CN113381991B - 基于区块链的电子投票系统及方法 - Google Patents

基于区块链的电子投票系统及方法 Download PDF

Info

Publication number
CN113381991B
CN113381991B CN202110629318.6A CN202110629318A CN113381991B CN 113381991 B CN113381991 B CN 113381991B CN 202110629318 A CN202110629318 A CN 202110629318A CN 113381991 B CN113381991 B CN 113381991B
Authority
CN
China
Prior art keywords
voter
voting
zero knowledge
proof
block chain
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110629318.6A
Other languages
English (en)
Other versions
CN113381991A (zh
Inventor
杨旸
詹永华
薛文溢
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Fuzhou University
Original Assignee
Fuzhou University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fuzhou University filed Critical Fuzhou University
Priority to CN202110629318.6A priority Critical patent/CN113381991B/zh
Publication of CN113381991A publication Critical patent/CN113381991A/zh
Application granted granted Critical
Publication of CN113381991B publication Critical patent/CN113381991B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C13/00Voting apparatus
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3006Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
    • H04L9/3013Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters involving the discrete logarithm problem, e.g. ElGamal or Diffie-Hellman systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3218Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
    • H04L9/3221Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs interactive zero-knowledge proofs
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Abstract

本发明涉及一种基于区块链的电子投票系统,所述系统包括候选人单元、投票人单元、选举组织方和区块链平台;所述选举组织者对每个投票人的身份进行认证,验证其是否具有投票资格;所述投票人在选举系统中登记后进行投票;所述区块链平台用于保证已提交的数据不会被删除或篡改。本发明实现分布式防篡改,不依赖任何中央机构来完成投票和计票程序。

Description

基于区块链的电子投票系统及方法
技术领域
本发明涉及区块链领域,具体涉及一种基于区块链的电子投票系统及方法。
背景技术
选举和投票是民众行使公民权利不可或缺的机制。近来,许多政府都投入了大量资金用于建立一个可信的投票系统。爱沙尼亚就在国家选举中采用了在线投票。然而,在线选举系统也存在着安全隐患。2015年,新南威尔士选举委员会承认,多达66000张选票被在线投票网站iVote泄露,这些选票可能在无法觉察的情况下被曝光或篡改。这一重大事故暴露了传统电子投票系统的漏洞。由于中心化架构系统容易面临单点故障和DDoS攻击等问题,传统的在线投票系统往往存在着选票容易被修改甚至删除的情况。此外,由于缺乏有效的验证机制,还会出现同一投票人双投甚至多投的行为。同样,在传统的在线投票系统中,选举结果往往由选举组织者统计。即使组织者行为不当,提供虚假的结果,投票人也没有办法核实选举结果。
由于集中式模型的种种缺点,有必要减少对集中式架构的依赖,构建一个分布式的电子投票系统,以保证系统的不可篡改、隐私保护和可审计性。近年来,区块链技术在加密货币领域取得了很大的成功,它维护了一个不可变的分布式帐本以防止数据被篡改。该分布式账本不是由单个组织者管理,而是由区块链系统中的所有节点管理。在区块链中,不同区块由加密和哈希算法链接形成了区块链。每个区块都包含了前一个块的抗碰撞哈希、交易记录和时间戳。一旦数据被区块记录下来,该数据就无法被篡改。这种方式确保了帐本中数据记录的持久性和可验证性。
由于区块链的这些优良特性,许多基于区块链的在线投票系统被陆续提出。现有的方案大致可以分为两类。(1)需要计票机构的系统。尽管这些方案利用区块链的抗篡改特性来记录选票,它们仍然依赖一个或多个中央机构(如计票机构)来解密加密的选票并计算选举结果。(2)自计票系统。在自计票系统中,计票是一个公开的过程,每个实体(包括投票人和候选人)都可以验证所有的选票,从而计算最终的选举结果。然而,很多现有自计票系统是基于电子公告板(bulletin board)的,它无法抵抗黑客篡改或删除选票的攻击。
此外,现有的系统很少支持带保护隐私的灵活投票模式(flexible votingparadigm withprivacy protection)。大多数系统只实现了“是或否(yes-or-no)”的简单投票模式,从而使多个候选人竞选单个席位。然而在实际场景中,计分投票(score voting)选举制也在各种选举中被广泛采用。在计分投票中,投票人为每个候选人以分值进行投票,得票分数相加或平均后,由得分最高的候选人当选。以联合国秘书长的选举为例,投票人可以为候选人投出“赞成”、“反对”和“无意见”这三类票。另一个例子是犹他州绿党官员的选举,每张选票包含0-9这十个分数等级。计分投票也被用来评选奥斯卡最佳视觉效果的5个提名奖项。然而,现有在线投票系统均无法在保护隐私的前提下实现这种重要的选举类型。
发明内容
有鉴于此,本发明的目的在于提供一种基于区块链的电子投票系统及方法,实现分布式防篡改,不依赖任何中央机构来完成投票和计票程序。
为实现上述目的,本发明采用如下技术方案:
一种基于区块链的电子投票系统,所述系统包括候选人单元、投票人单元、选举组织方和区块链平台;所述选举组织者对每个投票人的身份进行认证,验证其是否具有投票资格;所述投票人在选举系统中登记后进行投票;所述区块链平台用于保证已提交的数据不会被删除或篡改。
进一步的,所述系统采用分布式ElGamal密码系统,在所述ElGamal密码系统中,E(m)是消息m的密文,E(m1+m2)可以由E(m1)·E(m2)计算得出;令
Figure BDA0003101713430000021
为一个循环群,其中g是阶为素数p的群
Figure BDA0003101713430000022
的生成元;
Figure BDA0003101713430000023
表示集合{0,1,…,p-1},
Figure BDA0003101713430000024
表示
Figure BDA0003101713430000025
假设系统中有n个用户,每个用户都有一个私钥/公钥对
Figure BDA0003101713430000031
该分布式系统的公钥
Figure BDA0003101713430000032
消息m被加密为E(m)=(c1,c2)=(gr,gm·PKr),其中
Figure BDA0003101713430000033
);解密时,每个用户需要计算一个部分解密值
Figure BDA0003101713430000034
并将其广播;最终每个用户都能计算出
Figure BDA0003101713430000035
一种基于区块链的电子投票系统的投票方法,包括以下步骤:
预先定义一个固定参数P,设定每一张选票中的评分之和必须等于P;
投票人
Figure BDA0003101713430000036
以安全参数1κ作为输入,生成其私钥/公钥对(Xi,Yi);
以投票人
Figure BDA0003101713430000037
的私钥Xi和候选人的身份
Figure BDA0003101713430000038
作为输入,生成为
Figure BDA0003101713430000039
投票的所需私钥/公钥对(xi,j,yi,j);
投票人
Figure BDA00031017134300000310
首先要为每个候选人
Figure BDA00031017134300000311
分配一个评分pi,j,其中0≤pi,j≤P且
Figure BDA00031017134300000312
并以投票人
Figure BDA00031017134300000313
的私钥Xi、对所有候选人的评分
Figure BDA00031017134300000314
和所有候选人的公钥
Figure BDA00031017134300000315
为输入,生成承诺Ci和零知识证明
Figure BDA00031017134300000316
在投票阶段,输入所有选票
Figure BDA00031017134300000317
通过计票后,输出选举结果
Figure BDA00031017134300000318
其中Pj是候选人
Figure BDA00031017134300000319
(j∈[nc])所得到的总评分。
进一步的,所述投票人
Figure BDA00031017134300000320
生成生成密钥,具体如下:投票人
Figure BDA00031017134300000321
以安全参数1κ作为输入,随机选取私钥
Figure BDA00031017134300000322
计算公钥
Figure BDA00031017134300000323
Figure BDA0003101713430000041
以自己的私钥Xi和候选人的身份
Figure BDA0003101713430000042
为输入,随机选取
Figure BDA0003101713430000043
计算私钥
Figure BDA0003101713430000044
公钥
Figure BDA0003101713430000045
投票人
Figure BDA0003101713430000046
还应该向
Figure BDA0003101713430000047
登记自己的真实身份和公钥,如果
Figure BDA0003101713430000048
具备投票资格,
Figure BDA0003101713430000049
Figure BDA00031017134300000410
的公钥进行签名,生成
Figure BDA00031017134300000411
然后,
Figure BDA00031017134300000412
发布
Figure BDA00031017134300000413
到区块链上。
进一步的,所述生成承诺Ci和零知识证明
Figure BDA00031017134300000414
具体如下:
Figure BDA00031017134300000415
为每个候选人
Figure BDA00031017134300000416
分配一个评分pi,j,并满足0≤pi,j≤P,
Figure BDA00031017134300000417
Figure BDA00031017134300000418
以私钥Xi、评分
Figure BDA00031017134300000419
和公钥
Figure BDA00031017134300000420
为输入,生成承诺Ci和相应的零知识证明
Figure BDA00031017134300000421
Figure BDA00031017134300000422
首先计算
Figure BDA00031017134300000423
然后选取随机数
Figure BDA00031017134300000424
为每个pi,j计算Ci,j=(ζi,ji,j),其中
Figure BDA00031017134300000425
于是
Figure BDA00031017134300000426
的承诺为
Figure BDA00031017134300000427
Figure BDA00031017134300000428
为每个
Figure BDA00031017134300000429
生成一个零知识证明
Figure BDA00031017134300000430
以证明
Figure BDA00031017134300000431
的承诺(ζi,ji,j)中的评分值pi,j满足区间要求
Figure BDA00031017134300000432
Figure BDA00031017134300000433
Figure BDA00031017134300000434
中的表达式
Figure BDA00031017134300000435
表明所有可能的pi,j值都会出现在
Figure BDA00031017134300000436
中;
然后,
Figure BDA00031017134300000437
通过零知识证明
Figure BDA00031017134300000438
以证明评分集合
Figure BDA00031017134300000439
满足
Figure BDA00031017134300000440
Figure BDA0003101713430000051
Figure BDA0003101713430000052
Figure BDA0003101713430000053
时,可以推导出
Figure BDA0003101713430000054
Figure BDA0003101713430000055
最后,
Figure BDA0003101713430000056
将Ci
Figure BDA0003101713430000057
发布到区块链上。
进一步的,所述投票阶段,具体如下:以投票人
Figure BDA0003101713430000058
的私钥Xi、评分
Figure BDA0003101713430000059
和公钥
Figure BDA00031017134300000510
作为输入,输出选票Bi及其零知识证明
Figure BDA00031017134300000511
Figure BDA00031017134300000512
首先计算
Figure BDA00031017134300000513
Figure BDA00031017134300000514
为保护评分集合
Figure BDA00031017134300000515
的隐私,
Figure BDA00031017134300000516
使用私钥(Xi,xi,j)对pi,j进行加密:
Figure BDA00031017134300000517
其中
Figure BDA00031017134300000518
j∈[nv];投票人
Figure BDA00031017134300000519
的加密选票为
Figure BDA00031017134300000520
接着,投票人
Figure BDA00031017134300000521
为每个
Figure BDA00031017134300000522
生成如下零知识证明
Figure BDA00031017134300000523
来证明加密评分在预定义区间内,并且pi,j是Commit算法中承诺的值
Figure BDA00031017134300000524
Figure BDA00031017134300000525
Figure BDA00031017134300000526
Figure BDA00031017134300000527
Figure BDA00031017134300000528
中的表达式
Figure BDA00031017134300000529
代表了
Figure BDA00031017134300000530
中pi,j∈[0,P]的所有可能值;
表达式
Figure BDA0003101713430000061
证明了(ηi,ji,j)中的pi,j是commit算法中承诺的值;
表达式
Figure BDA0003101713430000062
确保了
Figure BDA0003101713430000063
是由
Figure BDA0003101713430000064
的私钥(Xi,xi,j)所加密;然后,
Figure BDA0003101713430000065
通过零知识证明
Figure BDA0003101713430000066
以证明评分集合
Figure BDA0003101713430000067
满足
Figure BDA0003101713430000068
Figure BDA0003101713430000069
Figure BDA00031017134300000610
Figure BDA00031017134300000611
时,推导出
Figure BDA00031017134300000612
Figure BDA00031017134300000613
中的表达式
Figure BDA00031017134300000614
保证该投票由
Figure BDA00031017134300000615
使用其私钥Xi生成;选票Bi的零知识证明
Figure BDA00031017134300000616
最后,
Figure BDA00031017134300000617
在区块链上发布选票Bi和证明
Figure BDA00031017134300000618
进一步的,所述计票具体如下:验证者以所有选票{Bi}i∈n作为输入,执行自计票算法为每个候选人
Figure BDA00031017134300000619
计算
Figure BDA00031017134300000620
Figure BDA00031017134300000621
并推算出
Figure BDA00031017134300000622
由于
Figure BDA00031017134300000623
在一个很小的范围内,通过穷举计算出选举结果Pj
进一步的,若存在弃票的情况,则计票方式如下:
剩余的每个投票人通过计算
Figure BDA0003101713430000071
Figure BDA0003101713430000072
恢复弃权投票人
Figure BDA0003101713430000073
的评分值
Figure BDA0003101713430000074
上述式子成立是由于
Figure BDA0003101713430000075
为了得到最终投票结果,每个投票人
Figure BDA0003101713430000076
(i∈[nv]且i≠k)还需要计算
Figure BDA0003101713430000077
然后,计算
Figure BDA0003101713430000078
由于
Figure BDA0003101713430000079
在一个小范围内,可以通过从
Figure BDA00031017134300000710
中穷举计算出
Figure BDA00031017134300000711
最终候选人
Figure BDA00031017134300000712
的总评分值
Figure BDA00031017134300000713
进一步的,,所述零知识证明方法如下:
·
Figure BDA00031017134300000714
的计算过程:
(1)
Figure BDA00031017134300000715
选择
Figure BDA00031017134300000716
ρ,ek,
Figure BDA00031017134300000717
k∈[0,p]\{j}。计算
Figure BDA00031017134300000718
Figure BDA00031017134300000719
aj=gρ,bj=(Wi)ρ;对于所有τ∈[0,P],计算
Figure BDA00031017134300000720
Figure BDA00031017134300000721
计算c=H(si,ji,ji,j,{aτ,bτ}τ∈[0,P]),dj=c-∑k=[0,P]\{j}dk,ej=ρ-si,jdj
Figure BDA00031017134300000722
零知识证明
Figure BDA0003101713430000081
(2)验证者验证
Figure BDA0003101713430000082
如果上述式子成立,验证者就接受证明
Figure BDA0003101713430000083
·
Figure BDA0003101713430000084
的计算过程:
(1)
Figure BDA0003101713430000085
选择随机数
Figure BDA0003101713430000086
计算
Figure BDA0003101713430000087
Figure BDA0003101713430000088
零知识证明
Figure BDA0003101713430000089
(2)收到
Figure BDA00031017134300000810
后,验证者验证
Figure BDA00031017134300000811
Figure BDA00031017134300000812
如果上述式子成立,验证者就接受证明;
·
Figure BDA00031017134300000813
的计算过程:
(1)
Figure BDA00031017134300000814
选择
Figure BDA00031017134300000815
ρ,ek,e’k,dk,d’k,
Figure BDA00031017134300000816
其中k∈{0,1,2,…,j-1,j+1,…,P};
Figure BDA00031017134300000817
计算
Figure BDA00031017134300000818
aj=gρ,bj=(Wi)ρ,a’j=gρ,b’j=(Wi·g)ρ;然后,投票者
Figure BDA00031017134300000819
对所有τ∈{0,1,2,…,P}计算
Figure BDA00031017134300000820
接着,
Figure BDA00031017134300000821
随机选择
Figure BDA00031017134300000822
并计算
Figure BDA00031017134300000823
Figure BDA00031017134300000824
Figure BDA0003101713430000091
dj=c-∑k=[0,P],k≠jdk,ej=ρ-si,jdj,d’j=c-∑k=[0,P],k≠jd’k,e’j=ρ-Xid’j,f’j=ρ-ri,jd’j
零知识证明
Figure BDA0003101713430000092
(2)验证者收到证明
Figure BDA0003101713430000093
后,验证
Figure BDA0003101713430000094
Figure BDA0003101713430000095
Figure BDA0003101713430000096
如果上述式子成立,验证者就接受证明
Figure BDA0003101713430000097
·
Figure BDA0003101713430000098
的计算过程:
(1)
Figure BDA0003101713430000099
随机选择
Figure BDA00031017134300000910
并计算
Figure BDA00031017134300000911
Figure BDA00031017134300000912
零知识证明
Figure BDA00031017134300000913
(2)验证者收到证明
Figure BDA00031017134300000914
后,验证
Figure BDA00031017134300000915
Figure BDA00031017134300000916
如果上述式子成立,验证者就接受
Figure BDA00031017134300000917
本发明与现有技术相比具有以下有益效果:
1、本发明实现分布式防篡改。该系统完全分布式,不依赖任何中央机构来完成投票和计票程序;与传统的选举方案相比,本发明利用区块链来防止选票被篡改或删除,实现了个人可验证性(individual verifiability),使每个投票人都可以验证自己的加密选票是否记录在区块链上,是否被正确机票。普遍可验证性(universal verifiability)保证了每个实体都可以计算并验证选举结果;
2、本发明在保护隐私的同时实现灵活的计分投票。投票人可以将指定范围内的不同评估分数分配给候选人。在每张选票中,评估分数的总和必须为一个常数。在投票阶段,投票人对候选人的评估分数进行加密,以确保机密性。隐私保护的计分投票所面临的主要挑战是,如何在不泄露具体分数的前提下,证明选票中的每个评估分数都在规定的范围内,并且分数的总和为一个常数。本发明提出了双零知识证明(dual-ZKP),它不仅为每个元素提供了“范围证明”,还为一组元素提供了“总和证明”。dual-ZKP的性质使得证明者可以在同一组元素集合上证明所有元素同时满足两个约束条件(即对单个元素的约束,以及对所有元素总和的约束)。我们设计了“1-out-K”的零知识证明算法来证明分数满足范围约束,并利用分布式ElGamal密码系统和零知识证明来证实评分总和为一个常数
3、本发明还设有弃票处理机制,每个投票人在将加密的选票公布在区块链之前,都应该对投票(即评估分数)做出承诺。如果一些投票人放弃公布选票,其他投票人仍然可以从承诺还原出选举结果。
附图说明
图1是本发明一实施例中分数投票示例;
图2是本发明系统模型示意图。
具体实施方式
下面结合附图及实施例对本发明做进一步说明。
请参照图2,本发明提供一种基于区块链的电子投票系统,所述系统包括一组候选人和投票人,选举组织方
Figure BDA0003101713430000101
和区块链平台。在本实施例中,系统中候选人的个数为nc,记为
Figure BDA0003101713430000102
投票人的个数为nv,记为
Figure BDA0003101713430000103
选举组织者需要对每个投票人的身份进行认证,验证其是否具有投票资格。投票人在选举系统中登记后可以进行投票。区块链平台用于保证已提交的数据不会被删除或篡改。
在本实施例中,符号变量设定如表1所示:
表1:符号变量
Figure BDA0003101713430000111
Figure BDA0003101713430000121
优选的,在本实施例中,投票系统的密码系统采用分布式ElGamal密码系统,在所述ElGamal密码系统中,E(m)是消息m的密文,E(m1+m2)可以由E(m1)·E(m2)计算得出;令
Figure BDA0003101713430000122
为一个循环群,其中g是阶为素数p的群
Figure BDA0003101713430000123
的生成元;
Figure BDA0003101713430000124
表示集合{0,1,…,p-1},
Figure BDA0003101713430000125
表示
Figure BDA0003101713430000126
假设系统中有n个用户,每个用户都有一个私钥/公钥对
Figure BDA0003101713430000131
该分布式系统的公钥
Figure BDA0003101713430000132
消息m被加密为E(m)=(c1,c2)=(gr,gm·PKr),其中
Figure BDA0003101713430000133
);解密时,每个用户需要计算一个部分解密值
Figure BDA0003101713430000134
并将其广播;最终每个用户都能计算出
Figure BDA0003101713430000135
在本实施例中,还提供一种基于区块链的电子投票系统的投票方法,包括以下步骤:
·
Figure BDA0003101713430000136
由每个投票人
Figure BDA0003101713430000137
执行。投票人
Figure BDA0003101713430000138
以安全参数1κ作为输入,生成其私钥/公钥对(Xi,Yi)。
·
Figure BDA0003101713430000139
以投票人
Figure BDA00031017134300001310
的私钥Xi和候选人的身份
Figure BDA00031017134300001311
作为输入,生成为
Figure BDA00031017134300001312
投票的所需私钥/公钥对(xi,j,yi,j)。
·
Figure BDA00031017134300001313
由投票人
Figure BDA00031017134300001314
执行。
Figure BDA00031017134300001315
首先要为每个候选人
Figure BDA00031017134300001316
分配一个评分pi,j,其中0≤pi,j≤P且
Figure BDA00031017134300001317
以投票人
Figure BDA00031017134300001318
的私钥Xi、对所有候选人的评分
Figure BDA00031017134300001319
和所有候选人的公钥
Figure BDA00031017134300001320
为输入,生成承诺Ci和零知识证明
Figure BDA00031017134300001321
·
Figure BDA00031017134300001322
Figure BDA00031017134300001323
执行。算法以
Figure BDA00031017134300001324
的私钥Xi,对所有候选人的评分
Figure BDA00031017134300001325
公钥
Figure BDA00031017134300001326
投票私钥
Figure BDA00031017134300001327
和投票公钥
Figure BDA00031017134300001328
为输入,为投票人
Figure BDA00031017134300001329
生成一张选票Bi和零知识证明
Figure BDA00031017134300001330
·
Figure BDA0003101713430000141
可由系统中的任何实体执行(包括候选人、投票人、选举组织方以及区块链中的节点)。输入所有选票
Figure BDA0003101713430000142
输出选举结果
Figure BDA0003101713430000143
其中Pj是候选人
Figure BDA0003101713430000144
所得到的总评分。
·
Figure BDA0003101713430000145
将在任意一个投票人
Figure BDA0003101713430000146
放弃提交选票时被执行。在有投票人弃票的情况下,系统中所有剩余投票人可以协作恢复选举结果。以所有的选票
Figure BDA0003101713430000147
承诺Ck和私钥
Figure BDA0003101713430000148
作为输入,输出选举结果
Figure BDA0003101713430000149
其中Pj为候选人
Figure BDA00031017134300001410
收到的总评价点数。
优选的,在本实施例中,在注册阶段,每个投票人
Figure BDA00031017134300001411
需要执行KeyGen算法为自己生成一个私钥/公钥对(Xi,Yi)。同时,
Figure BDA00031017134300001412
还需要执行KeyDerive为对候选人
Figure BDA00031017134300001413
的投票生成一个私钥/公钥对(xi,j,yi,j),其中i∈[nv],j∈[nc]。
Figure BDA00031017134300001414
以安全参数1κ作为输入,随机选取私钥
Figure BDA00031017134300001415
计算公钥
Figure BDA00031017134300001416
Figure BDA00031017134300001417
以自己的私钥Xi和候选人的身份
Figure BDA00031017134300001418
为输入,随机选取
Figure BDA00031017134300001419
计算私钥
Figure BDA00031017134300001420
公钥
Figure BDA00031017134300001421
每个投票人还应该向
Figure BDA00031017134300001422
登记自己的真实身份和公钥。如果
Figure BDA00031017134300001423
具备投票资格,
Figure BDA00031017134300001424
Figure BDA00031017134300001425
的公钥进行签名,生成
Figure BDA00031017134300001426
然后,
Figure BDA00031017134300001427
发布
Figure BDA00031017134300001428
到区块链上。
Figure BDA00031017134300001429
公钥的真实性可以通过Ver算法和
Figure BDA00031017134300001430
的验证密钥
Figure BDA00031017134300001431
来验证
在本实施例中在承诺阶段,每个
Figure BDA00031017134300001432
从区块链收集公钥
Figure BDA00031017134300001433
并为
Figure BDA00031017134300001434
生成承诺。
Figure BDA0003101713430000151
为每个候选人
Figure BDA0003101713430000152
分配一个评分pi,j,并满足0≤pi,j≤P,
Figure BDA0003101713430000153
Figure BDA0003101713430000154
以私钥Xi、评分
Figure BDA0003101713430000155
和公钥
Figure BDA0003101713430000156
为输入,生成承诺Ci和相应的零知识证明
Figure BDA0003101713430000157
Figure BDA0003101713430000158
首先计算
Figure BDA0003101713430000159
然后选取随机数
Figure BDA00031017134300001510
为每个pi,j计算Ci,j=(ζi,ji,j)(其中
Figure BDA00031017134300001511
)。于是
Figure BDA00031017134300001512
的承诺为
Figure BDA00031017134300001513
接下来,
Figure BDA00031017134300001514
为每个
Figure BDA00031017134300001515
生成一个零知识证明
Figure BDA00031017134300001516
以证明
Figure BDA00031017134300001517
的承诺(ζi,ji,j)中的评分值pi,j满足区间要求(即pi,j∈[0,P])。
Figure BDA00031017134300001518
Figure BDA00031017134300001519
Figure BDA00031017134300001520
中的表达式
Figure BDA00031017134300001521
表明所有可能的pi,j值都会出现在
Figure BDA00031017134300001522
中。然后,
Figure BDA00031017134300001523
通过零知识证明
Figure BDA00031017134300001524
以证明评分集合
Figure BDA00031017134300001525
满足
Figure BDA00031017134300001526
Figure BDA00031017134300001527
Figure BDA00031017134300001528
Figure BDA00031017134300001529
时,可以推导出
Figure BDA00031017134300001530
Figure BDA00031017134300001531
最后,
Figure BDA00031017134300001532
将Ci
Figure BDA00031017134300001533
发布到区块链上。
在本实施例中,投票阶段:
Figure BDA0003101713430000161
在投票阶段,
Figure BDA0003101713430000162
执行算法对上一小节中提交的评分
Figure BDA0003101713430000163
进行加密。
该算法以投票人
Figure BDA0003101713430000164
的私钥Xi、评分
Figure BDA0003101713430000165
和公钥
Figure BDA0003101713430000166
作为输入,输出选票Bi及其零知识证明
Figure BDA0003101713430000167
Figure BDA0003101713430000168
首先计算
Figure BDA0003101713430000169
Figure BDA00031017134300001610
为保护评分集合
Figure BDA00031017134300001611
的隐私,
Figure BDA00031017134300001612
使用私钥(Xi,xi,j)对pi,j进行加密:
Figure BDA00031017134300001613
其中
Figure BDA00031017134300001614
j∈[nv]。投票人
Figure BDA00031017134300001615
的加密选票为
Figure BDA00031017134300001616
接着,投票人
Figure BDA00031017134300001617
为每个
Figure BDA00031017134300001618
生成如下零知识证明
Figure BDA00031017134300001619
来证明加密评分在预定义区间内(即pi,j∈[0,P]),并且pi,j是Commit算法中承诺的值。
Figure BDA00031017134300001620
Figure BDA00031017134300001621
Figure BDA00031017134300001622
Figure BDA00031017134300001623
Figure BDA00031017134300001624
中的表达式
Figure BDA00031017134300001625
代表了
Figure BDA00031017134300001626
中pi,j∈[0,P]的所有可能值。表达式
Figure BDA00031017134300001627
证明了(ηi,ji,j)中的pi,j是commit算法中承诺的值。表达式
Figure BDA0003101713430000171
确保了
Figure BDA0003101713430000172
是由
Figure BDA0003101713430000173
的私钥(Xi,xi,j)所加密。
然后,
Figure BDA0003101713430000174
通过零知识证明
Figure BDA0003101713430000175
以证明评分集合
Figure BDA0003101713430000176
满足
Figure BDA0003101713430000177
Figure BDA0003101713430000178
Figure BDA0003101713430000179
Figure BDA00031017134300001710
时,可以推导出
Figure BDA00031017134300001711
Figure BDA00031017134300001712
中的表达式
Figure BDA00031017134300001713
保证该投票由
Figure BDA00031017134300001714
使用其私钥Xi生成。选票Bi的零知识证明
Figure BDA00031017134300001715
最后,
Figure BDA00031017134300001716
在区块链上发布选票Bi和证明
Figure BDA00031017134300001717
在本实施例中,自计票阶段具体如下:
在所有投票人提交了他们的承诺、选票及相应的零知识证明之后,验证者检查这些证明的有效性,然后执行自计票算法得到选举结果
Figure BDA00031017134300001718
其中Pj
Figure BDA00031017134300001719
得到的总评分值。
Figure BDA00031017134300001720
验证者以所有选票{Bi}i∈n作为输入,执行自计票算法为每个候选人
Figure BDA00031017134300001721
计算
Figure BDA00031017134300001722
Figure BDA00031017134300001723
并推算出
Figure BDA00031017134300001724
由于
Figure BDA00031017134300001725
在一个很小的范围内,通过穷举计算出选举结果Pj
在本实施例中,如果一个投票人
Figure BDA0003101713430000181
在投票阶段没有投出合法的选票,系统中的其他投票人
Figure BDA0003101713430000182
也能从其承诺Ck中恢复他的投票。
(1)剩余的每个投票人通过计算
Figure BDA0003101713430000183
Figure BDA0003101713430000184
可以恢复弃权投票人
Figure BDA0003101713430000185
的评分值
Figure BDA0003101713430000186
上述式子成立是由于
Figure BDA0003101713430000187
(2)为了得到最终投票结果,每个投票人
Figure BDA0003101713430000188
(i∈[nv]且i≠k)还需要计算
Figure BDA0003101713430000189
Figure BDA00031017134300001810
然后,计算
Figure BDA00031017134300001811
由于
Figure BDA00031017134300001812
在一个小范围内,可以通过从
Figure BDA00031017134300001813
中穷举计算出
Figure BDA00031017134300001814
最终候选人
Figure BDA00031017134300001815
的总评分值
Figure BDA00031017134300001816
在本实施例中,优选的系统中的零知识证明方法如下。
·
Figure BDA00031017134300001817
的计算过程。
(1)
Figure BDA00031017134300001818
选择
Figure BDA00031017134300001819
ρ,ek,
Figure BDA00031017134300001820
k∈[0,p]\{j}。计算
Figure BDA00031017134300001821
Figure BDA00031017134300001822
aj=gρ,bj=(Wi)ρ。对于所有τ∈[0,P],计算
Figure BDA00031017134300001823
Figure BDA00031017134300001824
计算c=H(si,ji,ji,j,{aτ,bτ}τ∈[0,P]),dj=c-∑k=[0,P]\{j}dk,ej=ρ-si, jdj
Figure BDA00031017134300001825
零知识证明
Figure BDA00031017134300001826
(2)验证者验证
Figure BDA0003101713430000191
如果上述式子成立,验证者就接受证明
Figure BDA0003101713430000192
·
Figure BDA0003101713430000193
的计算过程。
(1)
Figure BDA0003101713430000194
选择随机数
Figure BDA0003101713430000195
计算
Figure BDA0003101713430000196
Figure BDA0003101713430000197
零知识证明
Figure BDA0003101713430000198
(2)收到
Figure BDA0003101713430000199
后,验证者验证
Figure BDA00031017134300001910
Figure BDA00031017134300001911
如果上述式子成立,验证者就接受证明。
·
Figure BDA00031017134300001912
的计算过程。
(1)
Figure BDA00031017134300001913
选择
Figure BDA00031017134300001914
ρ,ek,e’k,dk,d’k,
Figure BDA00031017134300001915
其中k∈{0,1,2,…,j-1,j+1,…,P}。
Figure BDA00031017134300001916
计算
Figure BDA00031017134300001917
aj=gρ,bj=(Wi)ρ,a’j=gρ,b’j=(Wi·g)ρ。然后,投票者
Figure BDA00031017134300001918
对所有τ∈{0,1,2,…,P}计算
Figure BDA00031017134300001919
接着,
Figure BDA00031017134300001920
随机选择
Figure BDA00031017134300001921
并计算
Figure BDA00031017134300001922
Figure BDA00031017134300001923
Figure BDA00031017134300001924
dj=c-∑k=[0,P],k≠jdk,ej=ρ-si,jdj,d’j=c-∑k=[0,P],k≠jd’k,e’j=ρ-Xid’j,f’j=ρ-ri,jd’j
零知识证明
Figure BDA0003101713430000201
(2)验证者收到证明
Figure BDA0003101713430000202
后,验证
Figure BDA0003101713430000203
Figure BDA0003101713430000204
Figure BDA0003101713430000205
如果上述式子成立,验证者就接受证明
Figure BDA0003101713430000206
·
Figure BDA0003101713430000207
的计算过程。
(1)
Figure BDA0003101713430000208
随机选择
Figure BDA0003101713430000209
并计算
Figure BDA00031017134300002010
Figure BDA00031017134300002011
零知识证明
Figure BDA00031017134300002012
(2)验证者收到证明
Figure BDA00031017134300002013
后,验证
Figure BDA00031017134300002014
Figure BDA00031017134300002015
如果上述式子成立,验证者就接受
Figure BDA00031017134300002016
以上所述仅为本发明的较佳实施例,凡依本发明申请专利范围所做的均等变化与修饰,皆应属本发明的涵盖范围。

Claims (6)

1.一种基于区块链的电子投票系统,其特征在于,所述系统包括候选人单元、投票人单元、选举组织方和区块链平台;所述选举组织方对每个投票人的身份进行认证,验证其是否具有投票资格;所述投票人在选举系统中登记后进行投票;所述区块链平台用于保证已提交的数据不会被删除或篡改;所述系统采用分布式ElGamal密码系统,在所述ElGamal密码系统中,E(m)是消息m的密文,E(m1+m2)可以由E(m1)·E(m2)计算得出;令
Figure FDA0003792491290000011
为一个循环群,其中g是阶为素数p的群
Figure FDA0003792491290000012
的生成元;p表示集合{0,1,…,p-1},
Figure FDA0003792491290000013
表示p\0={1,…,p-1};假设系统中有n个用户,每个用户都有一个私钥/公钥对
Figure FDA0003792491290000014
该分布式系统的公钥
Figure FDA0003792491290000015
消息m被加密为E(m)=(c1,c2)=(gr,gm·PKr),其中
Figure FDA0003792491290000016
解密时,每个用户需要计算一个部分解密值
Figure FDA0003792491290000017
并将其广播;最终每个用户都能计算出
Figure FDA0003792491290000018
2.一种基于区块链的电子投票系统的投票方法,其特征在于,包括以下步骤:
预先定义一个固定参数P,设定每一张选票中的评分之和必须等于P;
投票人
Figure FDA0003792491290000019
以安全参数1κ作为输入,生成其私钥/公钥对(Xi,Yi);
以投票人
Figure FDA00037924912900000110
的私钥Xi和候选人的身份
Figure FDA00037924912900000111
作为输入,生成为
Figure FDA00037924912900000112
投票的所需私钥/公钥对(xi,j,yi,j);
投票人
Figure FDA0003792491290000021
首先要为每个候选人
Figure FDA0003792491290000022
分配一个评分pi,j,其中0≤pi,j≤P且
Figure FDA0003792491290000023
nc为候选人的数量,并以投票人
Figure FDA0003792491290000024
的私钥Xi、对所有候选人的评分
Figure FDA0003792491290000025
和所有候选人的公钥
Figure FDA0003792491290000026
为输入,生成承诺Ci和零知识证明
Figure FDA0003792491290000027
在投票阶段,输入所有选票
Figure FDA0003792491290000028
通过计票后,输出选举结果
Figure FDA0003792491290000029
其中Pj是候选人
Figure FDA00037924912900000210
所得到的总评分;
所述投票人
Figure FDA00037924912900000211
生成密钥,具体如下:投票人
Figure FDA00037924912900000212
以安全参数1κ作为输入,随机选取私钥
Figure FDA00037924912900000213
计算公钥
Figure FDA00037924912900000214
Figure FDA00037924912900000215
以自己的私钥Xi和候选人的身份
Figure FDA00037924912900000216
为输入,随机选取
Figure FDA00037924912900000217
计算私钥
Figure FDA00037924912900000218
公钥
Figure FDA00037924912900000219
投票人
Figure FDA00037924912900000220
还应该向
Figure FDA00037924912900000245
登记自己的真实身份和公钥,如果
Figure FDA00037924912900000221
具备投票资格,
Figure FDA00037924912900000222
Figure FDA00037924912900000223
的公钥进行签名,生成
Figure FDA00037924912900000224
然后,
Figure FDA00037924912900000225
发布
Figure FDA00037924912900000226
到区块链上;
所述生成承诺Ci和零知识证明
Figure FDA00037924912900000227
具体如下:
Figure FDA00037924912900000228
为每个候选人
Figure FDA00037924912900000229
分配一个评分pi,j,并满足0≤pi,j≤P,
Figure FDA00037924912900000230
Figure FDA00037924912900000231
以私钥Xi、评分
Figure FDA00037924912900000232
和公钥
Figure FDA00037924912900000233
为输入,生成承诺Ci和相应的零知识证明
Figure FDA00037924912900000234
Figure FDA00037924912900000235
首先计算
Figure FDA00037924912900000236
然后选取随机数
Figure FDA00037924912900000237
为每个pi,j计算Ci,j=(ζi,ji,j),其中
Figure FDA00037924912900000238
于是
Figure FDA00037924912900000239
的承诺为
Figure FDA00037924912900000240
Figure FDA00037924912900000241
为每个
Figure FDA00037924912900000242
生成一个零知识证明
Figure FDA00037924912900000243
以证明
Figure FDA00037924912900000244
的承诺(ζi,ji,j)中的评分值pi,j满足区间要求
Figure FDA0003792491290000031
Figure FDA0003792491290000032
Figure FDA0003792491290000033
中的表达式
Figure FDA0003792491290000034
表明所有可能的pi,j值都会出现在
Figure FDA0003792491290000035
中;
然后,
Figure FDA0003792491290000036
通过零知识证明
Figure FDA0003792491290000037
以证明评分集合
Figure FDA0003792491290000038
满足
Figure FDA0003792491290000039
Figure FDA00037924912900000310
Figure FDA00037924912900000311
Figure FDA00037924912900000312
时,可以推导出
Figure FDA00037924912900000313
Figure FDA00037924912900000314
最后,
Figure FDA00037924912900000315
将Ci
Figure FDA00037924912900000316
发布到区块链上。
3.根据权利要求2所述的基于区块链的电子投票系统的投票方法,其特征在于,所述投票阶段,具体如下:以投票人
Figure FDA00037924912900000317
的私钥Xi、评分
Figure FDA00037924912900000318
和公钥
Figure FDA00037924912900000319
作为输入,输出选票Bi及其零知识证明
Figure FDA00037924912900000320
Figure FDA00037924912900000321
首先计算
Figure FDA00037924912900000322
Figure FDA00037924912900000323
为保护评分集合
Figure FDA00037924912900000324
的隐私,
Figure FDA00037924912900000325
使用私钥(Xi,xi,j)对pi,j进行加密:
Figure FDA00037924912900000326
其中
Figure FDA00037924912900000327
投票人
Figure FDA00037924912900000328
的加密选票为
Figure FDA00037924912900000329
接着,投票人
Figure FDA0003792491290000041
为每个
Figure FDA0003792491290000042
生成如下零知识证明
Figure FDA0003792491290000043
来证明加密评分在预定义区间内,并且pi,j是Commit算法中承诺的值
Figure FDA0003792491290000044
Figure FDA0003792491290000045
Figure FDA0003792491290000046
Figure FDA0003792491290000047
Figure FDA0003792491290000048
中的表达式
Figure FDA0003792491290000049
代表了
Figure FDA00037924912900000410
中pi,j∈[0,P]的所有可能值;
表达式
Figure FDA00037924912900000411
证明了(ηi,ji,j)中的pi,j是commit算法中承诺的值;
表达式
Figure FDA00037924912900000412
确保了
Figure FDA00037924912900000413
是由
Figure FDA00037924912900000414
的私钥(Xi,xi,j)所加密;
然后,
Figure FDA00037924912900000415
通过零知识证明
Figure FDA00037924912900000416
以证明评分集合
Figure FDA00037924912900000417
满足
Figure FDA00037924912900000418
Figure FDA00037924912900000419
Figure FDA00037924912900000420
Figure FDA00037924912900000421
时,推导出
Figure FDA00037924912900000422
Figure FDA00037924912900000423
中的表达式
Figure FDA00037924912900000424
保证该投票由
Figure FDA00037924912900000425
使用其私钥Xi生成;选票Bi的零知识证明
Figure FDA00037924912900000426
最后,
Figure FDA0003792491290000051
在区块链上发布选票Bi和证明
Figure FDA0003792491290000052
4.根据权利要求2所述的基于区块链的电子投票系统的投票方法,其特征在于,所述计票具体如下:验证者以所有选票{Bi}i∈n作为输入,执行自计票算法为每个候选人
Figure FDA0003792491290000053
计算
Figure FDA0003792491290000054
Figure FDA0003792491290000055
并推算出
Figure FDA0003792491290000056
由于
Figure FDA0003792491290000057
在一个很小的范围内,通过穷举计算出选举结果Pj
5.根据权利要求2所述的基于区块链的电子投票系统的投票方法,其特征在于,若存在弃票的情况,则计票方式如下:
剩余的每个投票人通过计算
Figure FDA0003792491290000058
Figure FDA0003792491290000059
恢复弃权投票人
Figure FDA00037924912900000510
的评分值
Figure FDA00037924912900000511
上述式子成立是由于
Figure FDA00037924912900000512
为了得到最终投票结果,每个投票人
Figure FDA00037924912900000513
(i∈[nv]且i≠k)还需要计算
Figure FDA00037924912900000514
Figure FDA00037924912900000515
然后,计算
Figure FDA00037924912900000516
由于
Figure FDA0003792491290000061
在一个小范围内,可以通过从
Figure FDA0003792491290000062
中穷举计算出
Figure FDA0003792491290000063
最终候选人
Figure FDA0003792491290000064
的总评分值
Figure FDA0003792491290000065
6.根据权利要求2所述的基于区块链的电子投票系统的投票方法,其特征在于,所述零知识证明方法如下:
Figure FDA0003792491290000066
的计算过程:
(1)
Figure FDA0003792491290000067
选择
Figure FDA0003792491290000068
计算
Figure FDA0003792491290000069
Figure FDA00037924912900000610
aj=gρ,bj=(Wi)ρ;对于所有τ∈[0,P],计算
Figure FDA00037924912900000611
Figure FDA00037924912900000612
计算c=H(si,ji,ji,j,{aτ,bτ}τ∈[0,P]),dj=c-Σk=[0,P]\{j}dk,ej=ρ-si, jdj
Figure FDA00037924912900000613
零知识证明
Figure FDA00037924912900000614
(2)验证者验证
Figure FDA00037924912900000615
如果上述式子成立,验证者就接受证明
Figure FDA00037924912900000616
Figure FDA00037924912900000617
的计算过程:
(1)
Figure FDA00037924912900000618
选择随机数
Figure FDA00037924912900000619
计算
Figure FDA00037924912900000620
Figure FDA00037924912900000621
零知识证明
Figure FDA00037924912900000622
(2)收到
Figure FDA0003792491290000071
后,验证者验证
Figure FDA0003792491290000072
Figure FDA0003792491290000073
如果上述式子成立,验证者就接受证明;
Figure FDA0003792491290000074
的计算过程:
(1)
Figure FDA0003792491290000075
选择
Figure FDA0003792491290000076
其中k∈{0,1,2,…,j-1,j+1,…,P};
Figure FDA0003792491290000077
计算
Figure FDA0003792491290000078
aj=gρ,bj=(Wi)ρ,a'j=gρ,b′j=(Wi·g)ρ;然后,投票者
Figure FDA0003792491290000079
对所有τ∈{0,1,2,…,P}计算
Figure FDA00037924912900000710
接着,
Figure FDA00037924912900000711
随机选择
Figure FDA00037924912900000712
并计算
Figure FDA00037924912900000713
Figure FDA00037924912900000714
Figure FDA00037924912900000715
dj=c-∑k=[0,P],k≠jdk,ej=ρ-si,jdj,d′j=c-Σk=[0,P],k≠jd'k,e'j=ρ-Xid′j,f′j=ρ-ri,jd′j
零知识证明
Figure FDA00037924912900000716
(2)验证者收到证明
Figure FDA00037924912900000717
后,验证
Figure FDA00037924912900000718
Figure FDA00037924912900000719
Figure FDA0003792491290000081
如果上述式子成立,验证者就接受证明
Figure FDA0003792491290000082
Figure FDA0003792491290000083
的计算过程:
(1)
Figure FDA0003792491290000084
随机选择
Figure FDA0003792491290000085
并计算
Figure FDA0003792491290000086
Figure FDA0003792491290000087
零知识证明
Figure FDA0003792491290000088
(2)验证者收到证明
Figure FDA0003792491290000089
后,验证
Figure FDA00037924912900000810
Figure FDA00037924912900000811
如果上述式子成立,验证者就接受
Figure FDA00037924912900000812
CN202110629318.6A 2021-06-04 2021-06-04 基于区块链的电子投票系统及方法 Active CN113381991B (zh)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110629318.6A CN113381991B (zh) 2021-06-04 2021-06-04 基于区块链的电子投票系统及方法

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110629318.6A CN113381991B (zh) 2021-06-04 2021-06-04 基于区块链的电子投票系统及方法

Publications (2)

Publication Number Publication Date
CN113381991A CN113381991A (zh) 2021-09-10
CN113381991B true CN113381991B (zh) 2022-12-13

Family

ID=77576225

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110629318.6A Active CN113381991B (zh) 2021-06-04 2021-06-04 基于区块链的电子投票系统及方法

Country Status (1)

Country Link
CN (1) CN113381991B (zh)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114005217A (zh) * 2021-10-21 2022-02-01 浙江工商大学 一种基于区块链的电子投票系统及方法
CN114444090B (zh) * 2021-12-17 2023-06-20 中国科学院信息工程研究所 一种高效的秘密唯一领导人选举方法
CN117040928B (zh) * 2023-10-08 2024-02-09 广州市悦智计算机有限公司 一种基于区块链智能合约实现投票权隐私发放方法

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109785494A (zh) * 2018-12-21 2019-05-21 暨南大学 基于区块链的可追踪的匿名电子投票方法

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019092650A1 (en) * 2017-11-09 2019-05-16 Electric Society Sa An ad-hoc network
US11257077B2 (en) * 2017-11-30 2022-02-22 Visa International Service Association Blockchain system for confidential and anonymous smart contracts
CN110060403B (zh) * 2019-03-21 2021-06-22 杭州电子科技大学 基于区块链的一人多票电子投票方法及系统
CN110224993B (zh) * 2019-05-16 2021-09-21 暨南大学 基于区块链的可追责匿名电子投票方法及系统
CN110555933B (zh) * 2019-07-31 2021-04-30 中钞信用卡产业发展有限公司杭州区块链技术研究院 电子投票方法、装置、设备及计算机存储介质
CN111476548B (zh) * 2020-04-16 2024-01-23 山东师范大学 一种基于区块链的职称评审方法及系统
CN111612961B (zh) * 2020-06-04 2021-04-06 西安电子科技大学 一种对投票人选票信息加密的电子投票方法

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109785494A (zh) * 2018-12-21 2019-05-21 暨南大学 基于区块链的可追踪的匿名电子投票方法

Also Published As

Publication number Publication date
CN113381991A (zh) 2021-09-10

Similar Documents

Publication Publication Date Title
Dimitriou Efficient, coercion-free and universally verifiable blockchain-based voting
CN113381991B (zh) 基于区块链的电子投票系统及方法
WO2020124843A1 (zh) 基于区块链的可追踪的匿名电子投票方法
Juels et al. Coercion-resistant electronic elections
Yang et al. Priscore: blockchain-based self-tallying election system supporting score voting
CN110912705B (zh) 一种基于区块链的分布式电子投票方法及系统
CN112487468B (zh) 基于区块链的可追踪的完全匿名电子投票方法及系统
KR20060127194A (ko) 공정한 블라인드 서명을 이용한 전자 투표 방법 및 시스템
Kremer et al. To du or not to du: A security analysis of du-vote
CN114005217A (zh) 一种基于区块链的电子投票系统及方法
CN114333137A (zh) 基于部分盲签名与区块链的匿名和抗胁迫电子投票系统
CN114677794B (zh) 一种基于区块链的电子投票方法
CN109544772B (zh) 一种安全高效的电子投票方法
Fan et al. DHS-voting: a distributed homomorphic signcryption E-voting
Khader et al. Proving {Prêt}{à} Voter Receipt Free Using Computational Security Models
Lijuan et al. Electronic Voting Scheme Based on Blockchain and SM2 Cryptographic Algorithm Zero-Knowledge Proof
CN113496406A (zh) 一种基于区块链的强匿名电子投票协议
Panja Zero-Knowledge Proof, Deniability and Their Applications in Blockchain, E-Voting and Deniable Secret Handshake Protocols
Saini et al. An Analytical study of E-voting System.
Akinyokun Secure voter authentication for poll-site elections in developing countries
Canard et al. Defeating malicious servers in a blind signatures based voting system
Fraser et al. Protecting the privacy of voters: New definitions of ballot secrecy for e-voting
Agrawal et al. Publicly auditable privacy-preserving electoral rolls
CN117201037A (zh) 一种基于区块链、环签名和同态加密的电子投票选举方法
Canard et al. How to fit cryptographic e-voting into smart cards

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant