[Members] cryptographic votes

Matthias Wimmer m at tthias.net
Wed Nov 30 04:18:07 CST 2005

Hi Nolan!

Nolan Eakins schrieb:

> I fail to understand what crypto will do other than making votes 
> non-anonymous through the voters signing, or if the votes are signed 
> how they'll ensure they're counted correctly.

Typical algorithms for crypto voting use two crypto tools: blind 
singatures and mixes.

Using these two things you get real anonymous voting as well as everyone 
being able to verify the results!

Crypto voting like that needs two steps:

1. step: blind signatures

Using blind signatures, it is possible to sign things you do not know 
what they contain. For digital voting this is used like that:
The voter (JSF member) is generating a key, it wants to use for voting 
in the second step. This key (the public key of it) is encrypted and 
send to the voting authority (the JSF). The voting authority now makes a 
blind signature on this key. This means it signed the key without 
decrypting it. This signature means (yes, we do not know what we signed 
exactly, but it is a key, that we allow to vote). The signed but still 
encrypted key is sent back to the voter (JSF member) which is the only 
one that is able to decrypt it again. The voter now has a signed key for 
voting and nobody beside himself knows which key he has (as nobody else 
could decrypt the key). This decrypted key is still valid, and that is 
the special thing about blind signatures. They ensure, that the 
signature does not get broken by decrypting what has been signed.

2. step: mixes

The voter (JSF member) now generates his vote and signs the vote using 
the key he generated in step one. As the key he uses to sign is signed 
by the voting authority (JSF) (remember the signature still can be 
verified after the key has been decrypted). All that has to be done now 
is send the vote back to the voting authority (JSF) which can then just 
publish all votes.
The only problem: We want anonymous votes, therefore nobody should be 
able to know which one sent the vote. So we cannot just send the signed 
vote back, we have to ensure that sending the vote back is anonymous as 
well. That is what mixes are for. For examples for mixes, look for 
"cipherpunk", "mixmaster", "mixminion", "onion routing", "jap", ... on 
the web. – Basically it works by encrypting the message several times 
using the keys of different hops. Now the message is sent from one hop 
to the next hop and each hop decrypts one layer of encryption it is able 
to decrypt. After resorting all messages this hop has gotten, it sends 
them all to the next hop.


More information about the Members mailing list