IMHO, a hardcopy paper trail is a pointless exercise that makes the system less, not more, secure. Anybody can forage a paper document (or many) and thereby add confusion to the situation.
There is a very straightforward, reasonably simple way of making electronic voting secure. Using public/private key cryptography you can make the system both anonymous and traceable/verifiable. You issue every voter an electronic card or CD with their public and private keys. Every voting station also has a public and private key set. You encrypt and digitally sign each electronic ballot with the voter’s private key and the station’s public key, and attached the unencrypted voter’s public key, which you use (along with the station’s private key) to decrypt and verify the ballot. Voters could keep their own keycard to verify their ballot was accepted, if you like, but the station need not keep a specific record of who got what public key, maintaining voluntary anominity.
As for the software, you could use a bootable Knoppix-type Linux CD-based distro on a hard drive-less computer configured to come up directly to the voting application, and use Gnu’s GPG for encryption. All code could be open source and keysigned to prevent any white.rabbits from influencing or sabotaging the balloting process.
This gives you 100% traceability (each vote back to each issued card), the capability to verify the votes and automatically tally results without any intermediate reading steps (or trying to figure out how much of a dent indicates a vote), and the balloting and communication process is, for all practical purposes, unquestionably secure. You can make the process (the software, the hardware, the public keys) as transparent as you like, and yet maintain assured security. Anominity can be preserved but individual voters can verify their ballots against their privately held keyset. The system would use cost-effective COTS (commerical off the shelf) components, so there’s little component development cost incurred and no proprietary vendors.
And you could do this for absentee ballots as well, over an Internet application (which I daresay virtually all foreign-based Americans have access to.) In fact, with the appropriate precautions for issuing and controlling the voter keysets, you could largely do away with having to go to a voting station and simply do it from home over a standard Internet connection.
Of course, there’s no big money in it for anyone, which means there’s no lobby group or special interest to promote it, and the details are probably far to technical for most politicians to get even a basic grasp on, leading them to fear the proposal, but there’s no reason this wouldn’t work, and there’s no added value in a paper trail (other than, perhaps, a printed receipt indicating that a ballot has been issued for Public Key #XXXXXXXXXXXX). This is exactly the sort of application that public key cryptography is idea for.
sigh How hard could it be?
:answers self: When politicians get involved, as hard as possible.
Stranger