Secure remote electronic voting system and cryptographic protocols and computer programs employed

US 7,260,552 B2
Filed: 06/14/2004
Issued: 08/21/2007
Est. Priority Date: 12/12/2001
Status: Expired due to Term

First Claim

Patent Images

1. A secure electronic voting method which uses at least a computer device acting as a vote casting platform, a computer server acting as a polling station designed to receive and accumulate ballots in a digital ballot box during a preset voting period of time, a computer device acting as a tally site for the ballots and a computer device acting as a publication site of the results, said polling station, site and publication site being scattered, or, grouped together in a same computer device, each of said polling station, tally site and publication site being provided with computing means and interconnected to each other, when scattered, through at least a communication network comprising cryptographic processes and protocols in order to guarantee a series of specific safety requirements of an electoral process throughout the execution of the method and the electoral process, said method comprising the following steps:

a) providing an electoral board operating said tally site with at least a pair of asymmetric keys and allowing access to a private key or a private component of one of said pair of keys, only to a number of members of the electoral board determined by a given threshold or all of the members of said electoral board according to a cryptographic protocol of secret sharing;

b) starting a process of acceptance of the votes at the polling station;

c) each voter casting a vote electronically through a set of programs acting as a voter agent and using at least one vote casting platform, the vote casting step comprising sub-steps of;

the voter making a voter choice,the voter generating a unique ballot identifier that is a pseudo random number to identify each vote cast without probable repetitions thereby identifying each of the vote by means of selecting a value for the unique ballot identifier within a predetermined range,the voter obtaining a voting receipt which provides validity at least to said unique ballot identifier for said electoral process and which verifies the results of the voting without disclosing content of the voter choice,the voter constructing a digital envelope protecting voter'"'"'s privacy by using a public component of said at least one pair of asymmetric keys of the electoral board, said digital envelope containing at least the voter choice,after or before said sub-steps, carrying out a voter authentication proof, and generating a proof of delivery of said digital envelope in the polling station which is transmitted to the voter agent as a voting voucher of having cast the vote for each voter, fully separate from non-coded voter choice;

d) ending said process of ballots acceptance at said polling station;

e) the members of the electoral board collaborating so that they have access to said at least one pair of asymmetric keys including the private key or said private component and using said private component to have access to the content of the digital envelope; and

f) counting and tabulating the voter choice of each voter and publishing the results at the publication site and allowing said voter to verify said results by using said voting receipt without disclosing the voter choice through accessing the results published on the publication site, which contain the voter'"'"'s unique ballot identifier, carrying out a search of the unique ballot identifier and allowing the voter to file a claim supported on said voting receipt and said voting voucher in the event of lack of the unique ballot identifier in the results published, without disclosing the voter choice.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The method employs interrelated cryptographic processes and protocols to provide reliability to vote casting, ballots recount, and verification of vote or poll results. These cryptographic processes and protocols jointly constitute a cryptographic voting scheme capable of meeting the specific reliability requirements of an electronic voting where voters remotely cast their votes. These reliability requirements include voter authentication and privacy; accurate results, the impossibility of coercion and sale of votes, verifying the final results and, if necessary, the secrecy of intermediate results before completing the vote or poll. The cryptographic voting method minimizes the confidence level to be placed on any of the electronic voting individual party and participants.

179 Citations

40 Claims

1. A secure electronic voting method which uses at least a computer device acting as a vote casting platform, a computer server acting as a polling station designed to receive and accumulate ballots in a digital ballot box during a preset voting period of time, a computer device acting as a tally site for the ballots and a computer device acting as a publication site of the results, said polling station, site and publication site being scattered, or, grouped together in a same computer device, each of said polling station, tally site and publication site being provided with computing means and interconnected to each other, when scattered, through at least a communication network comprising cryptographic processes and protocols in order to guarantee a series of specific safety requirements of an electoral process throughout the execution of the method and the electoral process, said method comprising the following steps:
- a) providing an electoral board operating said tally site with at least a pair of asymmetric keys and allowing access to a private key or a private component of one of said pair of keys, only to a number of members of the electoral board determined by a given threshold or all of the members of said electoral board according to a cryptographic protocol of secret sharing;
  
  b) starting a process of acceptance of the votes at the polling station;
  
  c) each voter casting a vote electronically through a set of programs acting as a voter agent and using at least one vote casting platform, the vote casting step comprising sub-steps of;
  
  the voter making a voter choice,the voter generating a unique ballot identifier that is a pseudo random number to identify each vote cast without probable repetitions thereby identifying each of the vote by means of selecting a value for the unique ballot identifier within a predetermined range,the voter obtaining a voting receipt which provides validity at least to said unique ballot identifier for said electoral process and which verifies the results of the voting without disclosing content of the voter choice,the voter constructing a digital envelope protecting voter'"'"'s privacy by using a public component of said at least one pair of asymmetric keys of the electoral board, said digital envelope containing at least the voter choice,after or before said sub-steps, carrying out a voter authentication proof, and generating a proof of delivery of said digital envelope in the polling station which is transmitted to the voter agent as a voting voucher of having cast the vote for each voter, fully separate from non-coded voter choice;
  
  d) ending said process of ballots acceptance at said polling station;
  
  e) the members of the electoral board collaborating so that they have access to said at least one pair of asymmetric keys including the private key or said private component and using said private component to have access to the content of the digital envelope; and
  
  f) counting and tabulating the voter choice of each voter and publishing the results at the publication site and allowing said voter to verify said results by using said voting receipt without disclosing the voter choice through accessing the results published on the publication site, which contain the voter'"'"'s unique ballot identifier, carrying out a search of the unique ballot identifier and allowing the voter to file a claim supported on said voting receipt and said voting voucher in the event of lack of the unique ballot identifier in the results published, without disclosing the voter choice.
- View Dependent Claims (3, 4, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40)
- - 3. The method according to claim 1, wherein said voting voucher is validated by means of a digital signature by said voter during a preceding step with the private key or the private component of the at least one pair of asymmetric keys at said polling station.
  - 4. The method according to claim 1, comprising an additional sub-step in step c consisting in the voter agent sending the vote casting voucher or part of it to the electoral board.
  - 6. The method according to claim 1, characterized in that from said ending of the period of ballots acceptance, a mixing of the digital envelopes received is completed at said tally site, randomly permuting order of all or part of said digital envelopes.
  - 7. The method according to claim 6, characterized in that it provides said polling station with at least a pair of asymmetric keys.
  - 8. The method according to claim 7, characterized in that at the step c said digital envelope additionally contains at least one of following data:
    - said voting receipt, said unique ballot identifier, an identifier of the electoral process in progress, an order for opening the voting period of time.
  - 9. The method according to claim 8, characterized in that it comprises an additional step for generating, from a preset voter roll, a pair of asymmetric keys for each voter, certifying that the public key or public component of the pair of keys generated and keeping in a secure way the private key or component.
  - 10. The method according to claim 9, characterized in that said voter private component stands in a computing device of the voter, in a trustworthy secure device having a microprocessor incorporated or stands at the polling station with which the voter is interacting, protected by means of a symmetric encryption using a key, secure password, said key or password being secretly disclosed to the voter or being directly selected by the voter, and in that at the beginning of the process of vote casting, said protected private component is sent to the voter by means of said communication network and is locally unprotected when providing said secure password to the voter.
  - 11. The method according to claim 9, characterized in that said voter authentication proof with respect to the polling station of the step c consists in a strong authentication cryptographic protocol based on public key cryptography.
  - 12. The method according to claim 9, characterized in that said voter authentication proof of step c consists in the digital signature by the voter agent on at least said digital envelope with the voter private key, before delivering it to the polling station.
  - 13. The method according to claim 9, characterized in that said voter authentication proof of the step c consists in the construction of a second digital envelope using the public component of said at least one pair of asymmetric keys of the electoral board, and where said second digital envelope contains at least said first digital envelope and the digital signature from the voter agent with the voter private key, of at least a value, as the elections identifier, the voter identifier or a pseudo random value, so that, to verify the authenticity of said two digital envelopes at the step f, said second digital envelope must be open.
  - 14. The method according to claim 8, characterized in that said voter authentication proof of the step c consists in the construction of a second digital envelope by using the public component from one of said at least one pair of asymmetric keys of the electoral board, and where said second digital envelope contains at least said first digital envelope and a password, or secret personal identification number, so that, for verifying the authenticity of said two digital envelopes at the step f, said second envelope has to be open.
  - 15. The method according to claim 9, characterized in that said voter authentication proof at the step c consists in the digital signature from the voter agent of at least one value, including the voter identifier, the electoral process in progress identifier or a pseudo random value, with the private key of a pair of asymmetric keys where the public component of said pair of keys is derived from said digital envelope.
  - 16. The method according to claim 8, characterized in that said ballot identifier of the step c is a pseudo random number to allow to univocally identify the voter choice of each voter without probable repetitions, said value being determined by the voter or the voter'"'"'s voter agent who uses a system including a pseudo random sequence generator or a source of natural noise.
  - 17. The method according to claim 8, characterized in that said ballot identifier of the step c is a pseudo random number to allow to univocally identify the voter choice of each voter without probable repetitions, said value being determined by a cryptographic protocol between the voter agent and the polling station so that this latter does not obtain any knowledge of the value generated.
  - 18. The method according to claim 8, characterized in that said voting voucher of the step c is derived from said ballot identifier and/or an electoral process in progress identifier, and said voting receipt is validated by the polling station by means of a method of the digital signature with a private component of said at least one pair of asymmetric keys of said polling station.
  - 19. The method according to claim 8, characterized in that said voting receipt of the step c is derived from at least one of the following data:
    - said ballot identifier, an electoral process in progress identifier, and the voter choice and said receipt is validated by the polling station without this later has access to the information contained in the receipts nor it is able later to correlate said receipts with their corresponding voters.
  - 20. The method according to claim 19, characterized in that said voting receipt is validated by means of the digital signature or by means of a blind digital signature protocol, with a private component of said at least one pair of asymmetric keys of said polling station.
  - 21. The method according to claim 19 characterized in that said voting receipt is validated by means of a digital signature with a private component of said at least one pair of asymmetric keys of said polling station, when said voting receipt has been encrypted by means of a probabilistic cryptosystem or a symmetric cryptosystem, using a session key generated by the voter agent.
  - 22. The method according to claim 17, characterized in that said digital envelope further contains necessary information for verification that said ballot identifier is obtained correctly.
  - 23. The method according to claim 18, characterized in that said digital envelope further contains information necessary for verifying the validity of the voting receipt.
  - 24. The method according to claim 8, characterized in that said starting of the step b is executed from an order opening the voting period and said ending of the step d is executed from an order closing the voting period, said opening and closing orders being generated by the electoral board.
  - 25. The method according to claim 24, characterized in that said order for opening the voting period comprises at least one of the following data:
    - an electoral process in progress identifier, a polling station identifier, an indication about an “
      
      open”
      
      state of the polling station, a value indicating a probability of issuing a voucher of vote casting at the electoral board by the voter agent, date and time of opening the voting period and the digital signature of the electoral board, with the private key or the private component of one of the pairs of asymmetric keys of said electoral board on said data of the opening order.
  - 26. The method according to claim 24, characterized in that said closing order of the voting period comprises at least one of the following data:
    - an electoral process in progress, an identifier of the polling station, an indication about a “
      
      closed”
      
      state of the polling station, the closing date and time of the voting period and the digital signature of the electoral board, with the private key or the private component of one of the pairs of asymmetric keys of said electoral board, on said data of the closing order.
  - 27. The method according to claim 8, characterized in that said cryptographic protocol for sharing the secret on said step a comprises the sub-step of splitting the private key or the private component of said at least one pair of asymmetric keys of the electoral board into several fragments or portions which are distributed between several control agents or members of the electoral board and stored in corresponding individual devices having a protected memory, and in that said step e comprises the sub-step of gathering said fragments or portions at said tally site and reconstructing said private key or said private component of said at least one pair of asymmetric keys of the electoral board.
  - 28. The method according to claim 8, characterized in that said cryptographic protocol of sharing the secret of the said step a comprises the sub-step of splitting the private key or the private component of said at least one pair of asymmetric keys of the electoral board into several fragments or portions which are stored, separately, at said tally site protected by means of a system with a symmetric encryption using secure keys or passwords which are distributed between the different control agents or members of the electoral board which store them in a protected and/or secure way and in that said step c comprises the sub-steps of gathering at said tally site said keys or passwords unprotecting with them the portions of said private component and proceeding to reconstruct said private key or said private component of said at least one pair of asymmetric keys of the electoral board.
  - 29. The method according to claim 8, characterized in that at least one part of the vote casting platforms is tamper-proof or protected against a non allowed access, allowing to store sensible data obtained during the cryptographic protocols of the vote casting process, restricting the access to said data for the voter until a given condition is met.
  - 30. The method according to claim 8, characterized in that, when the voting period is finished, the electoral board sends to the polling station a closing order from which moment no new connections are accepted from the voter agent for which the polling station carries out following operations:
    - g) obtaining a cryptographic summary of the sets of digital envelopes issued or digital ballot box;
      
      h) obtaining a cryptographic summary of the voter identifiers which having started the vote casting process still did not complete it;
      
      i) sending to the electoral board the two preceding cryptographic summaries or a single summary of said set of digital envelopes with said voter identifiers who did not still complete the vote casting process; and
      
      j) after a predetermined time elapses which allows the voters which were still voting to end the vote casting process, sending the complete digital ballot box to the electoral board;
      
      said one or more summaries of the operations g), h) and i) optionally depending on the size of the respective structure of data to be summarized.
  - 31. The method according to claim 30, characterized in that the polling station digitally signs at least one of the following data:
    - set of digital envelopes cast or digital ballot box, identifier of voters who having started the process of casting their vote still did not complete it, using for this a private component of said at least one pair of asymmetric keys of the polling station.
  - 32. The method according to claim 8, characterized in that when tabulating the voter choices of all the voters is complete, the private key or the private component of said at least one pair of asymmetric keys of the electoral board of the step e is destroyed or it is stored with a fully restricted access facilitating further audits, and the digital ballot box formed by all of the currently presented digital envelopes is also stored so that it can be audited later.
  - 33. The method according to claim 17, characterized in that said validated voting receipt or any other information generated during the vote casting process, including said ballot identifier, which allows the voter to reliably verify which was the voter'"'"'s voter choice is kept concealed by using a secure tamper-proof device.
  - 34. The method according to claim 17, characterized in that said validated voting receipt or any other information generated during the vote casting process, including said ballot identifier which allows the voter to reliably verify which was the voter'"'"'s voter choice is kept concealed with a restricted access and is only accessible after the electoral process results have been published to verify the results or only it is accessible in the event of lack of the ballet identifier in the results.
  - 35. The method according to claim 8, characterized in that said verification process carried out by the voter comprises following operations:
    - k) grouping the ballot identifiers in subassemblies having approximately the same number of identifiers, the simplest case being a unique subassembly containing all of the ballot identifiers;
      
      l) the voter agent determining from the subassembly of ballot identifiers what the ballot identifier corresponding to the voter contains, from said ballot identifier or from a complementary information provided by the publication site;
      
      m) downloading from that publication site said ballot identifiers subassembly and local verification by the voter agent or the voter, of the correct presence of the ballot identifier corresponding to the voter.
  - 36. The method according to claim 8, characterized in that said verification process carried out by the voter comprises following operations:
    - n) grouping the ballot identifiers jointly with their corresponding voter choices in subassemblies having approximately the same number of identifiers and so that each of said subassemblies contains approximately the same proportion between the voted options as in the global results, the simplest case being a unique subassembly containing the whole of the ballot identifiers;
      
      O) the voter agent determining the ballot identifier subassembly which contains the ballot identifier corresponding to the voter, from said ballot identifier or from a complementary information facilitated by the publication site;
      
      p) downloading from the publication site said ballot identifier subassembly jointly with the corresponding voter choice and local verification by the voter agent or the voter, of the correct presence of the ballot identifier corresponding to the voter and the previously selected voter choice.
  - 37. The method according to claim 35, characterized in that the electoral board carries out a digital signature of each of the said subassemblies.
  - 38. The method according to claim 36, characterized in that the number of said subassemblies of ballot identifiers and voter choice is obtained by separately treating some of said voter choices without taking them into account to carry out said grouping in subassemblies and, after said grouping, including said untreated voter choices with voters'"'"' corresponding ballot identifiers in every and each said subassemblies.
  - 39. The method according to claim 8, characterized in that possibility of verification is carried out by a minimum voters group randomly selected among the voters.
  - 40. The method according to claim 8, characterized in that all sensible cryptographic operations to be carried out by the voter agent during the vote casting process and the verification process are carried out within a secure tamper-proof device, including a card with a microprocessor incorporated or an identification module from a mobile telephony terminal having cryptographic capacities.

2. A computer program which can be directly loaded in the internal memory of a digital computer and comprises parts of computer program codes that are readable by a computer system to carry out a vote casting process operation in which each voter casts a vote electronically through a set of programs acting as a voter agent and using at least one computer device acting as a vote casting platform, comprising sub-steps of:
- the voter making a voter choice, the voter generating a unique ballot identifier, the voter obtaining a voting receipt which provides validity at least to said unique ballot identifier for said electoral process and which verifies the results of the voting process without disclosing content of the voter choice, the voter constructing a digital envelope protecting voter'"'"'s privacy by using a public component of at least one pair of asymmetric keys of an electoral board, said digital envelope containing at least the voter choice, after or before said sub-steps, carrying out a voter authentication proof, generating a proof of delivery of said digital envelope in a computer server acting as a polling station which is transmitted to the voter agent as a voting voucher of having cast the vote for each voter, fully separate from non-coded voter choice;
  
  wherein said program also comprises parts of computer program codes that are readable by a computer system to carry out a vote verification process operation that allows said voter to verify the voter'"'"'s vote by accessing the results published on a computer device acting as a publication site, which contain the voter'"'"'s unique ballot identifier, carrying out a search of the unique ballot identifier and allowing the voter to file a claim supported on said voting receipt and said voting voucher in the event of lack of the unique ballot identifier in the results published, without disclosing the voter choice.
- View Dependent Claims (5)
- - 5. The computer program according to claim 2 comprising further vote casting process operations implemented by said voter agent and said polling station, in which said ballot identifier of the step c is a pseudo random number to identify the voter choice of each voter without probable repetitions, said value being determined by a cryptographic protocol between the voter agent and the polling station so that the polling station does not obtain any knowledge of the value generated.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Scytl Election Technologies SL
Original Assignee
Scytl Online World Security, SA
Inventors
Riera Jorba, Andreu, Castella Roca, Jordi
Primary Examiner(s)
Abdi; Kambiz

Application Number

US10/866,092
Publication Number

US 20050021479A1
Time in Patent Office

1,163 Days
Field of Search

705/1, 705/12, 705/50, 705/51, 705/64, 235/386, 713/150, 713/155, 713/171, 713/182, 380/44, 380/59, 380/277
US Class Current

705/12
CPC Class Codes

G06Q 20/3674   involving authentication

G06Q 20/382   insuring higher security of...

G07C 13/00   Voting apparatus

H04L 2209/463   Electronic voting

H04L 9/3226   using a predetermined code,...

H04L 9/3247   involving digital signatures

Secure remote electronic voting system and cryptographic protocols and computer programs employed

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

179 Citations

40 Claims

Specification

Use Cases

Quick Links

Others

Secure remote electronic voting system and cryptographic protocols and computer programs employed

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

179 Citations

40 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others