home *** CD-ROM | disk | FTP | other *** search
- Newsgroups: sci.crypt
- Path: sparky!uunet!haven.umd.edu!darwin.sura.net!zaphod.mps.ohio-state.edu!cis.ohio-state.edu!daisy.learning.cs.cmu.edu!Marc.Ringuette
- From: Marc.Ringuette@daisy.learning.cs.cmu.edu
- Subject: Re: Cryptographic voting
- Message-ID: <9208172116.AA20035@news.cis.ohio-state.edu>
- Sender: daemon@cis.ohio-state.edu
- Organization: The Ohio State University Department of Computer and Information Science
- Date: Mon, 17 Aug 1992 20:50:00 GMT
- Lines: 30
-
- ken@ipa.com (Ken Pizzini) writes (in personal mail),
- > Sorry I don't have time right now to do the comparison myself, but
- > check out "A Cryptographic Scheme for Computereized General Elections"
- > by Kenneth Iverson in the Crypto '91 Proceedings (page 405).
-
- Thanks for the pointer, Ken. His scheme looks good. Here's a sketch:
-
- The election takes place between voters and k candidates, at least
- one of whom is assumed honest. Each voter communicates with all of
- the candidates in order to register and vote. The voter obtains
- an "eligibility token", prior to election day, signed by all the
- candidates. On election day, the voter submits a vote to each
- candidate using a zero-knowledge protocol so that they can verify
- the validity of the vote but not its contents. To tally results,
- the candidates must sign and publish their sub-tallies, and (I think)
- only then can the results be computed. Correctness and privacy is
- assured as long as one of the candidates is honest.
-
- This method of cryptographically masking the votes until an aggregate
- is computed seems like a good idea, and probably is superior to my
- anonymity-based method. I don't quite understand how it works, though.
-
- One concern I have with Iverson's method is that the protocol stalls
- whenever any of the candidates is unresponsive. Of course, "candidate"
- may be a misnomer -- perhaps the parties involved should be mutually
- independent watchdog agencies.
-
-
- M.
-
-
