At this stage, the task is to receive a vote from a voter and record it in the blockchain. In the process of doing this, the following requirements must be fulfilled:
- Ensure voter anonymity
- Provide protection against trash votes
- Provide protection against vote trafficking and voter coercion
- Enable voters to check that their votes have been recorded in the blockchain.
Here is a step-by-step description of the process:
A. First of all, there is the issue of user identification and each user’s right to vote. This is a major issue, which is resolved differently depending on the segment. For example:
- In a general election, a voter must be a citizen of the country, older than 18 and without a criminal record. In this case, we need to provide integration with user identification systems used in the relevant countries.
- Another example: voting in the OpenStack community (software for creating and managing public and private cloud services) is available to those who uploaded code to a certain GitHub repository during a certain period of time.
B. A user has logged on to the system and we see that he has the right to vote. Now, the voting client application (iOS, Android) generates a private key and a public key that will be used to sign the voting transaction (we will refer to it as a ballot).
C. The user casts his ballot in the client application.
D. The application encrypts the ballot using the common key generated at the vote initialization stage, signs the ballot with the user’s key and sends it to be recorded in the blockchain. Signing the ballot with the user’s key will make it possible to verify that the ballot was delivered to the blockchain intact and that it was saved there successfully.
E. Upon receiving a ballot that has been cast, the voting system verifies that it contains one of the possible choice options, thereby blocking attempts to send trash/spoiled ballots (this will be subsequently used when counting votes). How does this verification work? Below we provide an example of the simplest case of zero-knowledge proof.
In the example above, possession of knowledge of alpha is being proved. Essentially, the above example is an interactive proof, since the Verifier party sends challenge c to the Prover party. However, this scheme can be rendered non-interactive by sending a hash, e.g., of a and b, as “c” when sending parameters a, b, r to the Verifier party.
This principle can be implemented using various mathematical apparatus. We selected the ElGamal system for its properties that are discussed below.
A small remark. The algorithm described here, which is used to encrypt the entire blockchain, ensures anonymity, provided that decryption is not performed at the end. Results of the vote can be counted without decrypting data using the homomorphic properties of ElGamal cryptosystem. More on this below.
It is worth adding that there is a threat of vote trafficking / coerced voting (e.g., when management at an enterprise demands that employees provide screenshots of their ballots). We suggest countering this threat by enabling voters to change their votes without limitation. This will help to break the economic connection with vote traffickers, since a voter can change his or her ballot after selling it to the trafficker. In our case, the issue is resolved as follows: a voter can cast the ballot any number of times, but when counting votes the system will count only the last ballot cast by that user.