From: JonWienk@ix.netcom.com
Date: Sun, 28 Jul 1996 11:59:25 +0800
To: cypherpunks@toad.com
Subject: Re: Publicly Verifiable Anonymous Voting System
In-Reply-To: <199607271806.NAA12990@manifold.algebra.com>
Message-ID: <199607280143.SAA21148@dfw-ix5.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 27 Jul 1996, ichudov@algebra.com (Igor Chudov @ home) wrote:
>so the authority that controls the voting knows to whom the keys belong.
>When voters submit their votes, they will know who signed these votes.
>
>I do not see how this system is anonymous.
>
>Look into "Applied Cryptography" By Schneier, 2nd edition, Page 125.
>
>	- Igor.

To the extent that no link is recorded between a particular key and a particular 
voter, the system is anonymous. As I said in the original post, if the govt 
cheats during the key registration process, the system is not anonymous. 
However, if the registered voter database and the key/ballot database are on 
non-connected, separate systems, it is certainly possible to devise a key 
registration protocol to ensure anonymity.

Here is a more detailed description of the registration method:
1.  The registration process takes place in two separate rooms, one anonymous, 
and one non-anonymous, which are staffed by separate people, with separate 
computer systems.  The only way to enter/exit the anonymous room is via the 
non-anonymous room.

2.  The voter enters the non-anonymous room, where he provides proofs of 
identity and residence and is entered in the registered voter database, which is 
NOT publicly available.

3.  Once the voter has demonstrated eligibility, he is given a token that 
designates him as a registered voter, but has no personal information. A 
hard-to-counterfeit carved rod (too large to conceal on one's person) or 
something similar would be a good choice.

4.  The token gives the voter clearance to enter the anonymous room. Upon 
presenting the token, the voter inputs his key into the key database. (Insert 
your key disk in drive A and press Enter...) After the key has been entered into 
the system, the voter is given the receipt indicating that his key has been 
entered in the key database.

5.  The voter goes back to the non-anonymous room.  He turns in the token, signs 
a statement indicating that he entered a key and received a receipt for it, (to 
prevent voters from registering more than one key and thus voting more than 
once) and then goes home.

Jonathan Wienke

"1935 will go down in history! For the first time a civilized nation has full 
gun registration! Our streets will be safer, our police more efficient, and the 
world will follow our lead in the future!"
--Adolf Hitler

"46.  The U.S. government declares a ban on the possession, sale, 
transportation, and transfer of all non-sporting firearms. ...Consider the 
following statement:  I would fire upon U.S. citizens who refuse or resist 
confiscation of firearms banned by the U.S. government."
--The 29 Palms Combat Arms Survey  
http://www.ksfo560.com/Personalities/Palms.htm

1935 Germany = 1996 U.S.?

Key fingerprint =  30 F9 85 7F D2 75 4B C6  BC 79 87 3D 99 21 50 CB