[Members] cryptographic votes
m at tthias.net
Wed Nov 30 04:18:07 CST 2005
Nolan Eakins schrieb:
> I fail to understand what crypto will do other than making votes
> non-anonymous through the voters signing, or if the votes are signed
> how they'll ensure they're counted correctly.
Typical algorithms for crypto voting use two crypto tools: blind
singatures and mixes.
Using these two things you get real anonymous voting as well as everyone
being able to verify the results!
Crypto voting like that needs two steps:
1. step: blind signatures
Using blind signatures, it is possible to sign things you do not know
what they contain. For digital voting this is used like that:
The voter (JSF member) is generating a key, it wants to use for voting
in the second step. This key (the public key of it) is encrypted and
send to the voting authority (the JSF). The voting authority now makes a
blind signature on this key. This means it signed the key without
decrypting it. This signature means (yes, we do not know what we signed
exactly, but it is a key, that we allow to vote). The signed but still
encrypted key is sent back to the voter (JSF member) which is the only
one that is able to decrypt it again. The voter now has a signed key for
voting and nobody beside himself knows which key he has (as nobody else
could decrypt the key). This decrypted key is still valid, and that is
the special thing about blind signatures. They ensure, that the
signature does not get broken by decrypting what has been signed.
2. step: mixes
The voter (JSF member) now generates his vote and signs the vote using
the key he generated in step one. As the key he uses to sign is signed
by the voting authority (JSF) (remember the signature still can be
verified after the key has been decrypted). All that has to be done now
is send the vote back to the voting authority (JSF) which can then just
publish all votes.
The only problem: We want anonymous votes, therefore nobody should be
able to know which one sent the vote. So we cannot just send the signed
vote back, we have to ensure that sending the vote back is anonymous as
well. That is what mixes are for. For examples for mixes, look for
"cipherpunk", "mixmaster", "mixminion", "onion routing", "jap", ... on
the web. – Basically it works by encrypting the message several times
using the keys of different hops. Now the message is sent from one hop
to the next hop and each hop decrypts one layer of encryption it is able
to decrypt. After resorting all messages this hop has gotten, it sends
them all to the next hop.
More information about the Members