Coercion-free voting scheme
First Claim
1. A method for conducting a coercion-resistant electronic election performed in a computing system, comprising:
- in the computing system, receiving from the voter a first voter confirmation value;
in the computing system, after receiving the first voter confirmation value, receiving from the voter an encrypted ballot associated with the identity of the user and a second voter confirmation value associated with the identity of the user, the second voter confirmation value being formed based upon input from the voter, enabling the voter to determine whether the ballot will be counted by varying the input;
in the computing system, without regard for the value of the received second voter confirmation value, adding the received ballot to a publicly-available list of cast ballots, such that members of the public are able to verify the addition of the received ballot to the list without being able to determine whether the ballot will be counted;
dissociating the identity of the voter from the encrypted ballot and second voter confirmation value;
after the dissociating, determining whether the second voter confirmation value received with the ballot matches the received first voter confirmation value; and
in the computing system, counting the ballot if and only if the second voter confirmation value received with the ballot matches the received first voter confirmation value.
3 Assignments
0 Petitions
Accused Products
Abstract
A facility for conducting a coercion-resistant electronic collection is described. The facility receives from the voter a first voter conformation value. At a later time, the facility receives from the voter an encrypted ballot and a second voter confirmation value. Without regard for the value of the received second voter confirmation value, the facility adds the received ballot to a publicly-available list of cast ballots. After the addition, members of the public are able to verify the addition of the received ballot to the list without being able to determine whether the ballot will be counted. The facility counts the ballot if and only the second voter confirmation value received with the ballot matches the received first voter confirmation value.
34 Citations
6 Claims
-
1. A method for conducting a coercion-resistant electronic election performed in a computing system, comprising:
-
in the computing system, receiving from the voter a first voter confirmation value; in the computing system, after receiving the first voter confirmation value, receiving from the voter an encrypted ballot associated with the identity of the user and a second voter confirmation value associated with the identity of the user, the second voter confirmation value being formed based upon input from the voter, enabling the voter to determine whether the ballot will be counted by varying the input; in the computing system, without regard for the value of the received second voter confirmation value, adding the received ballot to a publicly-available list of cast ballots, such that members of the public are able to verify the addition of the received ballot to the list without being able to determine whether the ballot will be counted; dissociating the identity of the voter from the encrypted ballot and second voter confirmation value; after the dissociating, determining whether the second voter confirmation value received with the ballot matches the received first voter confirmation value; and in the computing system, counting the ballot if and only if the second voter confirmation value received with the ballot matches the received first voter confirmation value. - View Dependent Claims (2, 3)
-
-
4. A computer-readable medium whose contents cause a computing system to conduct a coercion-resistant electronic election by:
-
receiving from the voter a first voter confirmation value; after receiving the first voter confirmation value, receiving from the voter an encrypted ballot associated with the identity of the user and a second voter confirmation value associated with the identity of the user, the second voter confirmation value being formed based upon input from the voter, enabling the voter to determine whether the ballot will be counted by varying the input; adding the received ballot to a publicly-available list of cast ballots, such that members of the public are able to verify the addition of the received ballot to the list without being able to determine whether the ballot will be counted; dissociating the identity of the voter from the encrypted ballot and second voter confirmation value; after the dissociating, determining whether the second voter confirmation value received with the ballot matches the received first voter confirmation value; and counting the ballot if and only if the second voter confirmation value received with the ballot matches the received first voter confirmation value. - View Dependent Claims (5, 6)
-
Specification