But using hash functions may also be problematic. (And it takes a lot of faith to believe it's working right.)

https://en.wikipedia.org/wiki/Security_of_cryptographic_hash_functions

Hand Counting and/or use Lever Voting.

People make really really crappy passwords

For example in 2015 the 5 most popular passwords were:

123456
password
12345678
qwerty
12345
123456789

You could do it if we ever effectively replace passwords. But with how many people use insecure passwords, it wouldn't be secure enough. And if you make people choose a real password, they will forget it when they next go to vote.

As well as getting people to choose their own password, you randomly generate a number, give them that as well, and use both together as the password.

As I envisage it, you'd only choose your password in the voting booth. So if you forgot it, you'd be unable to verify your vote afterwards, but it wouldn't stop it being registered

Is there any public interest working group working on solving this?

For what it's worth, though, I rather doubt it - I think the symbolic power of the ballot box is such that there won't be much appetite for attempting to replace them.

I agree that a successful solution would not attempt to (fully) replace the ballot box.

Ballot boxes have already been replaced in some places. (Vote by mail, for instance). But people can still walk into the polling place and cast a vote the old fashioned way. I think any solution would have to still allow that, for exactly the reason you state. Although eventually the need may fade away.

relies on trust.

If all you have is ill-will, it's Mad Max time.

No, wait. Even in Mad Max there was a community that had a decent amount of good will for in-group members. Some see omnipotent scheming enemies everywhere, all the time, in conjunction with perceptions of their own superiority. (This was an observation about perceptions of the Jews--most anti-Semites viewed their enemies as somehow superior in most ways, whereas most racists viewed their enemies as inherently inferior. Nowadays most view their enemies as superior in all ways but moral, but still say that their enemies are inferior in every way. It's all very confusing, our enemies being smarter than their intellectual superiors.)


Note that part of the problem in Belgium is that there are two large ethnic groups with mutual distrust, in addition to all the modern views on privacy, etc. We pretend that Switzerlands are the norm, insisting on what is counterfactual. There have been perhaps a handful of such communities (and even there not all is well). Meanwhile, in some areas of the world the norm for centuries was a 30% genocide rate per century. Elsewhere, genocide and slavery, ethnic and linguistic oppression have been the norm. Even my half-brother's grandmother was really quite explicit--"Those Calabrese, you can't trust them, they're all thieves and they're stupid, not really people." She refused to go to an Italian-American seniors club because of the sheer number of Calabrese that were there, and she couldn't stand being around "those people." Such virulence from classic anti-black racists I've seldom encountered. She was Sicilian; from DU's perspective, they weren't merely both Italian, but "white." My students find the idea of ethnic violence in my old school remarkable; the Poles and Italians fought, but they can't believe that non-racial ethnicity could possibly matter, it's only skin color is really important. Their breadth of perspective can be measured in angstroms and they consider themselves mature, wise, worldly.

They also consider this kind of mutual distrust to be a good thing. They're fools. You can fix stupid--people can learn facts, acquire knowledge; we're all born stupid. A lack of intelligence you can work with a bit, but that can't be helped very much and people aren't all that responsible for a large portion of intelligence. What, about 50%, current studies show, is just inherited? You can teach some metacognitive tricks like chunking, work on increasing what people have. But foolishness? The first thing about foolishness is fools suffer from an anosognosia that makes dementia patients look brilliant.

If the point is that voting systems should be based on trust, I don't agree - I think a voting system should be set up to make it as hard to rig as possible.

With multiple layers of proof.

And since the development of agricultural societies with centralized food storage, accounting seems to have been a necessary function.

A hell of a lot of the problems the Chinese are seeing now is because of bad government and business accounting.

It looks like the kind of thing that ought to be susceptible to a mathematical proof, but I can't construct one.

You aren't going to make me pull out my textbooks, are you?

Without a way to evaluate or revaluate the first set (votes cast by voters) we cannot know certainly that the second set (tabulated and reported votes) equals the first set.

Even with mail-in voting or internet voting, one should design the system so that the voter receives a copy of their tabulated vote by mail or email so that checking is possible.

In order for sets to be equal, we must be able to say that Set A is contained in Set B AND that Set B is contained in Set A.

A set is contained within another set if all members of the first set are present in the other set.

Without the ability to examine the members of the first set, it is impossible to say that it is contained in the other set.

Therefore, defining the members of Set A as legal ballots as cast by legal voters, and defining the members of Set B as ballots as tabulated and recorded, it is proven that without a separate recording and retention mechanism for the members of Set A, it is impossible to certaintly state that Set B contains Set A, much less that Set A contains Set B.

"Thank you, don't forget the waitstaff. I'll be playing here all week, let your friends and family know."

This is proof that I am a boring person who does not get many invitations to parties.

Because we're not asking for any individual to be able to prove single-handedly that the two sets are equal. We're dealing with multiple people, each with imperfect information.

What we're asking is more like

1) For every element of A, the person who cast that vote can prove that it is in B using only the information they have.
2) Everyone can prove that for every element of B there is exactly one element of A (although they can't deduce which it is).

But I think it's still a bit more complicated than that.


Anyone given complete information can easily test whether the two sets are equal, as you set out. But the hard part of the problem is distributing information so that no one person can deduce things they shouldn't be able to, but collectively they can be confident that everything has worked.