GB2417352A - Electronic voting method - Google Patents

Electronic voting method Download PDF

Info

Publication number
GB2417352A
GB2417352A GB0418505A GB0418505A GB2417352A GB 2417352 A GB2417352 A GB 2417352A GB 0418505 A GB0418505 A GB 0418505A GB 0418505 A GB0418505 A GB 0418505A GB 2417352 A GB2417352 A GB 2417352A
Authority
GB
United Kingdom
Prior art keywords
voter
voting
electronic
receipt
eds
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
GB0418505A
Other versions
GB0418505D0 (en
GB2417352B (en
Inventor
Nikolai Alexandrovich Nikishin
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
JOINT STOCK Co INFOTECS
Original Assignee
JOINT STOCK Co INFOTECS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by JOINT STOCK Co INFOTECS filed Critical JOINT STOCK Co INFOTECS
Priority to GB0418505A priority Critical patent/GB2417352B/en
Publication of GB0418505D0 publication Critical patent/GB0418505D0/en
Publication of GB2417352A publication Critical patent/GB2417352A/en
Application granted granted Critical
Publication of GB2417352B publication Critical patent/GB2417352B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C13/00Voting apparatus

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

An electronic voting method which improves reliability of voting results by preventing abuse by each of the parties in the voting process. The method uses network-coupled computer equipment installed at the voters' and at the voting station for the election manager. To cast a vote, a voter completes an electronic voting ballot, signs the ballot with the voter's electronic digital signature (EDS) and sends the ballot to the voting station. After verifying the EDS at the ballot, a receipt signed by the election manager's EDS is sent to the voter from the voting station. The receipt contains the voter's full name, voting result and assigned unique personal identifier (UPI). The voter responds by sending an acknowledgement signed with the voter's EDS to confirm correctness of the information contained in the receipt. Two registers are generated: a register of electronic voting results with an indication of voter's UPIs, and a register of names of the voters having taken part in the electronic voting. Both registers are published after closing the voting.

Description

24 1 7352
ELECTRONIC VOTING METHOD
Field of the Invention
The present invention relates to electronic voting methods and is suitable for collecting and recording data and for processing the results of electronic voting conducted both in a local network or as on-line voting, e.g. over the Internet channels.
Background of the Invention
A known electronic voting method uses a local voting system including several identical polling booths, a set of electronic keys (identifiers) and a computer (standard PC).
Each of the polling booths comprises a voting terminal. All of the voting terminals are coupled in a network with the PC. The individual electronic key serves to identify voters and is issued to every voter (permanently or for the election period). The computer memory stores a look-up table of voters' codes and names.
The voting terminal includes an apparatus for reading information from electronic keys and "AFFIRMATIVE", "NEGATIVE" and "ABSTAINED" buttons, a display, a control microcontroller and a communication interface to communicate with the computer. In addition, a digital keyboard can be connected to the voting terminal to enable "blanket" or preferential voting. In this case, a printed correspondence table of numbers and candidates should be provided in the polling booth. (See Electronic Voting System with Separate Voting Booths, gol/cabgol.html, print version: gol/cabgolO2.html, dated June 30, 2001) [1].
To cast a vote in accordance with the prior art method, a voter inserts the electronic key into a receptacle in the voting terminal, and the voter's surname, name and patronymics appear on the display. Then the voter takes out the electronic key and presses any one of the "AFFIRMATIVE", "NEGATIVE" and "ABSTAINED" buttons. The display outputs the message: "ACKNOWLEDGE THE SELECTION". After repeated pressure of the same button (e.g. "NEGATIVE"), the following message appears on the display: in the first line: voter's surname and initials, in the second line: "NEGATIVE", and the display goes out in two seconds.
The voting has taken place.
To participate in such a voting, like the traditional voting method using paper voting ballots, a voter must visit the voting place where the elections are conducted. However, the tendency to reduced voting activity of nationals exists in many countries, including Russia. Cases are known when elections were even broken down because the required number of registered voters did not participated in them.
Consequently, there is a pressing need to provide a method for conducting elections, which could facilitate participation of voters by approaching them to the voting place, and thereby increase the number of voters.
As reported at http://www.cnews.ru/news/ebusiness/201/ 03/07/2001030734901.shtml [2], studies of on-line voting peculiarities have been conducted in the U.S.A. from December 1999. The committee involved in the study includes lawyers, high- tech experts and politicians.
The experts have recommended that studies of possible methods of solution of the Internet voting problem should be started as soon as possible. They assert that no simple solutions are possible for the Internet voting problem, because the process is difficult to monitor.
At site: http://www.membrana.ru/articles/interner/2001/12/ 20133400.html [3] it was reported about the first experience of conducting on-line voting in the U.S.A in November 2000, where 84 voters cast votes from abroad.
In several countries on-line elections are already possible, however, the process is predominantly used in business sphere, e.g. to conduct stockholders' meetings or committees of directors.
As known, alternative elections including elections over the Internet were conducted e.g. in Great Britain in order to solve the problem.
The procedure of the Internet voting conducted in Sheffield County from April 26, 2002 to May 2, 2002, was described at site: http://www. votessheffield.com [4].
The most pertinent prior art voting method is a method for electronic voting in a system comprising at least one voting station, a computer equipment of voters and a computer equipment of an election manager at the voting station, the voters' and election manager's computer equipment being coupled to a network, and a software of the computer equipment to provide operating of the system, the method comprising the steps of: prior to starting the electronic voting, generating a database including lists of eligible voters; every voter who wishes to participate in the electronic voting establishing connection, using the computer equipment, over said network to a corresponding voting station, and sending to the election manager at the corresponding voting station a message in a form of an electronic document which indicates the voter's name and reports of a wish to vote at the voting station, after receiving the voter's message of the wish to vote, checking in the database containing the eligible voters lists whether the voter is eligible or not and whether the voter tries to double vote or not, and if the voter is eligible and does not try to double vote, sending a voting ballot in a form of an electronic document from the voting station to the voter.
However, the use of the prior art electronic voting method faces the same problem as the paper ballot voting, namely, the provision of reliable voting results by prevention of abuses and manipulation of voting results.
Actually, in the prior art method a voter has no means to check correctness of counting of the voter's selection.
The prior art electronic voting method is prone to such possible undetectable abuses on the part of the election manager as changing the voter's selection, deleting a voting ballot, voting in the name of a nonvoted voter.
Summary of the Invention
It is the object of the present invention to provide an electronic voting method which would improve reliability of voting results owing to monitoring the voters' results while maintaining secrecy of the voting ballot.
The present invention provides, as the technical result, the ability of detecting the facts of voting result falsification by any of the parties participating in the elections.
The above technical result can be attained by accomplishing a method for electronic voting in a system comprising at least one voting station, a computer equipment of voters and a computer equipment of an election manager at the voting station, said voters' and election manager's computer equipment being coupled to a network, and a software for the computer equipment to provide operating of the system, said method comprising the steps of: prior to starting the electronic voting, generating a database containing lists of eligible voters; every eligible voter who wishes to participate in electronic voting establishing a connection using the computer equipment over said network to a corresponding voting station, and sending a message in a form of an electronic document which indicates a voter's name and reports of a wish to vote to the election manager at the corresponding voting station; after receiving the voter's message reporting of the wish to vote at the voting station, checking in the database comprising the eligible voters lists, whether the voter is eligible or not and whether the voter is trying to double vote or not, and if the voter is eligible and does not try to double vote, sending a voting ballot in a form of an electronic document from the voting station to the voter; wherein in accordance with the present invention: after receiving the voting ballot from the voting station, the voter completing the ballot, signing the ballot with a voter's electronic digital signature (EDS) and sending the ballot in a form of an electronic document to the election manager at the corresponding voting station within a predetermined time; after receiving the voting ballot completed by the voter by the election manager at the voting station, verifying an authenticity of the EDS at the voting ballot in an EDS public key electronic certificate databank, and if a verification result is positive, storing the ballot and assigning a unique personal identifier (UPI), as an alias, to the voted voter, and then sending a receipt in a form of an electronic document signed by the election manager's EDS from the voting station to the voter, the receipt containingthe voter'sfullname,voting result and assigned UPI, and a reminder that the voter should submit to the election manager at the corresponding voting station within a predetermined time an acknowledgement confirming the voter's participation in the voting and correctness of the information presented in the receipt, the voter being further informed that in case of failure to submit said acknowledgement to the election manager at the corresponding voting station within the predetermined time, the receipt provided to the voter will be canceled and the voter's ballot will be invalidated, and the voter will be treated as a non-voted voter eligible to cast a vote with any newly assigned UPI, after receiving the receipt, the voter verifying the authenticity of the EDS at the receipt in the EDS public key electronic certificate databank and correctness of the information presented in the receipt, and in case of absence of errors in a receipt text, sending within a predetermined time to the election manager at the corresponding voting station an acknowledgement in a form of an electronic document signed by the voter's EDS, wherein the voter confirms the voter's participation in the voting and the voting result without an indication how the voter has voted, and confirms correctness of the information contained in the receipt; after receiving the voter's acknowledgement by the election manager at the voting station, verifying the authenticity of the EDS at the acknowledgement in the EDS public key electronic certificate databank, storing the acknowledgement and enabling the voter to store the receipt; otherwise if an error has been detected in the receipt text, the voter reporting of the error to the election manager, and after confirming correctness of the voter's report at the voting station, canceling the receipt sent to the voter and sensing a message in a form of an electronic document signed by the election manager's EDS to the voter, suggesting the voter to cast a vote from the beginning with any newly assigned UPI; entering the voting result of the voter who submitted the acknowledgement confirming correctness of the information in the receipt, into the database in a register of electronic voting s results with indication of the voter's UPI but without an indication of the voter's name; entering the voter's full name into the database in a register of names of voters who have taken part in the electronic voting, and then canceling the ballot completed by the voter, and after closing the voting, publishing the register of electronic voting results with an indication of voters' UPIs, and the register of names of the voters who have taken part in the electronic voting.
In a particular embodiment using the Internet as the network to which the voter and the election manager computer equipment are coupled attains the object of the present invention.
Furthermore, the register of electronic voting results with the indication of voters' UPIs and the register of names of the voters who have taken part in the electronic voting are published upon c losing t he e lections a t a W eb s ite o f t he e lection m anager of the corresponding voting station.
Furthermore, t he s oftware t o p rovide o perating the electronic voting system includes a software such as Web browser and Web server.
Detailed Description of the Invention
To put an electronic voting method in accordance with the present invention in practice, the following technical means are required: 1. Network structure (such as the Internet) to provide transmission of information between any computers coupled to the system. The technical means is generally known; therefore it will not be described in details.
2. Computers coupled to the network structure.
3. Software operating on the basis of "client-server" technique.
Server software is installed at a computer that serves the computers with client software installed. A client software user can interactively communicate with the server within the frames provided by a particular client-server embodiment. In addition, information received by the server from the client is processed at the server in a fashion specified for the server. Information received by the client from the server is processed in a fashion specified for the client.
The client-server t echnique i s w idely k nown a nd d oes n eed t o b e d escribed i n d etails.
Particular software products to be used for operating the system and implementing all of the steps of the electronic voting method comprise a Web browser (as a Web client) included into any one of the following Microsoft operating systems: Windows 95, Windows 98, Windows NT, Windows 2000, Windows ME and Windows XP, while the Web server comprises e.g. IIS (Internet information Server) and Apache software products available from Microsoft and Apache Software Foundation, respectively. Implementation of the invention will be further discussed on the basis of the aforementioned software products, although another client-server embodiments can be used as well.
4. Certified encryption and electronic digital signature (EDS) software to protect the transmitted information from disclosure and falsification.
The electronic digital signature protecting the transmitted documents enables the authorship of electronic document to be established. Furthermore, no changes can be made in a signed document without violation of its EDS authenticity.
Every EDS system user has own secret key for electronic signing and a public key with the aid of which the authenticity of the user's electronic digital signature can be verified. The user stores the secret key confidential, while the public key is made available to all other users of the EDS system.
Every EDS system user can perform the two main acts: (a) certify messages sent by the user with the user's electronic digital signature using the own secret code; (b) verify the authenticity of signature at a message signed by any other EDS system user, using the public key of the other EDS system user.
To perform the above acts, the user has two programs (included in the software associated with EDS use): - a program for signing a message on the basis of the user's secret key; - a program for verifying the EDS at a message signed by any one user on the basis of the public key of the user signed the message; to this end the user should naturally have public keys of all of the users who may send signed messages to the user.
If verification of the EDS at the user's message gives positive result, this means that: - the message is just the one sent by the user, i.e. the message contains neither accidental, nor deliberate changes (electronic digital signature at a message depends on the message, and in case of changing the message, to maintain it valid the EDS must be changed also, but to do it correctly the user's secret key is required); - the user who signed the message cannot refuse the signature at the message, since in any EDS system every user undertakes not to refuse the message if correctness of the signature at a message is verified by the user's public key.
To implement the present invention, an election manager must have public keys of all voters, and all of the voters must have the election manager public key. Further, all of the parties must commit themselves not to refuse own EDS if the verification program returns positive result. Such an agreement is typical between the parties using EDS.
A voter checks whether the message has been sent by the election manager and has not been distorted, using the signature verification program and the election manager public key available to the voter.
If the electronic digital signature verification program returns positive result, this means (as stated in the EDS description) that the message has been generated by the election manager, has not been distorted and the election manager is obliged to acknowledge sending the message when the signed message is publicly presented.
Similarly, the election manager checks whether the message has been sent byj ust the particular voter and has not been distorted, using the signature verification program and the public key of the particular voter available to the election manager.
If the electronic digital signature verification program returns positive result, this means (as stated in the EDS description) that the message has been generated by the voter, has not been distorted and the voter is obliged to acknowledge sending the message when the signed message is publicly presented.
An electronic voting method in accordance with the present invention can be implemented in a system comprising at least one voting station, a computer equipment of voters and a computer equipment of an election manager at the voting station, the voters' and election manager's computer equipment being coupled to a network, and a software for said computer equipment to provide operating of the system according to the client-server technique, and means enabling the use of EDS. Before starting the voting, a database containing lists of eligible voters is generated, the lists being accessible to the election manager. The server part of the voting software is installed at the voting station manager, and the client part is installed at voters.
All of the method steps at the voting station and the voters are accomplished using the server and client software parts, respectively.
Figs.la, lb and to show a flowchart of an electronic voting method in accordance with the present invention, comprising the following steps: Step 1. (Generate and send a voting request). Every voter who wishes to take part in the electronic voting establishes through a computer equipment connection over said network to a corresponding voting station and sends a message in the form of electronic document indicating the voter's name and reporting of the wish to vote to the election manager at the corresponding voting station.
Step 2. (Verify whether the voter is eligible or not). After receiving the voter's message reporting of the wish to vote at the voting station, the database containing eligible voters' lists is checked to determine whether the voter is eligible or not and whether the voter tries to double vote or not.
Step 3. (Terminate). The voting process is terminated with respect to the voter if the verification step determines that the voter is ineligible.
Step 4. (Send electronic ballot to the voter). If at Step 2 the verification returns that the voter is eligible and does not try to double vote, the voting station sends an electronic ballot in the form of electronic document to the voter.
Step 5. (Decide to vote or not). Having received the voting ballot from the voting station, the voter must decide within a predetermined time whether to take part in the voting or not.
Step 6. ( Terminate a fter e xpiration o f a predetermined time). If the voter has failed to send a completed voting ballot to the voting station within the predetermined time, his participation in voting is terminated and the voting ballot is canceled.
Step 7. (Complete and send electronic voting ballot). If at Step 5 the voter decides to cast a vote within the predetermined time, the voter completes the ballot, signs the ballot with the voter's electronic digital signature (EDS) and sends the ballot in the form of electronic document to the election manager at the corresponding voting station.
Step 8. (Verify EDS at the electronic voting ballot). Having received the ballot completed by the voter, the election manager at the voting station verifies the authenticity of the EDS at the ballot in the EDS public key electronic certificate data bank.
Step 9. (Terminate). If the EDS at the voting ballot is invalid, participation of the voter in the voting is terminated.
Step 10. (Store the completed voting ballot, generate UPI and send acknowledgement). If the verification at Step 8 returns positive result, the voting ballot is stored and the voted voter is assigned, as an alias, a unique personal identifier (UPI), then a receipt in the form of electronic document signed by the election manager's EDS is sent to the user from the voting station, the receipt further containing the voter's full name, voting result and assigned UPI, as well as a reminder that the voter should submit an acknowledgement confirming participation in the voting and correctness of the information in the receipt to the election manager at the corresponding voting station within a predetermined time, and the voter is further informed that in case of failure to submit said acknowledgement to the election manager at the corresponding voting station within a predetermined time, the receipt provided to the voter will be canceled, and the voter's ballot will be invalidated, and the voter will be treated as a non-voted voter entitled to cast a vote with any newly assigned UPI.
Step 11. (Verify EDS at the receipt). Having received the receipt from the voting station, the voter verifies the EDS at the receipt in the EDS public key electronic certificate databank, and correctness of the information presented in the receipt.
Step 12. (Decide whether to send acknowledgement or not). The voter should decide within the predetermined time whether to send the acknowledgement to the voting station or not.
Step 13. (Cancel the receipt). The receipt send to the voter is canceled if the voter has failed to submit the acknowledgement to the election manager at the corresponding voting station within the predetermined time, or if the voter has detected an error in the receipt text and reported of the error to the election manager.
Step 14. (Terminate process after expiration of a predetermined time). If at Step 13 the voting ballot of the voter who failed to send said acknowledgement to the election manager at the corresponding voting station within the predetermined time has been recognized invalid, the voter is treated as a non-voted voter eligible to cast a vote with any newly assigned UPI.
Step 15 (Send the acknowledgement) is performed after Step 12.
Step 16 (Verify EDS and store the acknowledgement). After r eceiving b y t he e lection manager the acknowledgement in which the voter confirms participation in the voting and the voting result without indication how the voter has voted, and confirms correctness of the information contained in the receipt, the authenticity of the EDS at the acknowledgement is verified at the voting station in the EDS public key electronic certificate databank, and the acknowledgement of the voter who sent the acknowledgement confirming correctness of the information in the receipt is stored.
Step 17. (Store the receipt). The voter is enabled to store the receipt.
Step 18. (Enter the voter's selection into the voting result register). The voting result of the voter who has sent the acknowledgement confirming correctness of the information presented in the receipt is entered into the database in the electronic voting results register with indication of the voter's UPI, but without the voter's name.
Step 19. (Enter the voter's name into the voted voters register). Full name of the voter is entered into database in the register of names of the voters having taken part in the electronic voting.
Step 20. (Cancel the voting ballot). The ballot completed by the voter whose voting result has been entered in the voting results register is canceled.
Step 21. (Publish the voted voters register and the voting results register). After closing the elections, the register of electronic voting results with indication of voters' UPIs and the register of voters having taken part in the electronic voting are published, said registers being, in particular, published at the election manager's Web site.
Step 22 (End).
In light of the aforementioned, the present invention can be practiced using known means.
In t he following i t w ill b e s hown t hat implementation of the electronic voting method enables the attainment of the technical result and the object of the invention.
Consider possible abuses by a party in the voting process in order to demonstrate how the method enables detecting and proving abuses in the voting process by the opposite party.
As defined in the claims, after closing the elections the election manager publishes two registers: a register of voting results of every voter concealed by the voter's UPI and a register of names of the voters having taken part in the electronic voting.
Note that the two registers unambiguously define the total voting result, and the number of voters in the registers must be the same. This are precisely these two registers that prevent from abuses discussed below.
Possible abuses on the part of election manager To falsify the election results, the election manager should make changes in one or both of the registers.
Falsification of voting results by election manager without changing the register of names of the voters having taken part in the voting Suppose that an election manager wishes to present different voting results as the real voting results without changing the voted voters register, i.e. by changing only the voting results register. To achieve the purpose, the election manager has only the possibilities of: (a) assigning the same UPI to several voters who have voted similarly.
This would enable the election manager to add several imagined results, whatever they be, to the voting results register without changing its format, thereby presenting distorted total voting results.
(b) changing voting results of one or more particular voters without changing their UPIs.
(c) entering new records with invented UPIs.
Consider possibility (a).
In this case the two voters to whom the same UPI has been assigned can publicly present the receipts provided to them and signed by the election manager, wherein different names and identical UPIs are indicated. This will be the irrefutable evidence of violation of the voting rules on the part of the election manager, as the voting rules prohibit repeated UPIs. Thus, the election manager deeds can be revealed in case (a).
Consider possibility (b) If a voter's result has been changed, the voter can find himself/herself by the UPI in the voting results register and compare the result presented in the register with that indicated in the receipt received from the election manager. The voter will see that the result in the published register differs from that in the receipt. The voter can publicly present the receipt signed by the election manager. This will be the irrefutable evidence of abuse by the election manager because the manager's signature confirms that the voting result for the UPI must be different from that presented in the published voting results register. Thus, the election manager deeds can be revealed in case (b).
Consider possibility (c) To enter even a single new record with an invented UPI into the voting results register, the election manager must remove one or more true records from the register as the number of records in the register is equal to the number of records in the voter names register, and the latter register in the case under analysis is supposedly not changed.
But the voter whose UPI has been deleted from the register, will not find his/her UPI in the voting results register. The voter can publicly present the receipt signed by the election manager with indication of the voter's UPI. This will be the irrefutable evidence of abuse by the election manager, since the manager's signature confirms that the UPI was assigned to the voter, hence it must be listed in the voting results register.Thus, the election manager deeds can be revealed in case (c).
Falsification of voting results by election manager by changing the register of voters having taken part in the elections In this case only the following deeds can be performed: (a) Deletion of a voted voter from the register, (b) Addition of a non-voted voter to the register, (c) Addition of a non-existent voter in the register.
Consider case (a) When looking through the register of names of the voters having taken part in the elections, a voted voter will not find own name. In this case the voter can publicly present the receipt signed by the election manager with indication of the voter's name. This will be the irrefutable evidence of abuse of the voting rules by the election manager, as the manager has failed to include in the register of names the voted voter whose voting was certified by the manager's signature.
Consider case (b) When looking through the register of names of the voters having taken part in the elections, a non-voted voter will find own name. The voter can publicly request the election manager to present the voter's acknowledgement signed b y t he v oter. T he m anager c ould n ot present the acknowledgement (since it was not received and could not be falsified due to EDS feature). This will be the irrefutable evidence of abuse of the voting rules by the election manager, since the manager included the non-voted voter in the register of voters having taken part in the elections.
Consider case (c) Presence of a non-existent voter in the published register can be readily revealed by organizational measures without using the electronic signature because every voter must be unambiguously identified.
Therefore, the considered abuses on the manager's part can be irrefutably evidenced.
Possible abuses on the part of voters The reasons for voter's abuse can include e.g. the wish to discredit the election manager and thereby invalidate the election results.
The following abuses on the voter's part are possible: A) A voted voter asserts that he/she has not voted.
B) A voted voter asserts that his/her selection was incorrectly indicated.
C) A non-voted voter asserts that he/she has voted, hence the voting result was not included.
Consider case A Let a voter has voted but asserts that he/she has not and that the election manager counted the voter as having voted. Then the election manager can publicly present the acknowledgement signed by the voter, and this will be the irrefutable evidence of the voter's abuse.
Consider case B If a voter asserts that the election manager has falsified his/her voting result, the election manager can request the voter to present the receipt with the manager's signature with the same UPI. The voter will either refuse this or present the original with the same voting results as indicated in the final voting results register. In both cases the irrefutable evidence of the voter's abuse will be presented.
Consider case C If a voter has not voted but asserts that he/she has voted and that the election manager failed to include him/her in the register of names, the election manager can publicly request the voter to present the receipt with the manager's signature. The voter could not present the receipt, as it cannot be falsified in view of impossibility to imitate an alien EDS. This will be the irrefutable evidence of the voter's naked assertion.
Consequently, the election manager's abuses can be revealed and evidenced by the voters, and the voter's abuses can be revealed and evidenced by the election manager.
The potential of revealing abuses substantially improves reliability of election results because any party in the election process is prevented from attempts of abuse by known protection means of the electronic voting method.
In light of the foregoing it will be appreciated that the electronic voting method can be put in practice and allows the attainment of the technical result and object of the present invention.

Claims (4)

  1. WHAT IS CLAIMED IS: 1. A method for electronic voting in a system
    including at least one voting station, a computer equipment of voters, and a computer equipment of an election manager at the voting station, said voters' and election manager's computer equipment being coupled to a network, and a software for the computer equipment to provide operating of the system, said method comprising the steps of: prior to starting the electronic voting, generating a database containing lists of eligible voters; every eligible voter who wishes to participate in the electronic voting establishing a connection using the computer equipment over said network to a corresponding voting station, and sending a message in a form of an electronic documentindicatinga voter'snameand reporting of a wish to vote to the election manager at the corresponding voting station; after receiving the voter's message reporting of the wish to vote at the voting station, checking in the database comprising the eligible voters lists, whether the voter is eligible or not and whether the voter is trying to double vote or not, and if the voter is eligible and does not try to double vote, sending a voting ballot in a form of an electronic document from the voting station to the voter; the method characterized by the steps of: after receiving the voting ballot from the voting station, the voter completing the ballot, signing the ballot with a voter's electronic digital signature (EDS) and sending the ballot in a form of an electronic document to the election manager at the corresponding voting station within a predetermined time; after receiving the voting ballot completed by the voter by the election manager at the voting station, verifying an authenticity of the EDS at the voting ballot in an EDS public key electronic certificate databank, and if a verification result is positive, storing the ballot and assigning a unique personal identifier (UPI), as an alias, to the voted voter, and then sending a receipt in a form of an electronic document signed by the election manager's EDS from the voting station to the voter, the receipt containing the voter's full name, voting result and assigned UPI, and a reminder that the voter should submit to the election manager at the corresponding voting station within a predetermined time an acknowledgement confirming the voter's participation in the voting and correctness of the information presented in the receipt, the voter being further informed that in case of failure to submit said acknowledgement to the election manager at the corresponding voting station within the predetermined time, the receipt provided to the voter will be canceled and the voter's ballot will be invalidated, and the voter will be treated as a non-voted voter eligible to cast a vote with any newly assigned UPI, after receiving the receipt, the voter verifying the authenticity of the EDS at the receipt in the EDS public key electronic certificate databank, and correctness of the information presented in the receipt, and in case of absence of errors in a receipt text, sending within a predetermined time to the election manager at the corresponding voting station an acknowledgement in a form of an electronic document signed by the voter's EDS, wherein the voter confirms the voter's participation in the voting and the voting result without an indication how the voter has voted, and confirms correctness of the information contained in the receipt; after receiving the voter's acknowledgement by the election manager at the voting station, verifying the authenticity of the EDS at the acknowledgement in the EDS public key electronic certificate databank, storing the acknowledgement and enabling the voter to store the receipt; otherwise if an error has been detected in the receipt text, the voter reporting of the error to the election manager, and after confirming correctness of the voter's report at the voting station, canceling the receipt provided to the voter and sending a message in a form of an electronic document signed by the election manager's EDS to the voter, suggesting the voter to cast a vote from the beginning with any newly assigned UPI; entering the voting result of the voter who submitted the acknowledgement confirming correctness of the information in the receipt, into the database in a register of electronic voting results with indication of the voter's UPI but without an indication of the voter's name; entering the voter's full name into the database in a register of names of voters who have taken part in the electronic voting, and then canceling the ballot completed by the voter, and after closing the voting, publishing the register of electronic voting results with an indication the voters' UPIs and the register of names of the voters who have taken part in the electronic voting.
  2. 2. The method as set forth in claim 1, characterized in that said network to which the voters' and the election manager's computer equipment are coupled is the Internet.
  3. 3. The method as set forth in claim 2, characterized in that said register of electronic voting results with the indication the voters' UPIs and said register of names of the voters who have taken part in the electronic voting are published upon closing the voting at a Web site of the election manager of the corresponding voting station.
  4. 4. The method as set forth in claim 2 or 3, characterized in that the software to provide operating ofthe electronic voting system includes a software such as Web browser end Web server.
GB0418505A 2004-08-18 2004-08-18 Electronic voting method Active GB2417352B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB0418505A GB2417352B (en) 2004-08-18 2004-08-18 Electronic voting method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB0418505A GB2417352B (en) 2004-08-18 2004-08-18 Electronic voting method

Publications (3)

Publication Number Publication Date
GB0418505D0 GB0418505D0 (en) 2004-09-22
GB2417352A true GB2417352A (en) 2006-02-22
GB2417352B GB2417352B (en) 2009-03-04

Family

ID=33042304

Family Applications (1)

Application Number Title Priority Date Filing Date
GB0418505A Active GB2417352B (en) 2004-08-18 2004-08-18 Electronic voting method

Country Status (1)

Country Link
GB (1) GB2417352B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI591563B (en) * 2016-07-29 2017-07-11 臺灣集中保管結算所股份有限公司 A system and method for automatically crossing platforms to perform shareholder voting

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002067174A2 (en) * 2001-02-20 2002-08-29 Votehere, Inc. Detecting compromised ballots
US20030136835A1 (en) * 2002-01-23 2003-07-24 Chung Kevin Kwong-Tai Packet-based internet voting transactions with biometric authentication

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002067174A2 (en) * 2001-02-20 2002-08-29 Votehere, Inc. Detecting compromised ballots
US20030136835A1 (en) * 2002-01-23 2003-07-24 Chung Kevin Kwong-Tai Packet-based internet voting transactions with biometric authentication

Also Published As

Publication number Publication date
GB0418505D0 (en) 2004-09-22
GB2417352B (en) 2009-03-04

Similar Documents

Publication Publication Date Title
Zagórski et al. Remotegrity: Design and use of an end-to-end verifiable remote voting system
US6973581B2 (en) Packet-based internet voting transactions with biometric authentication
Cranor et al. Design and implementation of a practical security-conscious electronic polling system
US20020078358A1 (en) Electronic voting system
US8843389B2 (en) Mobilized polling station
JP6567675B2 (en) Electronic voting method and system implemented in portable device
US20050161507A1 (en) Voting method and apparatus
CA2531618A1 (en) System and method for electronic voting
US11790719B2 (en) Tamper resistant public ledger voting system
AU2015213768A1 (en) Methods and apparatus for voter registration and voting using mobile communication devices
US11361606B1 (en) Tamper resistant public ledger voting system
Seftyanto et al. Design of Blockchain-based electronic election system using Hyperledger: Case of Indonesia
US20140172517A1 (en) Random sample elections
US20030069783A1 (en) System and method for electronic voting
US20230147564A1 (en) System And Method For Conducting A Publicly Auditable Election
RU2242793C2 (en) Electronic vote method
GB2417352A (en) Electronic voting method
JP2003067532A (en) Electronic voting system and method
Reinhard et al. Compliance of POLYAS with the BSI Protection Profile–Basic Requirements for Remote Electronic Voting Systems
Storer et al. Polsterless remote electronic voting
Chakraborty et al. Designing a biometric fingerprint scanner-based, secure and low-cost electronic voting machine for India
RU2298229C2 (en) Method for electronic voting and processing of results
Sharma et al. Blockchain based E-Voting
WO2002056230A2 (en) Electronic voting system
JP3209238B2 (en) Electronic voting method and apparatus