Method and system for securing network-based electronic voting

US 8,554,607 B2
Filed: 03/13/2001
Issued: 10/08/2013
Est. Priority Date: 03/13/2001
Status: Active Grant

First Claim

Patent Images

1. A method for assisting a user in verifying a cast ballot B_caststored in a server, the method comprising:

forming a digital signature of B_castusing a server side private key DS(B_cast, s) by a first server side computer software application process tangibly embodied in a physical program storage device executable by a server side physical computer hardware machine and executing on the server side physical computer hardware machine;

associating the B_castand DS(B_cast, s) with a vote serial number VSN by a second server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine;

forming a confirmation token, comprising DS(B_cast, s) and VSN by a third server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine;

making the confirmation token available by a fourth server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine to a first client side computer software application process tangibly embodied in a physical program storage device executable by a client side physical computer hardware machine and executing on the client side physical computer hardware machine of a user via a network;

receiving the confirmation token made available to the user by a fifth server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine from a second client side computer software application process tangibly embodied in a physical program storage device executable by the client side physical computer hardware machine and executing on the client side physical computer hardware machine via the network;

extracting VSN_{received token}and DS_{received token}(B_cast, s) from the received token by a sixth server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine;

for VSN equal to VSN_{received token}, comparing DS_{received token}(B_cast, s) and at least one of DS(B_cast, s) and DS(B_cast, S) by a seventh server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine; and

determining that B_castis verified by an eighth server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine if the comparison shows equivalence between the data compared.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for securely voting over a network, such as a global computer network, involves a system which delivers an electronic ballot from a server with the server'"'"'s private key and a vote serial number on the ballot to an individual terminal connected to the network. The ballot may be filled in and a subset of the filled-in ballot is created with a digital signature created from the individual'"'"'s secret key on the subset of the ballot corresponding to the ballot choices. The subset of the filled-in ballot together with the individual'"'"'s electronic signature, and a vote serial number is then delivered to the server. A data element is then created to record a subset of the ballot in a data store at the server, in which the ballot vote information is retained as a vote.

36 Citations

View as Search Results

6 Claims

1. A method for assisting a user in verifying a cast ballot B_caststored in a server, the method comprising:
- forming a digital signature of B_castusing a server side private key DS(B_cast, s) by a first server side computer software application process tangibly embodied in a physical program storage device executable by a server side physical computer hardware machine and executing on the server side physical computer hardware machine;
  
  associating the B_castand DS(B_cast, s) with a vote serial number VSN by a second server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine;
  
  forming a confirmation token, comprising DS(B_cast, s) and VSN by a third server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine;
  
  making the confirmation token available by a fourth server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine to a first client side computer software application process tangibly embodied in a physical program storage device executable by a client side physical computer hardware machine and executing on the client side physical computer hardware machine of a user via a network;
  
  receiving the confirmation token made available to the user by a fifth server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine from a second client side computer software application process tangibly embodied in a physical program storage device executable by the client side physical computer hardware machine and executing on the client side physical computer hardware machine via the network;
  
  extracting VSN_{received token}and DS_{received token}(B_cast, s) from the received token by a sixth server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine;
  
  for VSN equal to VSN_{received token}, comparing DS_{received token}(B_cast, s) and at least one of DS(B_cast, s) and DS(B_cast, S) by a seventh server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine; and
  
  determining that B_castis verified by an eighth server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine if the comparison shows equivalence between the data compared.
- View Dependent Claims (2)
- - 2. The method of claim 1 wherein:
    - the confirmation token further comprises a digital signature of an aggregation comprising the associated B_castand VSN using the server side private key DS(Aggregation, s);
      
      extracting DS_{received token}(Aggregation, s) from the received token; and
      
      B_castis verified only upon the additional condition that DS_{received token}(Aggregation, s) is equivalent to DS(Aggregation, s).

3. A method for assisting a user in verifying a cast ballot recorded in a server, the method comprising:
- receiving by a first server side computer software application process tangibly embodied in a physical program storage device executable by a server side physical computer hardware machine and executing on the server side physical computer hardware machine at least one set of;
  
  a cast ballot B_castanda digital signature of B_castformed with the private key of a voter casting the ballot DS(B_cast, v);
  
  forming by a second server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine;
  
  a digital signature of B_castusing a server side private key DS(B_cast, s),associating B_cast, DS(B_cast, v), and DS(B_cast, s) with a vote serial number VSN;
  
  forming by a third server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine a confirmation token, comprising;
  
  DS(B_cast, s), DS(B_cast, v), VSN, and DS(Aggregation, s),where DS(Aggregation, s) is the digital signature of the aggregation of the associated B_cast, DS(B_cast, v), DS(B_cast, s), and VSN;
  
  making the confirmation token available by a fourth server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine to a first client side computer software application process tangibly embodied in a physical program storage device executable by a client side physical computer hardware machine and executing on the client side physical computer hardware machine of a user via a network;
  
  receiving the confirmation token by a fifth server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine from a second client side computer software application process tangibly embodied in a physical program storage device executable by the client side physical computer hardware machine and executing on the client side physical computer hardware machine via the network;
  
  extracting VSN_{received token}and at least one of DS_{received token}(B_cast, s), DS_{received token}(B_cast, v), and DS_{received token}(AG, s) from the received token by a sixth server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine; and
  
  for VSN_{received token}and the corresponding VSN, comparing by a seventh server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine at least one of;
  
  DS_{received token}(B_cast, s) and DS(B_cast, S);
  
  DS_{received token}(B_cast, v), and DS(B_cast, v);
  
  DS_{received token}(Aggregation, s), and DS(Aggregation, s);
  
  determining that B_castis verified by an eighth server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine if comparison shows equivalence between the data compared.
- View Dependent Claims (4)
- - 4. The method of claim 3 further comprising:
    - if comparison shows equivalence between DS_{received token}(Aggregation, s), and DS(Aggregation, s), determining that the received confirmation token has not been modified since its formation.

5. A method for assisting a user verifying a cast ballot recorded in a server, the method comprising:
- receiving a cast ballot (“
  
  Bcast”
  
  ) by a first server side computer software application process tangibly embodied in a physical program storage device executable by a server side physical computer hardware machine and executing on the server side physical computer hardware machine;
  
  forming a digital signature of Bcast using a server side private key (“
  
  DS(Bcast, s)”
  
  ) by a second server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine;
  
  associating Bcast and DS(Bcast, s) with a vote serial number (“
  
  VSN”
  
  ) by a third server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine; and
  
  for VSN, comparing DS(Bcast, s) and DS(Bcast, S) by a fourth server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine;
  
  determining that Bcast is verified by a fifth server side computer software application process tangibly embodied in a physical program storage device executable by the server side physical computer hardware machine and executing on the server side physical computer hardware machine if the comparison shows equivalence between the data compared.

6. A method for assisting a user in determining that their cast ballot B_casthas been properly recorded in a server, the method comprising:
- receiving by the server from a user'"'"'s computer the cast ballot B_castcombined with a user'"'"'s individual private key DS(B_cast, c);
  
  forming by the server a digital signature of B_castusing a server private key DS(B_cast, s);
  
  recording by the server DS(B_cast, s) in a server database;
  
  associating by the server DS(B_cast, c) and DS(B_cast, s) with a vote serial number VSN;
  
  forming by the server a confirmation token including DS(B_cast, c) and DS(B_cast, s), VSN and signed using server private key DS(C, s);
  
  receiving the confirmation token at the user'"'"'s computer from the server via a network;
  
  encrypting the confirmation token at the user'"'"'s computer with a user'"'"'s individual public key;
  
  receiving the encrypted confirmation token at the server from the user'"'"'s computer;
  
  decrypting the confirmation token at the server using a server public key;
  
  decomposing the confirmation token at the server into DS(B_cast, c) and DS(B_cast, s), and VSN;
  
  extracting VSN from the decomposed confirmation token;
  
  reconstructing cast ballot B_cast_—_{reconstructed}at the server from the server database using the extracted VSN against an index for the server database;
  
  determining at the server if DS(B_cast, s)_{reconstructed}matches DS(B_cast, s) and if (B_cast, c)_{reconstructed}matches DS(B_cast, c); and
  
  if both matches are confirmed at the server transmitting to the user'"'"'s computer a confirmation of proper recordation of cast ballot B_cast.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Leidos, Inc. (Leidos Holdings, Inc.)
Original Assignee
Science Applications International Corporation
Inventors
Barnhart, Robert M.
Primary Examiner(s)
Jarrett, Scott L

Application Number

US09/805,279
Publication Number

US 20020133396A1
Time in Patent Office

4,592 Days
Field of Search

705/12
US Class Current

705/12
CPC Class Codes

G06Q 10/10 Office automation; Time man...

G07C 13/00 Voting apparatus

Method and system for securing network-based electronic voting

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

36 Citations

6 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for securing network-based electronic voting

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

36 Citations

6 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links