Method and system for securing network-based electronic voting
First Claim
1. A method for assisting a user in verifying a cast ballot Bcast stored in a server, the method comprising:
- forming a digital signature of Bcast using a server side private key DS(Bcast, s) by a first server side computer software application process tangibly embodied in a physical program storage device executable by a server side physical computer hardware machine and executing on the server side physical computer hardware machine;
associating the Bcast and DS(Bcast, s) with a vote serial number VSN by a second server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine;
forming a confirmation token, comprising DS(Bcast, s) and VSN by a third server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine;
making the confirmation token available by a fourth server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine to a first client side computer software application process tangibly embodied in a physical program storage device executable by a client side physical computer hardware machine and executing on the client side physical computer hardware machine of a user via a network;
receiving the confirmation token made available to the user by a fifth server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine from a second client side computer software application process tangibly embodied in a physical program storage device executable by the client side physical computer hardware machine and executing on the client side physical computer hardware machine via the network;
extracting VSNreceived token and DSreceived token(Bcast, s) from the received token by a sixth server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine;
for VSN equal to VSNreceived token, comparing DSreceived token(Bcast, s) and at least one of DS(Bcast, s) and DS(Bcast, S) by a seventh server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine; and
determining that Bcast is verified by an eighth server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine if the comparison shows equivalence between the data compared.
6 Assignments
0 Petitions
Accused Products
Abstract
A method and system for securely voting over a network, such as a global computer network, involves a system which delivers an electronic ballot from a server with the server'"'"'s private key and a vote serial number on the ballot to an individual terminal connected to the network. The ballot may be filled in and a subset of the filled-in ballot is created with a digital signature created from the individual'"'"'s secret key on the subset of the ballot corresponding to the ballot choices. The subset of the filled-in ballot together with the individual'"'"'s electronic signature, and a vote serial number is then delivered to the server. A data element is then created to record a subset of the ballot in a data store at the server, in which the ballot vote information is retained as a vote.
36 Citations
6 Claims
-
1. A method for assisting a user in verifying a cast ballot Bcast stored in a server, the method comprising:
-
forming a digital signature of Bcast using a server side private key DS(Bcast, s) by a first server side computer software application process tangibly embodied in a physical program storage device executable by a server side physical computer hardware machine and executing on the server side physical computer hardware machine; associating the Bcast and DS(Bcast, s) with a vote serial number VSN by a second server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine; forming a confirmation token, comprising DS(Bcast, s) and VSN by a third server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine; making the confirmation token available by a fourth server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine to a first client side computer software application process tangibly embodied in a physical program storage device executable by a client side physical computer hardware machine and executing on the client side physical computer hardware machine of a user via a network; receiving the confirmation token made available to the user by a fifth server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine from a second client side computer software application process tangibly embodied in a physical program storage device executable by the client side physical computer hardware machine and executing on the client side physical computer hardware machine via the network; extracting VSNreceived token and DSreceived token(Bcast, s) from the received token by a sixth server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine; for VSN equal to VSNreceived token, comparing DSreceived token(Bcast, s) and at least one of DS(Bcast, s) and DS(Bcast, S) by a seventh server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine; and determining that Bcast is verified by an eighth server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine if the comparison shows equivalence between the data compared. - View Dependent Claims (2)
-
-
3. A method for assisting a user in verifying a cast ballot recorded in a server, the method comprising:
-
receiving by a first server side computer software application process tangibly embodied in a physical program storage device executable by a server side physical computer hardware machine and executing on the server side physical computer hardware machine at least one set of; a cast ballot Bcast and a digital signature of Bcast formed with the private key of a voter casting the ballot DS(Bcast, v); forming by a second server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine; a digital signature of Bcast using a server side private key DS(Bcast, s), associating Bcast, DS(Bcast, v), and DS(Bcast, s) with a vote serial number VSN; forming by a third server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine a confirmation token, comprising; DS(Bcast, s), DS(Bcast, v), VSN, and DS(Aggregation, s), where DS(Aggregation, s) is the digital signature of the aggregation of the associated Bcast, DS(Bcast, v), DS(Bcast, s), and VSN; making the confirmation token available by a fourth server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine to a first client side computer software application process tangibly embodied in a physical program storage device executable by a client side physical computer hardware machine and executing on the client side physical computer hardware machine of a user via a network; receiving the confirmation token by a fifth server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine from a second client side computer software application process tangibly embodied in a physical program storage device executable by the client side physical computer hardware machine and executing on the client side physical computer hardware machine via the network; extracting VSNreceived token and at least one of DSreceived token(Bcast, s), DSreceived token(Bcast, v), and DSreceived token(AG, s) from the received token by a sixth server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine; and for VSNreceived token and the corresponding VSN, comparing by a seventh server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine at least one of; DSreceived token(Bcast, s) and DS(Bcast, S); DSreceived token(Bcast, v), and DS(Bcast, v); DSreceived token(Aggregation, s), and DS(Aggregation, s); determining that Bcast is verified by an eighth server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine if comparison shows equivalence between the data compared. - View Dependent Claims (4)
-
-
5. A method for assisting a user verifying a cast ballot recorded in a server, the method comprising:
-
receiving a cast ballot (“
Bcast”
) by a first server side computer software application process tangibly embodied in a physical program storage device executable by a server side physical computer hardware machine and executing on the server side physical computer hardware machine;forming a digital signature of Bcast using a server side private key (“
DS(Bcast, s)”
) by a second server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine;associating Bcast and DS(Bcast, s) with a vote serial number (“
VSN”
) by a third server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine; andfor VSN, comparing DS(Bcast, s) and DS(Bcast, S) by a fourth server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine; determining that Bcast is verified by a fifth server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine if the comparison shows equivalence between the data compared.
-
-
6. A method for assisting a user in determining that their cast ballot Bcast has been properly recorded in a server, the method comprising:
-
receiving by the server from a user'"'"'s computer the cast ballot Bcast combined with a user'"'"'s individual private key DS(Bcast, c); forming by the server a digital signature of Bcast using a server private key DS(Bcast, s); recording by the server DS(Bcast, s) in a server database; associating by the server DS(Bcast, c) and DS(Bcast, s) with a vote serial number VSN; forming by the server a confirmation token including DS(Bcast, c) and DS(Bcast, s), VSN and signed using server private key DS(C, s); receiving the confirmation token at the user'"'"'s computer from the server via a network; encrypting the confirmation token at the user'"'"'s computer with a user'"'"'s individual public key; receiving the encrypted confirmation token at the server from the user'"'"'s computer; decrypting the confirmation token at the server using a server public key; decomposing the confirmation token at the server into DS(Bcast, c) and DS(Bcast, s), and VSN; extracting VSN from the decomposed confirmation token; reconstructing cast ballot Bcast — reconstructed at the server from the server database using the extracted VSN against an index for the server database;determining at the server if DS(Bcast, s)reconstructed matches DS(Bcast, s) and if (Bcast, c)reconstructed matches DS(Bcast, c); and if both matches are confirmed at the server transmitting to the user'"'"'s computer a confirmation of proper recordation of cast ballot Bcast.
-
Specification