- #1
mathmari
Gold Member
MHB
- 5,049
- 7
Hey! 
I am reading about an electronic voting system from the book Cryptography:an Introduction, N.Smart and I have some questions.
The voting system will assume that we have $m$ voters, and that there are $n$ centres which perform the tallying. The use of a multitude of tallying centres is to allow voter anonymity and stop a few centres colluding to fix the vote. We shall assume that voters are only given a choice of one of two candidates.
At the System Setup why does each voter have a public key signature algorithm and not a private one?? (Wondering)
What is a bit commitment scheme?? (Wondering)
What is the purpose of the Vote Casting?? At this step does the voter choose the vote and publishes $B_j$ as commitment and also a proof that the vote was indeed chosen from the set $\{-1, 1\}$?? What does it mean that the voter publishes these?? (Wondering)
Could you explain to me at the part Vote Distribution the sentence "The voter then publishes it commitments to the polynomial $R_j(X)$ by publicly posting $B_{l, j}=B_{s_{l, j}}(r_{l,j})$ for $1 \leq l \leq t$, again using the commitment scheme." ?? (Wondering)
I am reading about an electronic voting system from the book Cryptography:an Introduction, N.Smart and I have some questions.
The voting system will assume that we have $m$ voters, and that there are $n$ centres which perform the tallying. The use of a multitude of tallying centres is to allow voter anonymity and stop a few centres colluding to fix the vote. We shall assume that voters are only given a choice of one of two candidates.
- - System Setup
Each of the $n$ tally centres has a public key encryption function $E_i$. We assume a finite abelian group $G$ is fixed, of prime order $q$, and two elements $g, h \in G$ are selected for which no party (including the tally centres) know the discrete logarithm $h=g^x$. Each voter has a public key signature algorithm - - Vote Casting
Each of the $m$ voters picks a vote $v_j$ from the set $\{-1, 1\}$. The voter picks a random blinding value $a_j \in \mathbb{Z}/q\mathbb{Z}$ and publishes their vote $B_j=B_{a_j}(v_j)$, using the bit commitment scheme. This vote is public to all participating parties, both tally centres and other voters. Along with the vote $B_j$ the voter also publishes a non-interactive version of the protocal to show that the vote was chosen from the set $\{-1, 1\}$. The vote and its proof are then digitally signed using the signing algorithm of the voter. - - Vote Distribution
We now need to distribute the votes cast around the tally centres so that the final tally can be computed. Each voter emplys Shamir's secret sharing scheme as follows, to share the $a_j$ and $v_j$ around the tallying centres: Each voter picks two random polynomials modulo $q$ of degree $t<n$.
$$R_j(X)=v_j+r_{1,j}X+\dots +r_{t,j}X^t \\ S_j(X)=a_j+s_{1,j}X+\dots s_{t,j}X^t$$ The voter computes $$(u_{i,j}, w_{i,j})=(R_j(i), _j(i)) \text{ for } 1 \leq i \leq n$$ The voter encrypts the pair $(u_{i,j}, w_{i,j})$ using the $i$th tally centre's encryption algorithm $E_i$. This encryptes share is sent to the relevant tally centre. The voter then publishes it commitments to the polynomial $R_j(X)$ by publicly posting $B_{l, j}=B_{s_{l, j}}(r_{l,j})$ for $1 \leq l \leq t$, again using the commitment scheme. - - Consistency Check
- - Tally Counting
At the System Setup why does each voter have a public key signature algorithm and not a private one?? (Wondering)
What is a bit commitment scheme?? (Wondering)
What is the purpose of the Vote Casting?? At this step does the voter choose the vote and publishes $B_j$ as commitment and also a proof that the vote was indeed chosen from the set $\{-1, 1\}$?? What does it mean that the voter publishes these?? (Wondering)
Could you explain to me at the part Vote Distribution the sentence "The voter then publishes it commitments to the polynomial $R_j(X)$ by publicly posting $B_{l, j}=B_{s_{l, j}}(r_{l,j})$ for $1 \leq l \leq t$, again using the commitment scheme." ?? (Wondering)
Last edited by a moderator: