Dan Wallach writes about how hard it is to explain the cryptography of verifiable elections:
My big question is whether we have a research challenge to invent progressively simpler systems that still have the right security properties, or whether we have an education challenge to explain that a certain amount of complexity is worthwhile for the good properties that can be achieved. (Uglier question: is it a desirable goal to weaken the security properties in return for greater simplicity? What security properties would you sacrifice?)
Great question. I think we, as researchers, have a duty to teach teach teach this stuff far and wide, otherwise the gap between theory and practice will continue to grow. But it is without question that some compromise of verifiability and simplicity will have to be found. The specifics of that compromise are far from clear today, and I don’t know that we should be aiming for a compromise from the start. Rather, we should continue to think about and design new systems, teach them, try them, push the election officials to make it possible to truly field-test new approaches, and only through this type of collaboration and continued research+education will we discover the right compromise. I suspect we’ll be surprised by where exactly the compromise is made.