Secure receipt-free electronic voting
First Claim
1. A computer implemented method of secure receipt-free voting, the method comprising the steps of:
- (a) constructing ballots at at least one vote generating center for each vote chooser, each ballot having a value;
(b) posting the ballots on a bulletin board;
(c) proving that the ballots are correctly constructed without generally revealing the values of the ballots;
(d) sending at least one private message from the vote generating center to each of the vote choosers without the at least one private messages being intercepted, the at least one private message revealing and proving to each vote chooser the values of the ballots from which that vote chooser may choose to vote;
(e) permitting each vote chooser to create an alternative message based upon the at least one private message received by that vote chooser, the alternative message not being indicative of the correct values for the ballots revealed and proven to that vote chooser;
(f) each vote chooser choosing a ballot from the revealed and constructed ballots indicative of a chosen vote;
(g) preventing proof of the value of the chosen ballot to a malicious party by rendering computationally infeasible a determination by the malicious party of whether the vote generating center sent the at least one private message actually received by the vote chooser or the alternative message regardless of any information provided by the vote chooser to the malicious party at any time,(h) the vote chooser specifying the ballot chosen by the vote chooser to a vote counting center through a secure anonymous channel; and
(i) counting, the ballots specified by all vote choosers to the vote counting center.
3 Assignments
0 Petitions
Accused Products
Abstract
A number-theoretic based algorithm provides for secure receipt-free voting. A vote generating center generates a choice of votes for each voter or vote chooser. The votes are encrypted, shuffled, and conveyed to a vote chooser along with information regarding how the votes were shuffled without being intercepted en route. The information is preferably sent along untappable secure channels. The method can incorporate validation of generation and shuffling of the votes using chameleon commitment and interactive proofs. The invention can be realized by current-generation personal computers with untappable channels and access to an electronic bulletin board.
94 Citations
21 Claims
-
1. A computer implemented method of secure receipt-free voting, the method comprising the steps of:
-
(a) constructing ballots at at least one vote generating center for each vote chooser, each ballot having a value; (b) posting the ballots on a bulletin board; (c) proving that the ballots are correctly constructed without generally revealing the values of the ballots; (d) sending at least one private message from the vote generating center to each of the vote choosers without the at least one private messages being intercepted, the at least one private message revealing and proving to each vote chooser the values of the ballots from which that vote chooser may choose to vote; (e) permitting each vote chooser to create an alternative message based upon the at least one private message received by that vote chooser, the alternative message not being indicative of the correct values for the ballots revealed and proven to that vote chooser; (f) each vote chooser choosing a ballot from the revealed and constructed ballots indicative of a chosen vote; (g) preventing proof of the value of the chosen ballot to a malicious party by rendering computationally infeasible a determination by the malicious party of whether the vote generating center sent the at least one private message actually received by the vote chooser or the alternative message regardless of any information provided by the vote chooser to the malicious party at any time, (h) the vote chooser specifying the ballot chosen by the vote chooser to a vote counting center through a secure anonymous channel; and (i) counting, the ballots specified by all vote choosers to the vote counting center. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. An apparatus for secure receipt-free voting, the apparatus comprising:
-
a plurality of vote choosers; at least one vote generating center, the at least one vote generating center constructing ballots for each vote chooser, each ballot having a value; a bulletin board, the ballots being posted on the bulletin board, wherein the at least one vote generating center proves that the ballots are correctly constructed without generally revealing the values of the ballots and sends at least one private message to each of the vote choosers without the at least one private message being intercepted, the at least one private message revealing and proving to each vote chooser the values of the ballots from which that vote chooser may choose to vote, and wherein each vote chooser is permitted to create an alternative message based upon the at least one private message received by that vote chooser, the alternative message not being indicative of the correct values for the ballots revealed and proven to that vote chooser, wherein each vote chooser chooses a ballot from the revealed and constructed ballots indicative of a chosen vote, wherein proof of the value of the chosen ballot to a malicious party is prevented by rendering computationally infeasible a determination by the malicious party of whether the vote generating center sent the at least one private message actually received by the vote chooser or the alternative message, regardless of any information provided by the vote chooser to the malicious party at any time; and a vote counting center, wherein the vote chooser specifies the ballot chosen by the vote chooser to the vote counting center through a secure anonymous channel, and the vote counting center counts the ballots specified by all vote choosers to the vote counting center. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21)
-
Specification