CN114005217A - Electronic voting system and method based on block chain - Google Patents
Electronic voting system and method based on block chain Download PDFInfo
- Publication number
- CN114005217A CN114005217A CN202111226808.8A CN202111226808A CN114005217A CN 114005217 A CN114005217 A CN 114005217A CN 202111226808 A CN202111226808 A CN 202111226808A CN 114005217 A CN114005217 A CN 114005217A
- Authority
- CN
- China
- Prior art keywords
- voting
- voter
- result
- scoring
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 40
- 238000004364 calculation method Methods 0.000 claims description 32
- 238000012795 verification Methods 0.000 claims description 23
- 230000000977 initiatory effect Effects 0.000 claims description 14
- 239000003999 initiator Substances 0.000 claims description 11
- 230000008569 process Effects 0.000 claims description 11
- 238000013475 authorization Methods 0.000 claims description 6
- 125000004122 cyclic group Chemical group 0.000 claims description 6
- 238000005336 cracking Methods 0.000 claims description 5
- 238000012545 processing Methods 0.000 claims description 3
- RTZKZFJDLAIYFH-UHFFFAOYSA-N Diethyl ether Chemical compound CCOCC RTZKZFJDLAIYFH-UHFFFAOYSA-N 0.000 description 6
- 239000000654 additive Substances 0.000 description 2
- 230000000996 additive effect Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 239000008358 core component Substances 0.000 description 1
- 238000013524 data verification Methods 0.000 description 1
- 230000002427 irreversible effect Effects 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C13/00—Voting apparatus
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/008—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3218—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
- H04L9/3221—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs interactive zero-knowledge proofs
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3252—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using DSA or related signature schemes, e.g. elliptic based signatures, ElGamal or Schnorr schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3255—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using group based signatures, e.g. ring or threshold signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/08—Randomization, e.g. dummy operations or using noise
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/42—Anonymization, e.g. involving pseudonyms
Abstract
The invention belongs to the field of electronic voting, and discloses an electronic voting system and method based on a block chain, which comprises an ElGamal encrypted deformation module supporting an addition homomorphism, a range certification module based on a ring signature and a knowledge certification module; the ElGamal encrypted deformation module supporting the addition homomorphism is used for encrypting all votes; the range certification module based on the ring signature is used for judging whether the used deformed ElGamal encrypted plaintext belongs to {0,1 }; the knowledge proof module is used for verifying the operation of the ticket player, namely the ElGamal decryption operation. The invention can not only meet 7 safety targets of integrity, correctness, anonymity, non-reusability, eligibility, fairness and verifiability of voting, but also has a distributed system architecture, and the system can realize the scoring function of voters on the premise of not influencing the safety attribute. The objectivity and the specialty of the voting event are ensured.
Description
Technical Field
The invention belongs to the technical field of electronic voting, and particularly relates to an electronic voting system and method based on a block chain.
Background
With the advent of blockchain technology, electronic voting systems based on blockchains have been widely proposed. In the existing electronic voting system scheme based on the block chain, the public transparency of the voting process is realized by utilizing the characteristics of block chain decentralization and untrustworthy modification. However, a supervision mechanism for the right of a voter is generally lacked in the existing electronic voting system based on the block chain, the anonymity of the system may cause the voter to misuse the right of the vote, the voter may cast a vote without professionalism due to the likes and dislikes of the individual, and the behavior is difficult to be effectively restricted in the existing electronic voting system scheme.
Therefore, the electronic voting system can realize the scoring function of voters on the premise of not influencing the safety attribute, and the scoring rule can be customized, for example, x is added when the voting is consistent with the final result, and y is added when the voting is not consistent with the final result. In the invention, a voter scoring mechanism is set, so that the voter can objectively and fairly cast each vote, the result of each voting event is ensured to accord with the objective fact, and the problem of voter supervision is solved. And the invention can be expanded to take the quality of the influence after the voting event as the final result of the voting event, and judge the voter score by taking the quality as the standard.
Disclosure of Invention
The present invention provides an electronic voting system and method based on a block chain, so as to solve the above technical problems.
In order to solve the above technical problems, the specific technical solution of the electronic voting system and method based on the block chain of the present invention is as follows:
an electronic voting system based on a block chain comprises an ElGamal encrypted deformation module supporting an addition homomorphism, a range certification module based on a ring signature and a knowledge certification module;
the ElGamal encrypted deformation module supporting the addition homomorphism is used for encrypting all votes;
the range certification module based on the ring signature is used for judging whether the used deformed ElGamal encrypted plaintext belongs to
{0,1};
The knowledge proof module is used for verifying the operation of the ticket player, namely the ElGamal decryption operation.
The invention also discloses a novel electronic voting method based on the block chain, which comprises the following steps:
step 1: a system initialization stage: initializing and setting parameters required in the voting system;
step 2: a voting stage: carrying out specific operation on the voting event, and displaying a voting result after the voting event is finished; any member in the system can serve as a voting initiator to create a brand-new voting event, and the event is stored on the block chain for all people to check; after initiating the vote, the voter enters a voting link, the voter with authorization can vote to release own opinions, and the voter stores the vote on the block chain after selecting the vote; when all voters complete voting or the voting event reaches the deadline time, the voter starts to enter a vote link; during the period, each voter plays the vote, the result of each voter is counted and uploaded to the block chain, and any person can obtain the result of the voting event through the calculation result of the voter;
and step 3: and (3) grading stage: starting after a plurality of voting events, and obtaining the scores of the users after the scoring stage is finished; anyone may initiate scoring of voters participating in a vote over a period of time, wherein the periods of time during which scoring is initiated between different initiators are not allowed to intersect; at the moment, the voter takes the voting information and the voting result of all voting events in a period of time from the block chain, compares whether the votes cast by each voter are consistent with the final result in sequence, calculates the scoring result and stores the scoring result in the block; anyone can then also obtain the data from the blockchain.
Further, the step 1 comprises the following specific steps:
when the system starts to operate, a safety parameter lambda is obtained, and then G, h, G and p are output by the system; p is a large prime number, p is greater than the total number of voters, G is a finite cyclic group with order p, G, h are elements randomly selected from the group G, and the obtained (G, h, G, p) is set as (G, h, G, p) used in vElGamal encryption, range attestation based on ring signatures and knowledge attestation algorithms; finally, a value q is taken, wherein q is a prime number, and the prime number is larger than the maximum number of all voters or voting events in a scoring period;
each participant in the system has a pair of public and private signature keys; the system can set multiple ticket players and realize (t, n) threshold, supposing that there are two ticket players, named PC and NP respectively, and setting the private keys of PC and NP asAndat this time, can obtainThe obtained public keys of the PC and the NP are stored in a block chain through an intelligent contract, the PC and the NP know the public keys of all persons and the corresponding relation between the public keys and specific identities, and other persons only know all the public keys without knowing the corresponding relation between the public keys and the identities; when the voter votes, only votes for or against the votes are stipulated, if the value of the votes for the votes is 1 and the value of the votes for.
Further, the step 2 comprises the following specific steps:
step 2.1: and (3) initiating a vote:
initiating a voting stage, wherein a voting sponsor creates a new voting event, the voting event comprises voting content, voting deadline, an authorized voter public key and a signature of the voting sponsor on the voting event, and the information of the voting event is stored in a block chain after the digital signature of the voting sponsor is verified to be valid by an intelligent contract;
step 2.2: voting by the voter:
the voting of the voter is divided into four steps, firstly, the voter calculates to obtain encrypted voting dataThen toComputing ring signaturesLast pair ofAfter digital signature, voting data is obtainedSending the contract to an intelligent contract; step 2.3, the person who plays the ticket:
when voting event EjAfter all voters in the system save votes to a block chain through an intelligent contract, a voter can conduct vote operation, a plurality of voters cooperate to conduct vote, two voters PC and NP are arranged, the two voters PC and NP cooperate to conduct statistics on voting results on the premise that no voting result is leaked, and the voting stage is divided into PC vote and NP vote and voting results are obtained.
Further, the step 2.2 comprises the following specific steps:
step 2.2.1, the voting data is encrypted to realize voting secret:
after the voting is initiated, a voting stage is entered, voters with authorization can vote, and encrypted voting data are obtained through calculationIs provided with nvVoting by the first voter to event EjMaking a vote during which the voter viFor voting event EjThe number of tickets that can be cast is vi,jSetting a voting value vi,jE {0,1}, the voting information of the voter is encrypted by using vElGamal, wherein the operation process isObtaining encrypted voting data
Step 2.2.2, calculating the ring signature to realize voting validity:
is obtained byThen, the voter calculates the ring signature, and any person can confirm whether the voting data is valid through the range certification technology based on the ring signature, and the voter sets two public keys to be (K)PC·KNP,Si,j(K) and (g)PC·KNP,Si,jV (h g)), generating its ring signatureThe intelligent contract can be verified through the ring signature and the encrypted voting data to ensure the voting information vi,j{0,1,};
And 2.2.3, calculating the digital signature to realize the impossibility of the vote:
the voter uses the private key of his own signature to generate information for the first two stepsSigning to generate corresponding digital signature sigmai,jAnyone can verify whether the digital signature is valid, and the voting data generated at the moment isStep 2.2.4, the intelligent contract verifies the signature validity and stores voting data:
voter will vote dataAnd sending the voting data to the intelligent contract, and storing the voting data in a block after the intelligent contract verifies that the ring signature and the digital signature are valid, wherein if any one of the ring signature and the digital signature is considered to be invalid, the voting data is abandoned.
Further, the step 2.3 includes the following specific steps:
step 2.3.1.: PC gramophone ticket to obtain Tv,PCAnd calculating the result to prove that:
first, the first ticket player PC calculatesAnd the result Tv,PC and the knowledge proof of the data is sent to the intelligent contract, the PC sends the digital signature of the data to the intelligent contract, the intelligent contract verifies the digital signature and the knowledge proof after receiving the data, the data is stored in the block chain A after the verification is passed, and the voting is finished if the verification is not passed;
step 2.3.2: NP singing ticket to obtain Tv,NPAnd calculating the result to prove that:
second order singer NP, calculatingAnd combining the resultsTv,NPAnd the zero knowledge proof is sent to the intelligent contract together, similarly, the NP sends the digital signature of the data to the intelligent contract together, the intelligent contract verifies the digital signature and the knowledge proof after receiving the data, the data are stored on the block chain after the verification is passed, and the voting is finished if the verification is not passed;
step 2.3.3: intelligent contract checking and keeping gramophone record result, anyone can pass through Tv,PCAnd Tv,NPObtaining the ticket result to complete the ticket operation in both PC and NP and to obtain the ticket result Tv,PCAnd Tv,NPAfter sending to the intelligent contract, anyone can obtain the contract through calculationBecause of the number of votesIs not a large number and the maximum possible value is nvObtaining the value by a brute force cracking method ifIf the value is equal to or greater than the threshold, the voting result can be obtained as approval, i.e., resjOtherwise, the voting result is against, i.e. resj=0。
Further, the scoring stage of step 3 allows anyone to initiate scoring for voters according to time periods, the interval for initiating scoring can be set to be one year or a longer fixed time, but the time periods for initiating scoring by any individual cannot be crossed, the voter can decide to respond or not respond to the scoring event according to the public key of the scoring initiator, after all the voters respond, the system enters the scoring stage to score votes of all users within a period of time, the voter voting is specified to be consistent with the result and added with 2 points, and is not consistent with 1 point;
the calculation of the scoring stage needs to be carried out after a plurality of votes are carried out, and the potential voter to be scored is assumed to be the voter ViThe voting event is E1To
The scoring stage is divided into four steps, firstly, the voting data is pre-calculated, and then the PC calculates v by using random numbersPCProtecting the privacy of voters and calculating the scoring result Te,PCFinally, NP carries out the same operation to calculate the scoring result Te,NPAnd anyone can verify the accuracy of the scoring result, and after the steps are completed, anyone can calculate the score or verify that the score is not manufactured.
Further, the scoring stage comprises the following specific steps:
step 3.1: pre-computing the vote:
firstly, pre-calculating votes, and according to different voting results, performing different pre-calculating on voters by a system, specifically as follows:
if the voting result is against, i.e. resjWhen it is 0, then calculateAndthe following equation can be obtained at this time:
after the calculation is completed, two voting situations can occur: if both the voting result and the voter vote are anti-votes, i.e. resj=v i,j0, then v 'is known'i,j=q,v″i,j0; otherwise, v'i,j=q+1,v″i,jq;
after the calculation is completed, two voting situations also occur: when the voting result and voter vote are all approval, i.e. resj=vi,j1, then v 'is known'i,j=q,v″i,jQ + 1; otherwise, v'i,j=0,v″i,j=q;
Step 3.2: PC scoring and calculation of knowledge proof:
obtain the above mentioned fortuneAfter calculating the result, the two voters PC and NP begin to calculate voter ViAt voting event E1ToA median score, first, taking u as one satisfying u + neRandom number of < q, ruIs thatA random number, PC calculationAnd v is to bePCAnd the digital signature is sent to an intelligent contract, and NP carries out similar calculationV is to beNPAnd the digital signature is sent to the intelligent contract, and a new v is calculated for each voter, PC and NPPCAnd vNP,
Then, PC calculatesAnd processing the result Te,PC、The zero knowledge proof and the digital signature of the data are sent to an intelligent contract, and the intelligent contract is verified and then stored on a block chain to realize the public verifiability;
step 3.3: NP scoring and computing knowledge proofs:
finally, NP directly obtains data T through intelligent contractv,PCNP calculation The result Tc,NP、 The zero knowledge proof and the digital signature of the data are sent to an intelligent contract, and the intelligent contract is verified and then stored on a block chain to realize the public verifiability;
step 3.4: obtaining a final score:
after TC and NP complete statistics, anybody can calculate voter V by the following processiVoting for an event E within a certain time period1ToScore of (1) and before calculating the total score, test Te,PCAnd Te,NPZero knowledge proof and validity of digital signature, if verified, based on The SUM is calculated, where SUM is ha·q+b;
Next, the voter's total score is obtained, first a and b, assuming δx,yNumber of votes voted for y, x, dxFor the number of times the result is x, it is deduced from the calculation:
uPC+uNP+2(δ0,1+δ0,0+δ1,1)+(δ0,1+δ1,1+δ1,0)=a
uPC+uNP+2δ0,1+δ1,1=b
since the voting score is divided into two cases of adding 2 and adding 1, it can be known that 0 < a < 3neAnd 0 < b < 3neFrom [ a.q + b]Trial maximum in H (3 n)e)2Once the values of a and b are obtained, the voter V can be calculatediIs scored as a totalEach of a-b is 2 (delta)0,0+δ1,1)+(δ0,1+δ1,0)A-b represent that the vote and the result are the same, and
at this time, it can be proved that the voting information is still secret to anyone, and the obtained formula is as follows:
one knows δ0,δ1A, b, but not known uPC,uNPFor any common member, the member has four formulas and six unknowns, and cannot obtain a result; whereas for a ticket taker PC, the PC knows delta0,δ1,a,b,uPCAt this time, the PC has four formulas and five unknowns, and the result cannot be calculated, so the method is also similar to any other ticket player.
The novel electronic voting system and the novel electronic voting method based on the block chain have the following advantages that:
the invention can not only meet 7 safety targets of integrity, correctness, anonymity, non-reusability, eligibility, fairness and verifiability of voting, but also has a distributed system architecture, and the system can realize the scoring function of voters on the premise of not influencing the safety attribute. The objectivity and the specialty of the voting event are ensured.
Drawings
FIG. 1 is a general block diagram of an electronic voting system based on a block chain according to the present invention;
fig. 2 is a flowchart of an electronic voting method based on a block chain according to the present invention.
Detailed Description
For better understanding of the objects, structure and functions of the present invention, an electronic voting system and method based on block chains according to the present invention will be described in detail with reference to the accompanying drawings.
Basic concept and framework of the present system:
firstly, block chain:
in 2008, this clever first proposed the concept of blockchains, which in the following years become the core component of electronic currency bitcoins: as a public ledger for all transactions. By utilizing a peer-to-peer network and distributed timestamp servers, the blockchain database can be managed autonomously. The blockchain invented for bitcoin makes it the first digital currency to solve the repeat consumption problem. The properties of the blockchain may address some of the problems in electronic voting systems. Decentralization can be realized, and the credibility problem of a third party of the electronic voting system can be solved; the openness can ensure the information to be disclosed and transparent; independence and safety guarantee the unforgeability of the voting result; anonymity protects the privacy of the individual.
Secondly, intelligent contract:
by writing an intelligent contract, the voting system can store data to be disclosed on the block chain, and can conveniently put some verification operations required in the voting system on the block chain, and at the moment, a trusted third party is not required to verify the safety problem possibly occurring in each stage in the voting event. The concept of Smart contracts (Smart contracts) was first introduced by Nick Szabo in 1995. An intelligent contract is a computer protocol intended to propagate, validate or execute contracts in an informational manner. As shown in the smart contract deployment flow diagram of fig. 1, smart contracts deployed on blockchains allow trusted transactions, which are traceable and irreversible, to be conducted without a third party. The invention deploys intelligent contracts on the Ether house block chain, and the intelligent contracts run on the Ether house virtual machine. An etherhouse virtual machine may be understood as a distributed "world computer" with computing power provided by all etherhouse nodes. Any node that provides computing power will pay for resources in Ether digital currency. People can establish a contract through an intelligent contract. After the intelligent contract is successfully deployed, the intelligent contract automatically runs and is responsible for executing data verification operation and block chain related operation in the invention.
Thirdly, an ElGamal encrypted deformation module supporting the addition homomorphism:
in the invention, in order to protect the secrecy of the voting information of the voter, all the voting information is uploaded to the block chain after being encrypted by the variant ElGamal. In the present invention, this encryption algorithm is named vselgamal. The voter may vote for or against a vote, embodied in the system as a value of 1 for a vote, 0 for a vote against, and 0 or 1 for m in the following algorithm. Meanwhile, in order to realize the ticket-singing function, the vElGamal encryption supports addition homomorphism, and voters can be voted and calculated without decrypting plaintext when singing tickets. The implementation is as follows:
1. is provided with
Inputting a safety parameter lambda and outputting G, h, G and p. Where p is a large prime number and G is a finite cyclic group of order p. G, h are randomly selected elements in G.
2. Key generation
For any one user, its public-private key pair (y, g, x) is generated. Satisfy y ═ gx。
3. Encryption
Input plaintext m e {0,1}κHere, because of brute force cracking in the decryption stage, k needs to be small enough to be 10000, and the user can use the key from the keySelecting a random number r, and calculating: (c)1,c2)=(hm·yr,gr)。
4. Decryption
The decryption formula is as follows:according to equation A ═ hmAnd performing brute force cracking on m to obtain m meeting the equation. To achieve additive homomorphism, two ciphertexts may be givenAndis provided with a3,1The following additive homomorphic operation may be performed: subsequently setting a plaintext m3And calculating by using a decryption method:m is obtained from the above formula3=m1+m2。
Fourthly, range certification based on ring signature:
in the operation process of the system, the intelligent contract needs to check whether the voter votes for approval or disapproval, so as to prevent the voter from voting disorderly. The invention realizes the range certification based on the ring signature through the ring signature to realize the function of checking the voter for voting, and particularly, whether the plaintext belongs to {0,1} or not is judged for the vElGamal encryption used by the invention. The ring signature used is from the literature and is specifically as follows:
1. is provided with
Inputting a safety parameter lambda and outputting G, h, G and p. Where p is a large prime number and G is a finite cyclic group of order p. G, h are randomly selected elements in G. Select a hash function H: {0,1}*→{0,1}lWhere l is a security parameter.
2. Key generation
Generating its public and private key pair (y) for user ii,gi,xi). Satisfy the requirement ofWhere i is 0. Let L be the set of these public keys.
3. Signature generation
For any user i, a ring signature (c) corresponding to L may be generated for message m0,s0,s1,...,sn-1). The method comprises the following specific steps:
first of all, the first step is to,randomly selecting alpha ← ZpAnd calculate ck+1=Hk+1L,m,gα). When the user i.k +1,.., n-1, 0,.., k-1, s is selectedi←ZpAnd calculateThen, a ring is generated, and s is calculatedk=α-xkck. Finally, the ring signature for the message m and the public key L is (c)0,s0,s1,...,sn-1)。
4. Signature verification
When i is 0Subsequently, when i ≠ n-1, c is calculatedi+1=Hi+1(L,m,ei). When c occurs0=H0(L,m,en-1) If so, the signature verification is successful, otherwise, the signature verification fails.
As can be seen from the security of the ring signature, only one of the private keys is known to generate the ring signature. This is also the key point for the present invention to implement range attestation using ring signatures. Specifically, the two public keys corresponding to the ring signature are (K)PC+KNP,Si,j-G) and (K)PC+KNP,Si,j-h-G). When the voter voting range belongs to {0,1}, KPC+KNPH and G are parameters available to the voter, who must have one of the private keys.
Fifthly, knowledge proves:
the invention needs to realize verifiability, and the expression form in the system realization is that whether the ticket result of each ticket player is fake can be verified, and the operation essentially utilizes a certain public element and the private key of the ticket player to carry out modular exponentiation, which is exactly corresponding to the function of knowledge signature. The knowledge signature scheme used in the invention is from the literature, and is specifically as follows:
1. key generation
A safety parameter lambda is input and,outputs G, h, G and p. Where p is a large prime number, p is greater than the total number of voters, and G is a finite cyclic group of order p. G, h are randomly selected elements in G. And selects a hash function H: {0,1}*→{0,1}lWhere l is a security parameter.
2. Proof of knowledge generation
Input y1,y2The prover proves to the verifier: x is logg y1=logh y2. The prover then follows from ZpSelecting a random number t to generate a knowledge proof: c is H (y)1||y2||g||h||gt||ht) And s ═ t-c · x mod p.
3. Knowledge proof verification
it can be concluded that if c' is c, the proof of knowledge passes, x is logg y1=logh y2(ii) a Otherwise x is logg y1=1logh y2. In the system scheme of the present invention, we define the proof of knowledge as DLOG (g, y)1)=DLOG(h,y2)。
The specific embodiment is as follows:
as shown in fig. 2, the voting system of the present invention is mainly divided into three stages: system initialization, a voting phase and a scoring phase. During the initialization phase, initial parameters of the system are set. In the voting stage, specific operation is mainly carried out on a certain voting event, and the voting result is displayed after the voting event is finished. The scoring phase begins after a plurality of voting events, and the scoring of the user can be obtained after the scoring phase is finished.
After the initialization of the parameters in the initialization stage is finished, the system enters a voting stage, any member in the system can serve as a voting initiator at the moment to create a brand-new voting event, and the event is stored in a block chain for all people to check. After the voting is initiated, the voter enters a voting link, the voter with authorization can vote to release own opinions, and after the voter selects the vote, the voter can save the vote on the block chain, so that the voter can conveniently sing the vote. When all voters complete the voting or the voting event reaches the deadline, the voter starts to enter the voting link. During the period, each voter plays the vote, the result of each voter is counted and uploaded to the block chain, and the result of the voting event can be obtained by any voter through the calculation result of the voter.
After a number of voting events, anyone may initiate scoring of voters participating in the vote over a period of time, wherein the periods of time during which scoring is initiated between different initiators do not allow for intersection. At the moment, the voter takes out the voting information and the vote results of all voting events in a period of time from the block chain, compares whether the votes cast by each voter are consistent with the final result in sequence, calculates the scoring result and stores the scoring result in the block. Anyone can then also obtain the data from the blockchain.
Step 1: system initialization phase
In the initialization stage, the parameters required in the voting system are mainly initialized and set. When the system starts to operate, a safety parameter lambda is obtained, and then the system outputs G, h, G and p. Where p is a large prime number, p is greater than the total number of voters and can be taken to be more than 1000, and G is a finite cyclic group of order p. G, h are randomly selected elements in group G. The obtained (G, h, G, p) is set to (G, h, G, p) used in the vselgamal encryption, range certification based on the ring signature, and knowledge certification algorithm. Finally, a value q is taken, where q is a prime number that is greater than the maximum number of voters or voting events within a scoring period.
Each participant in the system possesses a pair of public and private keys with signatures. The system can set a plurality of ticket players and realize the (t, n) threshold so as to ensure the integrity of the ticket players. For convenience of description, two voters, named PC and NP, respectively, are assumed in the present invention. Let the private keys of PC and NP beAndat this time, can obtainThe obtained public keys of the PC and the NP are stored in a block chain through an intelligent contract, so that anyone can verify the authenticity of the data in the subsequent process. The PC and NP know all persons' public keys and their correspondence to specific identities, while the rest of the persons only know all public keys and not their correspondence, which action provides initial anonymity protection.
The invention provides that voters can only vote for or against votes, and the system provides that the value of voted for is 1 and the value of voted for is 0. The rating may be set to any (x, y) when initiating the rating, i.e. voters voting for a match will receive a x rating and voters voting for a non-match will receive a y rating. In the implementation process of the system, for the convenience of implementation, the scoring score (x, y) is set to (2, 1), that is, voters voting for the result will obtain 2 scores, and voters voting for the result not meeting the result obtain 1 score.
Step 2: voting stage
Any one voting stage of the invention comprises three processes, namely initiating voting, voter voting and voter singing. After the voting is initiated, a voting event just starts, and after the vote is finished, the mark that the voting period is formally finished is made, and anyone can check the vote result. The system can enter the scoring phase after multiple votes. Details of the voting phase will be described below.
Step 2.1: initiating a vote
And initiating a voting phase, wherein a new voting event is created by the voting initiator, and the voting event comprises the voting content, the voting deadline, the public key of the authorized voter and the signature of the voting initiator on the voting event. The information of the voting event is stored in the block chain after the intelligent contract verifies that the digital signature is valid.
Step 2.2: voter voting
The voting of the voter can be divided into four steps, firstly, the voter calculates to obtain the encrypted voting dataThen toComputing ring signaturesLast pair ofAfter digital signature, voting data is obtainedAnd sending the contract to the intelligent contract. The specific scheme is as follows:
step 2.2.1, the voting data is encrypted to realize voting secret
After the voting is initiated, a voting stage is entered, voters with authorization can vote, and encrypted voting data are obtained through calculationIs provided with nvVoting by the first voter to event EjA vote is conducted. During the voting process, the voter viFor voting event EjThe number of tickets that can be cast is vi,jBy schemes setting the voting value vi,jE {0,1 }. The voting information of the voter is encrypted by using vElGamal to realize the secrecy of the voting information. Wherein the operation process is Obtaining encrypted voting dataIn essence, the process of the present invention,is the ciphertext encrypted by vElGamal.
Step 2.2.2, calculating the ring signature to realize the voting validity
Is obtained byThen, the voter calculates the ring signature, and anyone can confirm whether the voting data is valid through a range certification technology based on the ring signature. The voter sets two public keys to (K)PC·KNP,Si,j(K) and (g)PC·KNP,Si,jV (h g)), generating its ring signatureThe intelligent contract can be verified through the ring signature and the encrypted voting data to ensure the voting information vi,j∈{0,1}。
Step 2.2.3, calculating the digital signature to realize the non-forgeability of the vote
The voter uses the private key of his own signature to generate information for the first two stepsSigning to generate corresponding digital signature sigmai,jAnyone can verify whether the digital signature is valid or not, and the impossibility of counterfeiting of the vote is realized. The voting data generated at this time are
Step 2.2.4, the intelligent contract verifies the signature validity and stores the voting data
Voter will vote dataIs sent toAnd the intelligent contract stores the voting data in the block after verifying that the ring signature and the digital signature are valid, and abandons the voting data if any one of the ring signature and the digital signature is considered to be invalid.
Step 2.3, the person singing the ticket
When voting event EjAfter all voters in the system store votes to the block chain through the intelligent contracts, the voter can conduct the operation of singing the votes. The system adopts a mode of cooperation of a plurality of voters to prevent the voting result from being forged or falsified. As mentioned above, the present invention is provided with two singlers PC and NP. The PC and NP two voters cooperate to count the voting results on the premise of not revealing any voting results. The vote stage is divided into PC vote and NP vote and voting result is obtained.
Step 2.3.1: PC gramophone ticket to obtain Tv,PCAnd computing knowledge proof of the result
First, the first ticket player PC calculatesAnd the result Tv,PCAnd together with the proof of knowledge of the intelligent contract. In addition, the PC sends a digital signature of the data to the smart contract. And after receiving the data, the intelligent contract verifies the digital signature and the knowledge proof, the data is stored in the block chain A through verification, the public verifiability is realized, and the voting is finished if the verification fails.
Step 2.3.2: NP singing ticket to obtain Tv,NPAnd computing knowledge proof of the result
Second order singer NP, calculatingAnd the result Tv,NPAnd together with the zero knowledge proof of knowledge to be sent to the intelligent contract. Similarly, the NP sends the digital signatures of the data to the intelligent contract, the intelligent contract verifies the digital signatures and knowledge proof after receiving the data, the data are stored on the block chain through verification, the public verifiability is realized, and the voting is finished if the verification fails.
Step 2.3.3: intelligent contract checking and keeping gramophone record result, anyone can pass through Tv,PCAnd Tv,NPObtaining gramophone record results
The ticket-reading operation is completed at both PC and NP, and the result T of the ticket-reading operation is recordedv,PCAnd Tv,NPAfter sending to the intelligent contract, anyone can obtain the contract through calculationBecause of the number of votesIs not a large number and the maximum possible value is nvAnd obtaining the value by a brute force cracking method. If it is notIf the value is equal to or greater than the threshold, the voting result can be obtained as approval, i.e., resjOtherwise, the voting result is against, i.e. resj=0。
And step 3: scoring stage
The scheme allows anyone to initiate the scoring of voters according to time periods, and the interval for initiating the scoring can be set to be one year or a longer fixed time, but the time periods for any individual to initiate the scoring cannot be crossed. The voter can decide to respond or not respond to the scoring event according to the public key of the scoring initiator, and the system enters a scoring stage after all the voters respond to the scoring event to score votes of all users within a period of time. When the system is designed, the scheme provides that voters vote in accordance with the result and add 2 points, and do not accord with the result and add 1 point.
The calculation of the scoring stage needs to be carried out after a plurality of votes are carried out. If the voting times are too low, the situation that the voter score is equal to the number of voting events and the voter score is 1 can be easily generated, and the result of one-time voting by the voter can be known, so that the voting result is leaked. At this point, without loss of generality, assume that the potential voter being scored is voter ViThe voting event is E1To
The scoring phase can be divided into four steps, first pre-computing the voting data, then the PC computes v using random numbersPCProtecting the privacy of voters and calculating the scoring result Te,PCFinally, NP carries out the same operation to calculate the scoring result Te,NPAnd anyone can verify the accuracy of the scoring result, and after the steps are completed, anyone can calculate the score or verify that the score is not manufactured. The method comprises the following specific steps:
step 3.1: precomputing votes
Firstly, the system carries out different pre-calculations on voters' votes according to different voting results. The method comprises the following specific steps:
if the voting result is against, i.e. resjWhen it is 0, then calculateAndthe following equation can be obtained at this time:
after the calculation is completed, two voting situations can occur. If both the voting result and the voter vote are anti-votes, i.e. resj=v i,j0, then v 'is known'i,j=q,v″i,j0; otherwise, v'i,j=q+1,v″i,j=q。
after the calculation is finished, two voting situations also occur. When the voting result and voter vote are all approval, i.e. resj=vi,j1, then v 'is known'i,j=q,v″i,jQ + 1; otherwise, v'i,j=0,v″i,j=q。
Step 3.2: PC scoring and computing knowledge proofs
After obtaining the above operation results, two voters, PC and NP, begin to calculate voter ViAt voting event E1ToAnd (4) carrying out a medium score. First, take u as one satisfying u + neRandom number of < q, ruIs thatA random number of (2). PC calculationAnd v is to bePCAnd the digital signature is sent to the smart contract. NP performing similarity calculationV is to beNPAnd the digital signature is sent to the smart contract. For each voter, PC and NP calculate a new vPCAnd vNP。
Then, PC calculatesAnd processing the result Te,PC、The zero knowledge proof of (a) is sent to the intelligent contract with a digital signature on the data. After the verification of the intelligent contract, the verification result is stored in the block chain, so that the public verifiability is realized.
Step 3.3: NP scoring and computing knowledge proofs
Finally, NP directly obtains data T through intelligent contractv,PC. NP computation The result Te,NP、 The zero knowledge proof of (a) is sent to the intelligent contract with a digital signature on the data. After the verification of the intelligent contract, the verification result is stored in the block chain, so that the public verifiability is realized.
Step 3.4: obtaining a final score
After the PC and NP complete the statistics, anyone can calculate voter V by the following processiVoting for an event E within a certain time period1ToScore total score in (1). Before calculating the total score, T needs to be checkede,PCAnd Te,NPZero knowledge proof and validity of digital signatures. Any one of the two is invalid, the scoring result has the possibility of counterfeiting, and the voter fails to score; if the verification passes, according toThe SUM is calculated. Here SUM ═ ha·q+b。
The voter's total score is then obtained, first a and b. Suppose deltax,yNumber of votes voted for y, x, dxThe number of times x is the result. From the calculation process it can be derived:
uPC+uNP+2(δ0,1+δ0,0+δ1,1)+(δ0,1+δ1,1+δ1,0)=a
uPC+uNP+2δ0,1+δ1,1=b
since the voting score is divided into two cases of adding 2 and adding 1, it can be known that 0 < a < 3neAnd 0 < b <3ne. Thus, it can be selected from [ a · q + b]Trial maximum in H (3 n)e)2And obtaining the values of a and b. Once the values of a and b are obtained, voter V may be calculatediScore sum of (d) a-b is 2(δ)0,0+δ1,1)+(δ0,1+δ1,0). a-b exactly means that the vote and the result are the same, and
at this point it can be proven that the voting information is still covert to anyone. The formula that can be obtained is:
one knows δ0,δ1A, b, but not known uPC,uNP. For any common member, it has four equations and six unknowns, and apparently cannot yield results.
Whereas for a ticket taker PC, the PC knows delta0,δ1,a,b,uPCAt this time, the PC has four equations and five unknowns, and it is obvious that the result cannot be calculated. The same is true for any other drawer. This addresses the risk that a voter's vote may be revealed when a certain voting result occurs only once.
It is to be understood that the present invention has been described with reference to certain embodiments, and that various changes in the features and embodiments, or equivalent substitutions may be made therein by those skilled in the art without departing from the spirit and scope of the invention. In addition, many modifications may be made to adapt a particular situation or material to the teachings of the invention without departing from the essential scope thereof. Therefore, it is intended that the invention not be limited to the particular embodiment disclosed, but that the invention will include all embodiments falling within the scope of the appended claims.
Claims (8)
1. An electronic voting system based on a block chain is characterized by comprising an ElGamal encrypted deformation module supporting an addition homomorphism, a range certification module based on a ring signature and a knowledge certification module;
the ElGamal encrypted deformation module supporting the addition homomorphism is used for encrypting all votes;
the range proving module based on the ring signature is used for judging whether the used deformed ElGamal encrypted plaintext belongs to {0,1 };
the knowledge proof module is used for verifying the operation of the ticket player, namely, the FlGamal decryption operation.
2. A method of voting using the blockchain-based electronic voting system according to claim 1, comprising the steps of:
step 1: a system initialization stage: initializing and setting parameters required in the voting system;
step 2: a voting stage: carrying out specific operation on the voting event, and displaying a voting result after the voting event is finished; any member in the system can serve as a voting initiator to create a brand-new voting event, and the event is stored on the block chain for all people to check; after initiating the vote, the voter enters a voting link, the voter with authorization can vote to release own opinions, and the voter stores the vote on the block chain after selecting the vote; when all voters complete voting or the voting event reaches the deadline time, the voter starts to enter a vote link; during the period, each voter plays the vote, the result of each voter is counted and uploaded to the block chain, and any person can obtain the result of the voting event through the calculation result of the voter;
and step 3: and (3) grading stage: starting after a plurality of voting events, and obtaining the scores of the users after the scoring stage is finished; anyone may initiate scoring of voters participating in a vote over a period of time, wherein the periods of time during which scoring is initiated between different initiators are not allowed to intersect; at the moment, the voter takes the voting information and the voting result of all voting events in a period of time from the block chain, compares whether the votes cast by each voter are consistent with the final result in sequence, calculates the scoring result and stores the scoring result in the block; anyone can then also obtain the data from the blockchain.
3. The novel electronic voting method based on the block chain according to claim 2, wherein the step 1 comprises the following specific steps:
when the system starts to operate, a safety parameter lambda is obtained, and then G, h, G and p are output by the system; p is a large prime number, p is greater than the total number of voters, G is a finite cyclic group with order p, G, h are elements randomly selected from the group G, and the obtained (G, h, G, p) is set as (G, h, G, p) used in vElGamal encryption, range attestation based on ring signatures and knowledge attestation algorithms; finally, a value q is taken, wherein q is a prime number, and the prime number is larger than the maximum number of all voters or voting events in a scoring period;
each participant in the system has a pair of public and private signature keys; the system can set multiple ticket players and realize (t, n) threshold, supposing that there are two ticket players, named PC and NP respectively, and setting the private keys of PC and NP asAndat this time, can obtainThe obtained public keys of the PC and the NP are stored in a block chain through an intelligent contract, the PC and the NP know the public keys of all persons and the corresponding relation between the public keys and specific identities, and other persons only know all the public keys without knowing the corresponding relation between the public keys and the identities;
when the voter votes, only votes for or against the votes are stipulated, if the value of the votes for the votes is 1 and the value of the votes for.
4. The novel electronic voting method based on the block chain according to claim 3, wherein the step 2 comprises the following specific steps:
step 2.1: and (3) initiating a vote:
initiating a voting stage, wherein a voting sponsor creates a new voting event, the voting event comprises voting content, voting deadline, an authorized voter public key and a signature of the voting sponsor on the voting event, and the information of the voting event is stored in a block chain after the digital signature of the voting sponsor is verified to be valid by an intelligent contract;
step 2.2: voting by the voter:
the voting of the voter is divided into four steps, firstly, the voter calculates to obtain encrypted voting dataThen toComputing ring signaturesLast pair ofAfter digital signature, voting data is obtainedSending the contract to an intelligent contract;
step 2.3: the ticket player plays the ticket:
when voting event EjAfter all voters in the system save votes to a block chain through an intelligent contract, a voter can conduct vote operation, a plurality of voters cooperate to conduct vote, two voters PC and NP are arranged, and the two voters PC and NP cooperate to conduct voting results on the premise that any voting results are not leakedLine statistics, wherein the ticket-singing stage is divided into PC ticket-singing, NP ticket-singing and voting result obtaining.
5. A novel block chain-based electronic voting method according to claim 4, wherein the step 2.2 comprises the following specific steps:
step 2.2.1: and (3) encrypting the voting data to realize voting secrecy:
after the voting is initiated, a voting stage is entered, voters with authorization can vote, and encrypted voting data are obtained through calculationIs provided with nvVoting by the first voter to event EjMaking a vote during which the voter viFor voting event EjThe number of tickets that can be cast is vi,jSetting a voting value vi,jE {0,1}, the voting information of the voter is encrypted by using vElGamal, wherein the operation process isObtaining encrypted voting data
Step 2.2.2: calculating a ring signature to realize voting validity:
is obtained byThen, the voter calculates the ring signature, and any person can confirm whether the voting data is valid through the range certification technology based on the ring signature, and the voter sets two public keys to be (K)PC·KNP,Si,j(K) and (g)PC·KNP,Si,jV (h g)), generating its ring signatureIntelligent boxThe contract can be verified through the ring signature and the encrypted voting data to ensure the voting information vi,j∈{0,1};
Step 2.2.3: and calculating a digital signature to realize the impossibility of forgery of the vote:
the voter uses the private key of his own signature to generate information for the first two stepsSigning to generate corresponding digital signature sigmai,jAnyone can verify whether the digital signature is valid, and the voting data generated at the moment is
Step 2.2.4: the intelligent contract verifies the signature validity and saves the voting data:
voter will vote dataAnd sending the voting data to the intelligent contract, and storing the voting data in a block after the intelligent contract verifies that the ring signature and the digital signature are valid, wherein if any one of the ring signature and the digital signature is considered to be invalid, the voting data is abandoned.
6. A novel block chain-based electronic voting method according to claim 5, wherein the step 2.3 comprises the following specific steps:
step 2.3.1: PC gramophone ticket to obtain Tv,PCAnd calculating the result to prove that:
first, the first ticket player PC calculatesAnd the result Tv,PCAnd the knowledge proof of the data is sent to the intelligent contract, the PC sends the digital signature of the data to the intelligent contract, the intelligent contract verifies the digital signature and the knowledge proof after receiving the data, the data is stored in the block chain A after the verification is passed, and the voting is finished if the verification is not passed;
step 2.3.2: NP singing ticket to obtain Tv,NPAnd calculating the result to prove that:
second order singer NP, calculatingAnd the result Tv,NPAnd the zero knowledge proof is sent to the intelligent contract together, similarly, the NP sends the digital signature of the data to the intelligent contract together, the intelligent contract verifies the digital signature and the knowledge proof after receiving the data, the data are stored on the block chain after the verification is passed, and the voting is finished if the verification is not passed;
step 2.3.3: intelligent contract checking and keeping gramophone record result, anyone can pass through Tv,PCAnd Tv,NPObtaining the ticket result to complete the ticket operation in both PC and NP and to obtain the ticket result Tv,PCAnd Tv,NPAfter sending to the intelligent contract, anyone can obtain the contract through calculationBecause of the number of votesIs not a large number and the maximum possible value is nvObtaining the value by a brute force cracking method ifIf the value is equal to or greater than the threshold, the voting result can be obtained as approval, i.e., resjOtherwise, the voting result is against, i.e. resj=0。
7. The block chain-based novel electronic voting method according to claim 6, wherein the step 3 scoring stage allows anyone to initiate scoring for voters according to time periods, the interval for initiating scoring can be set to be one year or a longer fixed time, but the time periods for any person to initiate scoring cannot be crossed, the voter can decide to respond or not respond to the scoring event according to the public key of the scoring initiator, and after all the voters respond, the system enters the scoring stage to score votes of all users within a period of time, and the voter votes are defined to be matched with the result and added with 2 points, and are not matched with 1 point;
the calculation of the scoring stage needs to be carried out after a plurality of votes are carried out, and the potential voter to be scored is assumed to be the voter ViThe voting event is E1To
The scoring stage is divided into four steps, firstly, the voting data is pre-calculated, and then the PC calculates v by using random numbersPCProtecting the privacy of voters and calculating the scoring result Te,PCFinally, NP carries out the same operation to calculate the scoring result Te,NPAnd anyone can verify the accuracy of the scoring result, and after the steps are completed, anyone can calculate the score or verify that the score is not manufactured.
8. The novel electronic voting method based on the blockchain according to claim 7, wherein the scoring stage comprises the following specific steps:
step 3.1: pre-computing the vote:
firstly, pre-calculating votes, and according to different voting results, performing different pre-calculating on voters by a system, specifically as follows:
if the voting result is against, i.e. resjWhen it is 0, then calculateAndthe following equation can be obtained at this time:
after the calculation is completed, two voting situations can occur: if both the voting result and the voter vote are anti-votes, i.e. resj=vi,j0, then v 'is known'i,j=q,v″i,j0; otherwise, v'i,j=q+1,v″i,j=q;
after the calculation is completed, two voting situations also occur: when the voting result and voter vote are all approval, i.e. resj=vi,j1, then v 'is known'i,j=q,v″i,jQ + 1; otherwise, v'i,j=0,v″i,j=q;
Step 3.2: PC scoring and calculation of knowledge proof:
after obtaining the above operation results, two voters, PC and NP, begin to calculate voter ViAt voting event E1ToA median score, first, taking u as one satisfying u + neRandom number of < q, ruIs thatA random number, PC calculationAnd v is to bePCAnd the digital signature is sent to an intelligent contract, and NP carries out similar calculationV is to beNPAnd the digital signature is sent to the intelligent contract, and a new v is calculated for each voter, PC and NPPCAnd vNP,
Then, PC calculatesAnd processing the result Te,PC、The zero knowledge proof and the digital signature of the data are sent to an intelligent contract, and the intelligent contract is verified and then stored on a block chain to realize the public verifiability;
step 3.3: NP scoring and computing knowledge proofs:
finally, NP directly obtains data T through intelligent contractv,PCNP calculation The result Te,NP、 The zero knowledge proof and the digital signature of the data are sent to an intelligent contract, and the intelligent contract is verified and then stored on a block chain to realize the public verifiability;
step 3.4: obtaining a final score:
after the PC and NP complete the statistics, anyone can calculate voter V by the following processiVoting for an event E within a certain time period1ToTo getDividing the total score, and checking T before calculating the total scoree,PCAnd Te,NPZero knowledge proof and validity of digital signature, if verified, based on The SUM is calculated, where SUM is ha·q+b;
Next, the voter's total score is obtained, first a and b, assuming δx,yNumber of votes voted for y, x, dxFor the number of times the result is x, it is deduced from the calculation:
uPC+uNP+2(δ0,1+δ0,0+δ1,1)+(δ0,1+δ1,1+δ1,0)=a
uPc+uNP+2δ0,1+δ1,1=b
since the voting score is divided into two cases of adding 2 and adding 1, it can be known that 0 < a < 3neAnd 0 < b < 3neFrom [ a.q + b]Trial maximum in H (3 n)e)2Once the values of a and b are obtained, the voter V can be calculatediScore sum of (d) a-b is 2(δ)0,0+δ1,1)+(δ0,1+δ1,0) A-b represent that the vote and the result are the same, and
at this time, it can be proved that the voting information is still secret to anyone, and the obtained formula is as follows:
one knows δ0,δ1A, b, but not known uPC,uNPFor any common member, the member has four formulas and six unknowns, and cannot obtain a result; for the ticket player PCSay, PC knows δ0,δ1,a,b,uPCAt this time, the PC has four formulas and five unknowns, and the result cannot be calculated, so the method is also similar to any other ticket player.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111226808.8A CN114005217A (en) | 2021-10-21 | 2021-10-21 | Electronic voting system and method based on block chain |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111226808.8A CN114005217A (en) | 2021-10-21 | 2021-10-21 | Electronic voting system and method based on block chain |
Publications (1)
Publication Number | Publication Date |
---|---|
CN114005217A true CN114005217A (en) | 2022-02-01 |
Family
ID=79923402
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202111226808.8A Pending CN114005217A (en) | 2021-10-21 | 2021-10-21 | Electronic voting system and method based on block chain |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN114005217A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114520728A (en) * | 2022-04-21 | 2022-05-20 | 之江实验室 | Distributed anonymous marking method and system |
CN114978517A (en) * | 2022-07-27 | 2022-08-30 | 西南石油大学 | Electronic voting method based on intelligent contract and distributed Elgamal algorithm |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101908677B1 (en) * | 2017-09-29 | 2018-10-16 | 숭실대학교산학협력단 | System and method for managementing electronic vote using blockchain |
CN110224993A (en) * | 2019-05-16 | 2019-09-10 | 暨南大学 | Anonymous Electronic Voting method and system of calling to account based on block chain |
CN110473332A (en) * | 2019-08-23 | 2019-11-19 | 上海理工大学 | It is a kind of based on the facial expression of recognition of face and block chain technology vote assessment system |
CN110555933A (en) * | 2019-07-31 | 2019-12-10 | 中钞信用卡产业发展有限公司杭州区块链技术研究院 | Electronic voting method, device, equipment and computer storage medium |
US20210075599A1 (en) * | 2018-06-11 | 2021-03-11 | Douglas J. Pepe | Blockchain voting system and method with audit trail verification |
CN113381991A (en) * | 2021-06-04 | 2021-09-10 | 福州大学 | Electronic voting system and method based on block chain |
-
2021
- 2021-10-21 CN CN202111226808.8A patent/CN114005217A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101908677B1 (en) * | 2017-09-29 | 2018-10-16 | 숭실대학교산학협력단 | System and method for managementing electronic vote using blockchain |
US20210075599A1 (en) * | 2018-06-11 | 2021-03-11 | Douglas J. Pepe | Blockchain voting system and method with audit trail verification |
CN110224993A (en) * | 2019-05-16 | 2019-09-10 | 暨南大学 | Anonymous Electronic Voting method and system of calling to account based on block chain |
CN110555933A (en) * | 2019-07-31 | 2019-12-10 | 中钞信用卡产业发展有限公司杭州区块链技术研究院 | Electronic voting method, device, equipment and computer storage medium |
CN110473332A (en) * | 2019-08-23 | 2019-11-19 | 上海理工大学 | It is a kind of based on the facial expression of recognition of face and block chain technology vote assessment system |
CN113381991A (en) * | 2021-06-04 | 2021-09-10 | 福州大学 | Electronic voting system and method based on block chain |
Non-Patent Citations (1)
Title |
---|
孙萌;王昀飚;: "基于区块链的可追踪匿名电子投票方案", 网络空间安全, no. 09, 25 September 2019 (2019-09-25), pages 85 - 91 * |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114520728A (en) * | 2022-04-21 | 2022-05-20 | 之江实验室 | Distributed anonymous marking method and system |
CN114520728B (en) * | 2022-04-21 | 2022-08-05 | 之江实验室 | Distributed anonymous marking method and system |
CN114978517A (en) * | 2022-07-27 | 2022-08-30 | 西南石油大学 | Electronic voting method based on intelligent contract and distributed Elgamal algorithm |
CN114978517B (en) * | 2022-07-27 | 2022-10-21 | 西南石油大学 | Electronic voting method based on intelligent contract and distributed Elgamal algorithm |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109523683B (en) | Anonymous electronic voting method based on block chain technology | |
Ateniese et al. | Efficient group signatures without trapdoors | |
Grewal et al. | Du-vote: Remote electronic voting with untrusted computers | |
CN110912705B (en) | Distributed electronic voting method and system based on block chain | |
Damgård et al. | Unclonable group identification | |
KR102187294B1 (en) | System and method for providing secret electronic voting service based on blockchain | |
Au et al. | Compact e-cash from bounded accumulator | |
CN114005217A (en) | Electronic voting system and method based on block chain | |
CN114255034A (en) | Electronic voting method capable of verifying fairness based on block chain | |
CN113381991B (en) | Electronic voting system and method based on block chain | |
CN114866259B (en) | Block chain controlled traceable identity privacy method based on secret sharing | |
Kremer et al. | To du or not to du: A security analysis of du-vote | |
CN110867012A (en) | Method, device and system for de-centering electronic voting based on intelligent contract and storage medium | |
CN110719168B (en) | Hierarchical anonymous voting method based on block chain | |
I͡Ashchenko | Cryptography: An Introduction: An Introduction | |
Simmons | A protocol to provide verifiable proof of identity and unforgeable transaction receipts | |
Xue et al. | ACB-Vote: Efficient, Flexible, and Privacy-Preserving Blockchain-Based Score Voting with Anonymously Convertible Ballots | |
CN112422294B (en) | Anonymous voting method and device based on ring signature, electronic equipment and storage medium | |
Asaar et al. | A Novel Strong Designated Verifier Signature Scheme without Random Oracles | |
CN114677794A (en) | Electronic voting method based on block chain | |
Su et al. | Secure blockchain-based electronic voting mechanism. | |
Huang et al. | Ambiguous optimistic fair exchange: Definition and constructions | |
Lu et al. | Self-tallying e-voting with public traceability based on blockchain | |
Lijuan et al. | Electronic Voting Scheme Based on Blockchain and SM2 Cryptographic Algorithm Zero-Knowledge Proof | |
Sheikhi et al. | Receipt-Free Electronic Voting from zk-SNARK |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |