[openskills-dev] Another constitution question

Daniel Noll daniel at noll.id.au
Fri Oct 29 01:16:28 BST 2004


At Fri, Oct 29, 2004 at 07:21:09AM +1000, Bruce Badger wrote:
> Another thought.  Perhaps it is possible to have some degree of
> anonymity and still be able to trace a ballot.
> 
> If I were to generate an OpenPGP key and not tell anyone, I could use
> that key to sign ballots.
> 
> I could then ask the ballot system for the vote signed using my new 
> key. Only I know it's my signature, and only I have the key.  Thus, only
> I can confirm the ballot is not tampered with using that key.
> 
> The signature alone would not be enough for my identity to be
> discovered.
> 
> This came to me in the shower and so may be:
> 	o Stupid
> 	o Unworkable
> 	o Something I read 
> 
> But it might be useful.  What do you think?

Definitely.

So the process would be something like...

    Voter would:
        1. fill in the ballot form;
        2. sign with an unknown key (Optional, for voter verification);
        3. sign with their known key;
        4. encrypt with the voting system's key... maybe;
        5. send the message to the voting system.

    System would:
        6. receive the message;
        7. decrypt the message;
        8. check the signature on the remaining message, and then strip it out;
        9. ignore the verification signature (is this a step?  I did nothing ;-));
       10. interpret and count the vote (enter the multiple independent programs);
       11. hash the ballot paper to create an ID for it;
       12. store the ballot paper with its ID, cross the voter off the list, and
           increment the counts, in a single transaction;
       13. send the ID back to the voter, possibly encrypted to their public key,
           as the confirmation.  Actually, you could send back the entire ballot
           paper if you wanted as well, as long as it was all encrypted to their
           key.

At any point, a person who knows the ID of a ballot paper can verify that it's
in the system, by typing in the ID of the paper.  The system would lookup the
database, and show the ballot paper, which would have a signature on it.  Anyone
could type any ID and see any paper, but this wouldn't seem to be harmful since
each voter can only see their own signature. :-)

TX

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.openskills.org/pipermail/openskills-dev/attachments/20041029/76cfa913/attachment.pgp


More information about the OpenSkills-dev mailing list