s time to stop spreading this fear of crypto voting complexity. Sure, let’s talk about how to explain it better. But let’s not build up impossible criteria that, somehow, other voting systems are not held up to.

That is, all the cryptographic solutions for in-precinct voting are too complex and too procedure-specific (ordering attacks, etc.) to be used “in prime time”. For sure, I’m amazed at the lengths that Chaum and Benaloh have gone to make cryptographic voting more simple. But, man… try sitting down with an election official and explaining, for example, Chaum’s PunchScan technique. It’ very very difficult to do on their level.

I think they could have said something along the lines of “Cryptographic voting solutions are showing promise, but are not yet ready for deployment.”