Practical mix-based election scheme
First Claim
Patent Images
1. A method for generating a vote message comprising the steps of:
- a voter encrypting a vote with a public key of an authority, using a temporary secret selected at random, forming an encrypted vote;
generating a signature on the encrypted vote using a secret key of said voter; and
sending said encrypted vote and said signature for tallying.
5 Assignments
0 Petitions
Accused Products
Abstract
In an improved election process, a voter constructs his or her vote message (potentially padded with a random string) and encrypts it. The voter then signs the encrypted vote and posts the signed, encrypted, vote on a bulletin board. After the voting booths have closed, a set of talliers decrypt the encrypted votes with the aid of the mix network, to obtain the final tally, but without revealing or being able to notice the relationship between votes cast and votes in the tally.
-
Citations
33 Claims
-
1. A method for generating a vote message comprising the steps of:
-
a voter encrypting a vote with a public key of an authority, using a temporary secret selected at random, forming an encrypted vote;
generating a signature on the encrypted vote using a secret key of said voter; and
sending said encrypted vote and said signature for tallying. - View Dependent Claims (2, 3, 4)
-
-
5. A method for generating a vote message comprising the steps of:
-
a voter encrypting a vote with a public key of an authority, using a temporary secret selected at random;
generating a signature on the encrypted vote using a secret key of said voter; and
sending the signed encrypted vote for tallying, where said step of generating a signature includes the steps of generating a first signature on the encrypted vote using a secret key of said voter;
generating a second signature that employs said temporary secret as a second secret key.
-
-
6. A method for generating a vote message comprising the steps of:
-
a voter encrypting a vote with a public key of an authority, using a temporary secret selected at random;
generating a signature on the encrypted vote using a secret key of said voter; and
sending the signed encrypted vote for tallying, where said authority performs mixing of encrypted votes. - View Dependent Claims (7)
-
-
8. A method for voting comprising the steps of:
-
a voter encrypting a vote with a public key of an authority, using a temporary secret selected at random;
generating a signature on the encrypted vote using a secret key of said voter;
sending the encrypted vote and the signature for tallying;
collecting the sent encrypted vote with encrypted votes sent by other voters;
verifying signatures associated with said collected encrypted votes;
removing encrypted votes that violate prescribed rules, to form a weeded-out set of encrypted votes;
mixing said weeded-out set of encrypted votes to form a mixed set; and
decrypting said mixed set of encrypted votes to yield a set of decrypted votes. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
generating a first signature on the encrypted vote using a secret key of said voter; and
generating a second signature that employs said temporary secret as a second secret key.
-
-
10. The method of claim 8 where said step of decrypting is performed by said authority.
-
11. The method of claim 8 where said step of decrypting is performed by said authority and said step of mixing is performed by other than said authority.
-
12. The method of claim 8 where said authority comprises a plurality of entities that are independent of each other.
-
13. The method of claim 8 where said authority is distributed among independent parties.
-
14. The method of claim 8 where said rules include the rule that signatures of encrypted votes must verify.
-
15. The method of claim 8 where said rules include the rule that not more than one vote may be admitted for each allowed public key that is associated with a voter'"'"'s private key.
-
16. The method of claim 8 where said step of removing, when faced with a violation where more than one vote calls for use of a given public key that is associated with a secret key of a voter, removes all of the encrypted votes that call for use of said public key.
-
17. The method of claim 8 where said step of removing, when faced with a violation where more than one vote calls for use of a given public key that is associated with a secret key of a voter, removes all but the first of the encrypted votes that call for use of said public key.
-
18. The method of claim 8 where said step of removing, when faced with a violation where more than one vote calls for use of a given public key that is associated with a secret key of a voter, removes all but the last of the encrypted votes that call for use of said public key.
-
19. The method of claim 8 further comprising a step of certifying said set of decrypted votes.
-
20. The method of claim 8 further comprising a step, interposed between said step of mixing and said step of decrypting, a step of generating a certification of said weeded-out set of encrypted votes, and sending said certification and said weeded-out set of encrypted votes to said authority.
-
21. The method of claim 8 further comprising a step, interposed between said step of removing and said step of mixing and decrypting, a step of generating a certification of said weeded-out set of encrypted votes, and sending said certification and said weeded-out set of encrypted votes to said authority.
-
22. A method for tallying votes comprising the steps of:
-
collecting encrypted votes;
verifying signatures associated with said collected encrypted votes;
removing encrypted votes that violate prescribed rules, to form a weeded-out set of encrypted votes;
mixing said weeded-out set of encrypted votes to form a mixed set; and
decrypting said mixed set to yield a set of decrypted votes. - View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
-
Specification