<div dir="auto">You wouldn't have to destroy the key. The hash would include the time of creation. I'm thinking of it like a git commit.</div><div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Dec 8, 2020 at 3:40 PM Phil Turmel via Ale <<a href="mailto:ale@ale.org">ale@ale.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">I like your hash idea, with one tweak: the hashing is done with a <br>
digital key that is *destroyed* after sufficient ballots are printed <br>
(registered voters plus some extra--extras destroyed on close of polls).<br>
<br>
On 12/8/20 2:57 PM, Bruno Bronosky via Ale wrote:<br>
> The paper ballot "fill in the bubble system" works fine as long as every <br>
> piece of paper has a signed hash and the voter walks away with that <br>
> hash. Using a touch screen machine for people who want/need it works <br>
> fine, as long as it prints a paper ballot that the user turns in. There <br>
> should be a very simple (online?) way for anyone with a serial number to <br>
> verify that their ballot was **counted**. If you want to "audit" your <br>
> ballot at any time, that state ought to be able to produce a container <br>
> that your ballot is known to be in and the totals for that container. It <br>
> would be possible for any GA high school graduate to walk away confident <br>
> that at least the container that holds their ballot contains exactly <br>
> what the label claims. The totals and a list of contained hashes would <br>
> be available to anyone who wants them. There would also be a list of who <br>
> has audited each container.<br>
> <br>
> This solves:<br>
> - Voters must not be able to be compelled to vote any specific way <br>
> (ballots are anonymous)<br>
> - Ballots that go missing can be identified<br>
> - Ballots that do not originate from the Authority can be identified<br>
> - Ballots that are duplicated can be identified<br>
> - Vote totals can be verified<br>
> <br>
> All ballot hashes are produced from a digital key that only the <br>
> Authority (a single human) has access to. Ballots are only printed as <br>
> needed. The accountability falls on the Authority to ensure the security <br>
> of the ballots. That individual or someone in the chain of command will <br>
> face legal consequences for impropriety.<br>
> <br>
> What am I missing?<br>
> <br>
> <br>
> .!# BrunoBronosky #!.<br>
_______________________________________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org" target="_blank">Ale@ale.org</a><br>
<a href="https://mail.ale.org/mailman/listinfo/ale" rel="noreferrer" target="_blank">https://mail.ale.org/mailman/listinfo/ale</a><br>
See JOBS, ANNOUNCE and SCHOOLS lists at<br>
<a href="http://mail.ale.org/mailman/listinfo" rel="noreferrer" target="_blank">http://mail.ale.org/mailman/listinfo</a><br>
</blockquote></div></div>-- <br><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature">.!# BrunoBronosky #!.</div>