CN114255034A - Electronic voting method capable of verifying fairness based on block chain - Google Patents

Electronic voting method capable of verifying fairness based on block chain Download PDF

Info

Publication number
CN114255034A
CN114255034A CN202111320678.4A CN202111320678A CN114255034A CN 114255034 A CN114255034 A CN 114255034A CN 202111320678 A CN202111320678 A CN 202111320678A CN 114255034 A CN114255034 A CN 114255034A
Authority
CN
China
Prior art keywords
voter
node
block chain
vote
voting
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111320678.4A
Other languages
Chinese (zh)
Inventor
刘红
雷梦婷
肖云鹏
李暾
贾朝龙
王蓉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chongqing University of Post and Telecommunications
Original Assignee
Chongqing University of Post and Telecommunications
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chongqing University of Post and Telecommunications filed Critical Chongqing University of Post and Telecommunications
Priority to CN202111320678.4A priority Critical patent/CN114255034A/en
Publication of CN114255034A publication Critical patent/CN114255034A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3827Use of message hashing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions

Abstract

The invention belongs to the technical field of computer information security, and particularly relates to an electronic voting method capable of verifying fairness based on a block chain, which comprises the following steps: firstly, determining qualified voters participating in election by collecting registration information of users, and setting basic information of election to initialize election; then the voter encrypts the vote and generates an identity validity and vote validity proof; finally, after the voting in the ciphertext decryption vote counting stage is ended, the system counts vote information from the block chain, determines a final vote counting result and sends the final vote counting result to all interested third parties of the block chain for verification; the invention provides a block chain-based self-counting ticket protocol with verifiable security, which combines the block chain and encryption knowledge for use, thereby not only ensuring the privacy security, but also resisting the problems of fairness defect and replay attack and realizing the verifiable security of election.

Description

Electronic voting method capable of verifying fairness based on block chain
Technical Field
The invention belongs to the technical field of computer information security, and particularly relates to an electronic voting method capable of verifying fairness based on a block chain.
Background
Election and voting provide people with an opportunity to express opinions, and are an indispensable mechanism for people to exercise the rights of the citizens. In recent years, many countries have invested large amounts of money in establishing a trusted voting system. The most major challenge in electronic voting protocols is to achieve two opposing security goals simultaneously: the privacy and verifiability of the vote. To achieve verifiability of the vote counting result and to enhance the voter's invisibility, electronic voting protocols typically employ various encryption techniques.
The advent of blockchain better addresses the shortcomings of internet-based electronic voting, blockchain-based electronic voting protocols are becoming an increasingly important choice to overcome these challenges, and blockchain-supported voting systems are being proposed as next-generation modern electronic voting systems. In a blockchain, different blocks are linked by encryption and hashing algorithms to form a blockchain. Each block contains the collision-resistant hash, transaction record, and timestamp of the previous block. Once the data is recorded, the data cannot be tampered with. This approach ensures the persistency and verifiability of data records in the ledger.
Due to the rapid development of the blockchain, the current blockchain technology has already been developed from a pure technical discussion to an application landing stage. Many on-line voting systems based on block chains are proposed in succession, and the current schemes are roughly divided into two categories: (1) a ticket counting mechanism is required: although these schemes use the tamper resistance of the block chain to record the vote, they still rely on trusted authority tallying. (2) Self-counting ticket system: any entity can verify all votes and compute the final result. However, many current self-counting ticket systems are based on bulletin boards and cannot resist attacks of tampering or ticket deletion by adversaries. In addition, some schemes can not guarantee the fairness and the safety of elections to be verifiable although the schemes realize self-counting tickets.
McCorry et al propose a distributed electronic voting protocol with self-ticketing and maximize the protection of voters' privacy in conjunction with the blockchain. But there is no way to completely solve the fairness deficiency and replay attacks and it incurs significant overhead.
Disclosure of Invention
In order to solve the problems in the prior art, the invention provides an electronic voting method capable of verifying fairness based on a block chain, which comprises the following steps:
acquiring each node in a block chain network, and dividing each node into a manager node, a voter node and a voter node;
the voter node sends election information to the manager node, the manager node deploys an intelligent contract after receiving the election information, and initiates an election request to the block chain;
the voter node registers with the manager, and the registered voter node generates a private key and a public key of the voter node by adopting a key generation algorithm; the voter node generates an asymmetric key by adopting a Paillier encryption algorithm, and processes the asymmetric key by adopting a zero-knowledge proof algorithm to obtain a verification key; the voter node broadcasts the public key to the block chain network, and the voter node broadcasts the verification key to the block chain network;
the voter node encrypts voting information by adopting a public key and generates an identity validity certificate and a vote validity certificate; the voter node uploads the encrypted voting information, the identity validity certificate and the vote validity certificate to a block chain;
the block chain node verifies the identity validity of the voter node, if the identity of the voter node is illegal, the voting information of the voter node is invalid, and the voter node resends the identity information to the manager node for registration; if the voter node identity is legal, the vote validity is verified, if the vote is invalid, the vote is deleted, and if the vote is valid, all the collected legal votes are packed into blocks by the block link nodes;
the voter node acquires the packed blocks from the block chain, decrypts the data in the blocks, and counts the decrypted data to obtain the voting results of all the voter nodes; and verifying the voting result, if the voting result is correct, the voting is valid, and if the voting result is wrong, the voting is invalid.
Preferably, the election information of the voter node includes candidate name information, identity information and candidate profile information, and the voter list is constructed according to the set election information.
Preferably, the deployed intelligent contracts include: cryptographic contracts and anonymous voting contracts; the cryptographic contract contains a zero knowledge proof of creation and verification code; an anonymous voting contract contains the logic of a voting agreement.
Preferably, the process of initiating the session to the manager node includes: setting a registration deposit, a registration problem and a timer list; wherein the time information in the timer list satisfies TfRegister<TbElection< TfCommit;TfRegisterIndicates the time, T, when all voter nodes complete registration in the management nodebElectionIndicating that the voting initiator informs the Etherhouse to enter the voting phase, TfCommitIndicating the time at which all voter nodes complete the vote.
Preferably, the process of generating the private key and the public key of the voter node by using the key generation algorithm includes: each voter uses the ID as an identity and a key generation function GenKey (1)λID) generating the private key SKIDComputing to obtain the public key PK based on the anti-collision Hash functionID=H(SKID) And distribute it to the blockchain bulletin board.
Preferably, the process of generating the asymmetric key by the voter node by using the Paillier encryption algorithm includes: randomly selecting two encryption parameters which ensure that the Paillier cryptosystem is semantically safe, wherein the encryption parameters are a first encryption parameter p and a second encryption parameter q; setting a public key PK (n, g) and a private key SK (lambda, mu) according to the encryption parameters; where n denotes a first public key parameter, and n is a product n of two encryption parameters p and qpq; λ represents a first private key parameter, and λ is the least common multiple value λ of p-1 and q-1 ═ lcm (p-1, q-1), lcm representing the least common multiple function; g represents a second public key parameter, and g is a randomly selected integer; μ denotes a second private key parameter, and μ ═ g ((g)λmod n2-1)/n)-1mod n, mod represents the remainder function.
Further, the first encryption parameter p and the second encryption parameter q randomly selected by the voter node satisfy the screening condition, which is:
gcd(pq,(p-1)(q-1))=1
wherein, gcd represents the greatest common divisor, p represents the first encryption parameter, and q represents the second encryption parameter.
Preferably, the process of encrypting the voting information by the voter node using the public key includes:
step 1: voter node selects corresponding candidate CiGenerating Balloti=(ViC1,…,ViCj);
Step 2: the vote is encrypted by a vote encryption algorithm to obtain an encrypted vote E (Ballot)i) Uploading the encrypted ballot to a block chain;
and step 3: the voter node according to its public key pkIDAnd constructing a path vector path by adopting a GetMerkLePath function in the voter set; proving that the voter node belongs to a qualified voter list according to the path vector path;
and 4, step 4: the voter node generates a random number by using a cryptology secure pseudorandom algorithm, and uses an anti-collision Hash function H, namely sn ← H (sk)ID) The voting is prevented from being repeated or tampered so as to ensure the uniqueness of the election.
Preferably, the process of verifying the identity validity of the voter node by the block link node comprises: verifying the submitted vote information by the block chain link points, and adding votes to the block chain nodes after the verification is passed; leaf nodes in the constructed Merkle tree structure are only used for encrypting votes, and the change of the leaf data is gradually and upwards transmitted to a father node until the root node of the Merkle tree causes the hash value of the root node to change; when the newly generated Merkle root is the same as the initial root, the voting qualification is met, otherwise, an error is made; verifying the submitted votes by the block chain nodes, and checking whether repeated votes exist through the serial numbers; when the verification sn exists, the transaction is stopped; if sn is unique, then the certificate is encrypted for certification and the vote is issued to the blockchain bulletin board next.
Preferably, the process of decrypting the data in the block includes: in the process of counting tickets, the block chain automatically calls an intelligent contract to decrypt the flow of counting tickets; firstly, acquiring information blocks M of all encrypted votes on a block chain, and acquiring a decryption result by using a paillier decryption algorithm under the condition that all votes are verified to be legal; the candidate C can be obtained by using the private key (lambda, mu) for decryptionjThe total number of tickets; repeatedly calling the decryption algorithm to obtain the votes (T) of all candidates1,T2,…,Tm) (ii) a Candidate CjThe formula for the total number of votes in (1) is:
Tj=Dec(Enc(Cj))=V1Cj+V2Cj+…+VnCj
wherein, TjDenotes the number of votes for the jth candidate, Dec () denotes the decryption function, Enc () denotes the encryption function, CjRepresents the jth candidate, VnRepresenting the nth voter node.
The invention has the beneficial effects that:
election is fairer: the invention constructs the Merkle tree by utilizing a non-interactive zero-knowledge proof algorithm, and guarantees the validity of voter identity and vote validity through the anti-collision property of a hash function and the uniqueness of a random number.
The communication overhead is small: the Paillier encryption is utilized to realize the homomorphic encryption of the votes, only the final ciphertext sum needs to be decrypted, and all ciphertext sums do not need to be decrypted, so that the communication overhead is reduced.
Decentralization: by utilizing a decentralized architecture design election scheme of a block chain, under the condition of ensuring anonymity of voter identity and uniqueness of votes, universal verifiability of election is met.
Drawings
FIG. 1 is a block chain based electronic voting scheme framework diagram of the present invention;
FIG. 2 shows a block chain structure according to the present invention;
FIG. 3 is a diagram of a user zero knowledge proof interaction of the present invention;
fig. 4 is a diagram of an example vote encryption of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be described clearly and completely with reference to the accompanying drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
An electronic voting method for verifiable fairness based on blockchains, the method comprising:
acquiring each node in a block chain network, and dividing each node into a manager node, a voter node and a voter node;
the voter node sends election information to the manager node, the manager node deploys an intelligent contract after receiving the election information, and initiates an election request to the block chain;
the voter node registers with the manager, and the registered voter node generates a private key and a public key of the voter node by adopting a key generation algorithm; the voter node generates an asymmetric key by adopting a Paillier encryption algorithm, and processes the asymmetric key by adopting a zero-knowledge proof algorithm to obtain a verification key; the voter node broadcasts the public key to the block chain network, and the voter node broadcasts the verification key to the block chain network;
the voter node encrypts voting information by adopting a public key and generates an identity validity certificate and a vote validity certificate; the voter node uploads the encrypted voting information, the identity validity certificate and the vote validity certificate to a block chain;
the block chain node verifies the identity validity of the voter node, if the identity of the voter node is illegal, the voting information of the voter node is invalid, and the voter node resends the identity information to the manager node for registration; if the voter node identity is legal, the vote validity is verified, if the vote is invalid, the vote is deleted, and if the vote is valid, all the collected legal votes are packed into blocks by the block link nodes;
the voter node acquires the packed blocks from the block chain, decrypts the data in the blocks, and counts the decrypted data to obtain the voting results of all the voter nodes; and verifying the voting result, if the voting result is correct, the voting is valid, and if the voting result is wrong, the voting is invalid.
Fig. 1 shows an overall frame diagram of the present invention. The system model mainly includes two entities, namely a user entity and a block chain entity. Firstly, an initialization phase: the voter generates a key pair for verifying the identity, sends a public key to the block chain, and the voting initiator constructs a Merkle tree required by the election according to the public key. In the encryption stage, the vote is encrypted by using the encryption key, the identity legality and the vote validity proof are generated at the same time, and the complete transaction information is sent to the block chain. And finally, packing the legal votes collected within a specified time into blocks, counting the total number of votes from the block chain by the system after the voting is ended, and publishing a final result. The structure of the blockchain network is shown in fig. 2.
The invention mainly comprises the following three steps:
s1: and (5) an initialization phase. And the voter calls a key generation algorithm to generate a private key of the voter, and a public key is generated according to the collision-resistant Hash function and the ID. The voting initiator calls a Paillier encryption algorithm to generate an asymmetric key, calls a zero-knowledge proof algorithm to generate a proof key, and uploads the public key and the verification key to a block chain only.
S2: and (4) an encryption certification stage. The voter encrypts the vote, generates an identity legality and vote validity certificate and sends the transaction information to the block chain. The block chain node firstly verifies the validity of the identity, verifies the validity of the votes, and then packs the legal votes collected within a specified time into blocks.
S3: and (6) decrypting the counting ticket. After the voting is ended, the system counts the total votes of all the candidates from the block chain, and publishes the result to verify all the candidates.
The initialization stage is mainly divided into the following 3 steps:
s11: and (5) initializing elections. The voting initiator sets election information, deploys intelligent contracts, and sets registration deposit, registration questions and timer lists. Three parameters are mainly contained in the whole protocol, and the election process is carried out at TfRegister<TbElection<TfCommitIs carried out under the condition of (1); t isfRegisterIndicates the time, T, when all voter nodes complete registration in the management nodebElectionIndicating that the poll initiator notifies the Etherhouse virtual machine to enter the voting stage, TfCommitIndicating the time at which all voter nodes complete the vote.
A common reference string model. As shown in fig. 3, the zero knowledge proof (zk-SNARK) uses a common reference character string model CRS to implement a non-interactive zero knowledge proof, and processes and discloses the verification parameters. The voting initiator determines a finite group of generator g and order n, known as A (x), B (x), C (x), and d, the highest order of the polynomial is d, and randomly selects an element k and random parameters alpha, beta in the finite group123And calculating to generate CRS, and writing the CRS into the block chain and publishing the CRS. Definition s ═ 1, V1,V2,…,Vn,path,rt]In which V isiRepresents the input root node, i.e. voter node, path is the path, rt represents the output, i.e. root node, and s represents the set of all variables in a set of vector-defining arithmetic circuits. For each gate, there is a set of vectors (a, b, c) such that s · a × s · b-s · c is 0, which is defined for convenience of representation
Figure BDA0003345031950000071
Wherein, E (k)d) Representing a pairing function of an elliptic curve, d representing the highest order of a polynomial as d, T (k) tableThe target polynomial may be a combination of integer divisible polynomials, betaaA value obtained by calculating a pair of information β possessed by the prover and α generated by the verification. k, alpha, betaabcAll are random parameters, (a, b, c) are vector groups, and the polynomial a (k) can be obtained by taking each coefficient in the vector group as the result of a polynomial, wherein k is an element randomly selected in a finite group.
S12: a key is generated. The voter generates a key pair and issues the public key to the blockchain. The election administrator generates the key pair required for the vote and publishes the public key and the authentication key. The invention mainly applies a Paillier encryption algorithm. The method is mainly used for encrypting votes and performing homomorphic calculation. The main key generation stage is as follows: two encryption parameters which make the Paillier cryptosystem semantically safe are randomly selected, the first encryption parameter p and the second encryption parameter q are respectively used for ensuring that repeated encryption of given plaintext generates different ciphertexts, plaintext attack is prevented, p and q meet the maximum common divisor gcd (pq, (p-1) (q-1)) ═ 1, a public key PK (n, g) is set according to the encryption parameters, and a private key SK (lambda, mu) is set. Wherein gcd denotes a greatest common divisor, n denotes a first public key parameter, and n is a product of two encryption parameters p and q, n being pq, λ denotes a first private key parameter, and λ is a least common multiple value of p-1 and q-1, λ being lcm (p-1, q-1), lcm denotes a least common divisor, g denotes a second public key parameter, and g is a randomly selected integer
Figure BDA0003345031950000081
And satisfies the order of n integer divided by g, μ denotes a second private key parameter, and μ ═ g ((g)λmod n2-1)/n)-1mod n, mod represents the remainder function. The Paillier encryption algorithm can therefore be formalized as PE ═ (Gen, Enc, Dec), specifically: the key generation algorithm: (PK, SK) ← pe.gen (p, q): inputting two large prime numbers, and outputting a public key PK and a private key SK, wherein PE represents a paliier encryption algorithm, Gen represents a generation algorithm, Enc represents an encryption algorithm, and Dec represents a decryption algorithm. c ← PEPK(m): encryption algorithm, i.e. inputting a plaintext message m, outputting a ciphertext c, where c ═ rngmmod n2Wherein r isnIndicating that the encrypted random number is encrypted. m ← PE.DecSK(c) The method comprises the following steps Decryption algorithm, i.e. inputting ciphertext c, outputting plaintext message m, where m ═ d (c) L (c)λmod n2) μ mod n, where L represents a custom function, cλIndicating decryption of the ciphertext c.
S13: and constructing a list of voters. The set of public keys pk submitted in step S12 is collectedID1,pkID2,…,pkIDnConstructing a voter list pklist according to the collected public keys, generating a tree root rt through a Merkle tree, and initializing election information to indicate that the election starts; wherein the candidate is a voter node in the text.
The encrypted certification phase of step S2 is divided into the following 3 steps, including:
the encrypted certification phase is mainly divided into three phases: in a first stage, a user constructs an encrypted ballot. And in the second stage, the user proves the identity legality and the vote validity according to a non-interactive zero-knowledge proof algorithm. And in the third stage, the block chain link point verifies the vote certificate and sends legal transaction information to the block chain. And generating identity validity and vote validity proof writing block chains by using the votes encrypted by the Paillier algorithm and the zk-SNARK algorithm.
S21: the ballot is encrypted. After the election begins, the voter within the pklist must encrypt the ballot and complete the vote before the vote deadline is submitted. And the voter logs in at the terminal by using the Etheng account. As shown in FIG. 4, the voter selects the corresponding candidate CiThen generates Balloti=(ViC1,…,ViCj). The vote is encrypted by calling a vote encryption algorithm of a Paillier encryption system to obtain E (Ballot)i) And published to the blockchain. The encryption case is as follows:
Figure BDA0003345031950000091
wherein, E (V)nCj) Vote information, V, representing the vote voted by the nth voter for the jth candidatenDenotes the nth voter node, CjRepresenting the jth candidate, r is an encrypted random number and satisfies 0 < r < n, r belongs to G, the public key of the paillier algorithm is (n, G), Gmrnmod n2Indicating that the plaintext m is encrypted.
S22: a proof is generated. The uniqueness of the ballot is realized by constructing identity legality and valid ballot certification.
S221: and (5) identity legality proof. Proving that the user belongs to the voter set pklist. User utilizes his pk through GetMerklePath functionIDPath vector with existing pklist construction tree, path ← GetMerklePath (pk)IDPklist). Then, the obtained path voter construction tree root is used for proving that the path voter construction tree root belongs to a qualified voter list, namely rt ← MerkleTree (pk)IDPath). The voter reads the parameter CRS on the block chain to calculate and generate proofV by using the homomorphism property of the elliptic curveiFormalization is defined as follows:
Figure BDA0003345031950000092
wherein k is a random element in a finite group, and polynomials A (k), B (k), C (k), and H (k) are { k }nAnd n is a linear combination of (1,2,3, …, n) }, and is mapped according to homomorphic properties, the coefficient polynomial vectors a (k), b (k), and c (k) are the problem itself to be solved, the solution vector h (k) represents the response sent by the voter, and k is the verification point to be verified.
S222: and (5) verifying the validity of the vote. A random number is generated using a cryptographically secure pseudorandom algorithm. Using collision-resistant hash function H, sn ← H (sk)ID). Preventing duplication or tampering with the vote thereby ensuring the uniqueness of the election. After the end, the vote information block M is divided intoiAnd issuing to the block chain to complete voting: mi=E(CT,proofViSn); wherein M isiVote information representing ith voter, CT representing encrypted ciphertext, proofViRepresenting vote proof, sn represents a random number.
S23: and verifying the block chain node. And on the basis of the verification of S221 and S222, verifying the submitted vote information by the block chain link points, and adding the votes to the block chain nodes after the verification is passed. In the constructed Merkle tree structure, the leaf nodes are only used for encrypting votes, and any change of the leaf nodes is gradually transmitted upwards to the father node until the root node of the Merkle tree causes the hash value of the root node to change. When the newly generated Merkle root is the same as the original root, the voting qualification is satisfied, otherwise, an error is made. The block chain link points verify the submitted votes and check whether repeated votes exist through the serial numbers. When the verification sn exists, the transaction is stopped; if sn is unique, the encrypted proof is first verified and the vote is second issued to the blockchain bulletin board. Wherein the vote proof is formalized as:
Figure BDA0003345031950000101
wherein sn represents a random number for determining whether the vote is unique, rt is the root of the Merkle tree for determining whether the identity of the voter is legal, sn 'represents a verified random number, and rt' represents the root of the verified Merkle tree.
The decryption certification of step S3 is divided into the following steps, including:
the decryption proves that self-counting of tickets is realized through an intelligent contract, and the method mainly comprises three stages: in the first stage, the system calculates the election result according to the addition homomorphism property of the Paillier algorithm. And in the second stage, generating a decryption certificate to verify the ticket counting result by any interested third party. And the third stage, verifying whether the ticket counting result is correct.
S31: and (6) decrypting the counting ticket. The vote is expressed in that after the vote counting time begins after the election is finished, the system calls the intelligent contract to directly decrypt the ciphertext sum according to the homomorphic algorithm. At no need to know V1And V2In the case of (1), by applying the ciphertext E (V)1) And E (V)2) Operation is carried out to obtain ciphertext sum E (V)1+V2) I.e. C (E (V)1),E(V2))= E(V1+V2) Wherein C represents any operator, and the user with the private key decrypts the operator to obtain the true brightText value. Knowing all the ciphertext sums, the plaintext sum, i.e. M, is obtained by a decryption algorithmsum←Dec(SK,CTsum) (ii) a Wherein M issumClear text sum, CT, representing ballotsumRepresenting the ciphertext sum. At the moment, only the ciphertext sum needs to be decrypted, and all the ciphertexts do not need to be decrypted and summed, so that the ticket counting efficiency is improved, the calculation overhead during decryption is reduced, and meanwhile, the relevant information of the voter is protected. The homomorphic relationship is satisfied as follows:
Enc(Vi).Enc(Vj)=Enc(Vi+Vj)
Dec(CTi)+Dec(CTj)=Dec(CTi+CTi)
wherein Enc (V)i) Indicating encryption of ballot Vi, Enc (V)j) Indicating encryption of ballot Vj, Enc (V)i+Vj) Indicating that the plaintext sum is encrypted.
And (3) obtaining the total vote number by utilizing the addition homomorphism property of the Paillier algorithm and simultaneously using a private key for decryption, and publishing an election result:
Tsum=D(E(Cj))=V1Cj+V2Cj+…+VnCj
wherein, TsumRepresenting the number of votes obtained by the candidate j, D representing the decryption process, E (C)j) An encrypted vote representing candidate j.
S32: and generating a decryption proof. And generating a decryption proof corresponding to the ciphertext sum according to a decryption proof algorithm, and ensuring that the ciphertext without any error is connected to the decryption proof.
S33: decryption may be verified. After the ticket counting result is published, any entity can verify the ticket counting result. If the decryption result and proof v are valid, 1 is returned, otherwise 0 is returned, i.e. 0/1 ← Verify _ Dec (M)sum,CTsumV); where Verify _ Dec denotes verifiable decryption, MsumIndicating vote decryption sum, CTsumRepresents an encryption sum, v represents a decryption proof; the formalized definition of the decryption result is:
e(v,H)=e(CT,VK)
wherein e represents bilinear mapping, v represents decryption proof, H represents generator of cyclic group in bilinear mapping, CT represents encrypted ciphertext block, and VK represents verification key.
The above-mentioned embodiments, which further illustrate the objects, technical solutions and advantages of the present invention, should be understood that the above-mentioned embodiments are only preferred embodiments of the present invention, and should not be construed as limiting the present invention, and any modifications, equivalent substitutions, improvements, etc. made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (9)

1. An electronic voting method capable of verifying fairness based on a block chain, comprising:
acquiring each node in a block chain network, and dividing each node into a manager node, a voter node and a voter node;
the voter node sends election information to the manager node, and the manager node deploys an intelligent contract after receiving the election information and initiates an election request to the block chain;
the voter node registers with the manager, and the registered voter node generates a private key and a public key of the voter node by adopting a key generation algorithm; the voter node generates an asymmetric key by adopting a Paillier encryption algorithm, and processes the asymmetric key by adopting a zero-knowledge proof algorithm to obtain a verification key; the voter node broadcasts the public key to the blockchain network, and the voter node broadcasts the verification key to the blockchain network;
the voter node encrypts voting information by adopting a public key and generates an identity validity certificate and a vote validity certificate; the voter node uploads the encrypted voting information, the identity validity certificate and the vote validity certificate to a block chain;
the block chain node verifies the identity validity of the voter node, if the identity of the voter node is illegal, the voting information of the voter node is invalid, and the voter node resends the identity information to the manager node for registration; if the voter node identity is legal, the vote validity is verified, if the vote is invalid, the vote is deleted, and if the vote is valid, all the collected legal votes are packed into blocks by the block link nodes;
the voter node acquires the packed blocks from the block chain, decrypts the data in the blocks, and counts the decrypted data to obtain the voting results of all the voter nodes; and verifying the voting result, if the voting result is correct, the voting is valid, and if the voting result is wrong, the voting is invalid.
2. The blockchain-based electronic voting method for verifiable fairness according to claim 1, wherein the election information of the voter nodes includes candidate name information, identity information, and candidate profile information, and the voter list is constructed according to the set election information.
3. The blockchain-based verifiable fairness electronic voting method of claim 1, wherein the deployed intelligent contracts comprise: cryptographic contracts and anonymous voting contracts; the cryptographic contract contains a zero knowledge proof of creation and verification code; an anonymous voting contract contains the logic of a voting agreement.
4. The electronic voting method based on block chain verifiable fairness of claim 1, wherein the process of the voter nodes generating their private and public keys by using the key generation algorithm comprises: using ID information of each voter as an identity, generating a function GenKey (1)λID) generating the private key SKID(ii) a Processing the private key by adopting a hash function based on collision resistance to obtain a public key PKID=H(SKID) The public key is issued to a block chain bulletin board; wherein, GenKey represents a key generation function, lambda represents a safety parameter, and H represents a function based on anti-collision hash.
5. The blockchain-based verifiable fairness electronic drop switch of claim 1The ticket method is characterized in that the process that the voter node generates the asymmetric key by adopting the Paillier encryption algorithm comprises the following steps: randomly selecting two encryption parameters which ensure that the Paillier cryptosystem is semantically safe, wherein the encryption parameters are a first encryption parameter p and a second encryption parameter q; setting a public key PK (n, g) and a private key SK (lambda, mu) according to the encryption parameters; wherein n represents a first public key parameter, and n is a product n ═ pq of two encryption parameters p and q; λ denotes a first private key parameter, and λ is the least common multiple value of p-1 and q-1 λ ═ lcm (p-1, q-1), lcm denotes the least common multiple function; g represents a second public key parameter, and g is a randomly selected integer; μ denotes a second private key parameter, and μ ═ g ((g)λmodn2-1)/n)-1mod n, mod represents the remainder function.
6. The electronic voting method capable of verifying fairness based on block chains according to claim 5, wherein the first encryption parameter p and the second encryption parameter q randomly selected by the voter node satisfy the condition of screening:
gcd(pq,(p-1)(q-1))=1
wherein, gcd represents the greatest common divisor, p represents the first encryption parameter, and q represents the second encryption parameter.
7. The electronic voting method based on the blockchain verifiable fairness of claim 1, wherein the process of the voter nodes encrypting the voting information by using the public key comprises:
step 1: voter node selects corresponding candidate CiGenerating Balloti=(ViC1,…,ViCj) (ii) a Wherein, CjRepresents the jth candidate; viRepresenting the ith voter node;
step 2: the vote is encrypted by a vote encryption algorithm to obtain an encrypted vote E (Ballot)i) Uploading the encrypted ballot to a block chain;
and step 3: the voter node according to its public key pkIDGetMe is adopted in the voter setConstructing a path vector path by an rklePath function; proving that the voter node belongs to a qualified voter list according to the path vector path;
and 4, step 4: the voter node generates a random number by using a cryptology security pseudorandom algorithm and uses a collision-resistant hash function H, namely sn ← H (sk)ID) Duplicate or falsification of votes is prevented to ensure uniqueness of the election, where sn represents a random number.
8. The electronic voting method based on block chain fairness verifiable according to claim 1, wherein the process of the block chain node verifying the validity of the voter node identity comprises: verifying the submitted vote information by the block chain link points, and adding votes to the block chain nodes after the verification is passed; leaf nodes in the constructed Merkle tree structure are only used for encrypting votes, and the change of the leaf data is gradually and upwards transmitted to a father node until the root node of the Merkle tree causes the hash value of the root node to change; when the newly generated Merkle tree root is the same as the initial tree root, the voting qualification is met, otherwise, an error is made; verifying the votes submitted by the block link points, and checking whether repeated votes exist through the serial numbers; when the verification sn exists, the transaction is stopped; if sn is unique, then the certificate is certified encrypted and the vote is issued next to the blockchain bulletin board.
9. The electronic voting method based on block chain verifiable fairness of claim 1, wherein the decryption process of the data in the block comprises: in the process of counting tickets, the block chain automatically calls an intelligent contract to decrypt the flow of counting tickets; firstly, acquiring information blocks M of all encrypted votes on a block chain, and acquiring a decryption result by using a paillier decryption algorithm under the condition that all votes are verified to be legal; the candidate C can be obtained by using the private key (lambda, mu) for decryptionjThe total number of tickets; the decryption algorithm is called repeatedly to obtain the ticket number (T) of all the candidates1,T2,…,Tm) (ii) a Candidate CjThe formula for the total number of votes in (1) is:
Tj=Dec(Enc(Cj))=V1Cj+V2Cj+…+VnCj
wherein, TjDenotes the number of votes for the jth candidate, Dec () denotes the decryption function, Enc () denotes the encryption function, CjRepresents the jth candidate, VnRepresenting the nth voter node.
CN202111320678.4A 2021-11-09 2021-11-09 Electronic voting method capable of verifying fairness based on block chain Pending CN114255034A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111320678.4A CN114255034A (en) 2021-11-09 2021-11-09 Electronic voting method capable of verifying fairness based on block chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111320678.4A CN114255034A (en) 2021-11-09 2021-11-09 Electronic voting method capable of verifying fairness based on block chain

Publications (1)

Publication Number Publication Date
CN114255034A true CN114255034A (en) 2022-03-29

Family

ID=80792338

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111320678.4A Pending CN114255034A (en) 2021-11-09 2021-11-09 Electronic voting method capable of verifying fairness based on block chain

Country Status (1)

Country Link
CN (1) CN114255034A (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114978517A (en) * 2022-07-27 2022-08-30 西南石油大学 Electronic voting method based on intelligent contract and distributed Elgamal algorithm
CN115147976A (en) * 2022-06-28 2022-10-04 肖峻峰 Voting method and system based on block chain decentralization
CN115314352A (en) * 2022-07-27 2022-11-08 北京航空航天大学 Privacy-enhanced fair block chain leader election method and device
CN115442044A (en) * 2022-05-25 2022-12-06 北京航空航天大学 Efficient secret election method and device based on linkable ring signature
CN116743349A (en) * 2023-08-14 2023-09-12 数据空间研究院 Paillier ciphertext summation method, system, device and storage medium
CN115473642B (en) * 2022-08-01 2024-04-30 湖北工业大学 Block chain time lock encryption electronic voting system and method capable of supervising malicious voting

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115442044A (en) * 2022-05-25 2022-12-06 北京航空航天大学 Efficient secret election method and device based on linkable ring signature
CN115147976A (en) * 2022-06-28 2022-10-04 肖峻峰 Voting method and system based on block chain decentralization
CN114978517A (en) * 2022-07-27 2022-08-30 西南石油大学 Electronic voting method based on intelligent contract and distributed Elgamal algorithm
CN114978517B (en) * 2022-07-27 2022-10-21 西南石油大学 Electronic voting method based on intelligent contract and distributed Elgamal algorithm
CN115314352A (en) * 2022-07-27 2022-11-08 北京航空航天大学 Privacy-enhanced fair block chain leader election method and device
CN115314352B (en) * 2022-07-27 2023-12-12 北京航空航天大学 Privacy-enhanced fair blockchain leader election method and device
CN115473642B (en) * 2022-08-01 2024-04-30 湖北工业大学 Block chain time lock encryption electronic voting system and method capable of supervising malicious voting
CN116743349A (en) * 2023-08-14 2023-09-12 数据空间研究院 Paillier ciphertext summation method, system, device and storage medium
CN116743349B (en) * 2023-08-14 2023-10-13 数据空间研究院 Paillier ciphertext summation method, system, device and storage medium

Similar Documents

Publication Publication Date Title
CN110224993B (en) Responsibility pursuing anonymous electronic voting method and system based on block chain
CN110391911B (en) System and method for anonymously voting block chain
CN114255034A (en) Electronic voting method capable of verifying fairness based on block chain
Chow et al. Robust Receipt-Free Election System with Ballot Secrecy and Verifiability.
Juang et al. A secure and practical electronic voting scheme for real world environments
Kumar et al. A secure end-to-end verifiable internet-voting system using identity-based blind signature
Killer et al. Provotum: A blockchain-based and end-to-end verifiable remote electronic voting system
Grontas et al. Towards everlasting privacy and efficient coercion resistance in remote electronic voting
Sebé et al. Simple and efficient hash-based verifiable mixing for remote electronic voting
Nguyen Thi et al. Enhanced security in internet voting protocol using blind signatures and dynamic ballots
CN111612961B (en) Electronic voting method for encrypting voter vote information
Huang et al. P 2 OFE: Privacy-preserving optimistic fair exchange of digital signatures
Ryabko et al. Basics of contemporary cryptography for IT practitioners
Kohlweiss et al. Accountable metadata-hiding escrow: A group signature case study
WO2001020562A2 (en) Multiway election method and apparatus
Arun et al. Short-lived zero-knowledge proofs and signatures
Hu et al. Identity-preserving public integrity checking with dynamic groups for cloud storage
Killer et al. Æternum: A decentralized voting system with unconditional privacy
Zwierko et al. A light-weight e-voting system with distributed trust
KR100362603B1 (en) An Electronic Voting Method
CN114677794A (en) Electronic voting method based on block chain
Haghighat et al. An efficient and provably-secure coercion-resistant e-voting protocol
Syta et al. Deniable anonymous group authentication
Huang et al. How to protect privacy in Optimistic Fair Exchange of digital signatures
Sheikhi et al. Receipt-Free Electronic Voting from zk-SNARK

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination