[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Publicly Verifiable Anonymous Voting System
[Begin Rant]
As I write this, I am listening to the news coverage of the bombing in
Centennial Park. The ABC news reports are already linking the suspected Georgia
Militia members accused of plotting to use pipe bombs at the Olympic Games.
Just like OKC, the militia-gun owner-right-wing extremist smear is gearing up
before the blood has a chance to dry. On the other hand, the govt seems to be
awfully reluctant to admit the obvious about TWA 800...
[End Rant]
Here is the how the voting system works.
1. All voting information (public keys, ballots, ballot signatures, etc.) is
publicly available via a Web site or other similar means, and can be downloaded
in its entirety by anyone who cares to take the trouble to do so. The software
(and source code) used to generate ballots should be publicly available as well.
2. When someone registers to vote, they submit a RSA public key to a registered
voter key database. The public key database does not contain voter information;
only keys. Access to the key entry terminals is controlled, so that only
registered voters can submit keys. A receipt is given to the voter with a hash
of the key printed on it (PGP fingerprint style), the key entry clerk's name, a
receipt serial number, etc., so the voter can verify the correct key was put in
the system, and who to shoot if it wasn't.
3. On election day, each voter submits a ballot signed with their private key.
The ballot contains the fingerprint of the voter's public key, the voter's
choices, (preferably in a standardized ASCII format) and the digital signature.
The ballot goes into the vote database regardless of whether it is valid or not.
The voter receives a printed receipt confirming that the ballot was entered in
the database, with a hash of the entire ballot (headers, signature, and all),
receipt serial number, etc.
4. After the election, each voter can verify whether their public key and
ballot are in the database, and see whether their vote is deemed valid or not
(if the signature on the ballot can be verified by a key in the key database).
If there are any discrepancies, the voter has the public key, the ballot, and
the receipts to prove that his vote should be counted.
5. Since the key/vote databases are not connected to individuals, no one can
connect votes to voters unless cheating occurs during the registration process.
If there is fraud or other errors, the key/ballot/receipt combo is all that is
necessary to prove the error--no identification of the bearer is required.
6. Keys in the system should expire every few years.
Any comments / constructive criticisms welcome.
Jonathan Wienke
"1935 will go down in history! For the first time a civilized nation has full
gun registration! Our streets will be safer, our police more efficient, and the
world will follow our lead in the future!"
--Adolf Hitler
"46. The U.S. government declares a ban on the possession, sale,
transportation, and transfer of all non-sporting firearms. ...Consider the
following statement: I would fire upon U.S. citizens who refuse or resist
confiscation of firearms banned by the U.S. government."
--The 29 Palms Combat Arms Survey
http://www.ksfo560.com/Personalities/Palms.htm
1935 Germany = 1996 U.S.?
Key fingerprint = 30 F9 85 7F D2 75 4B C6 BC 79 87 3D 99 21 50 CB