1. Field of the Invention
The present invention relates to a verification method for encrypter operation and an electronic voting verification system using the same, and more particularly, a method capable of verifying the operation of the encrypter without having to execute a corresponding decryption.
2. Background Art
An electronic voting system allows all voting procedures to be carried out via the Internet, unlike an offline voting system. With the electronic voting system, voters need not visit a polling station, but can participate in voting via the Internet, irrespective of their location. Those who have difficulties in participating in voting, such as the handicapped, can easily exercise their voting rights. Thus, election costs can be reduced greatly. However, for the electronic voting system having the foregoing merits to be used in democratic procedures, it is required for the electronic voting system to be safe from any illegal intervention. An electronic polling system unstable against any attack may cause heavy social confusion since it is to be used by many people. Thus, the electronic voting system requires the highest level of cryptological stability.
The electronic voting system ensures secrecy of votes and anonymity to voters using public key codes while allowing the voters to verify whether or not their votes are reflected in the voting results. The public key codes used are easily applicable, even in a public key based structure and, as not limited to a specific code algorithm, have high applicability to various security policies.
Many studies have been pursued for safe and efficient electronic voting protocols. Examples of such protocols include homomorphic encryption, mix-net, and blind signatures that are devised with cryptological techniques. However, even though requirements for electronic voting are satisfied, very few protocols are efficient in calculation and storage space for a number of voters and realizable in practice. A series of procedures associated with electronic voting are carried out through an encryption process so as to be fair and safe.
In general, encryption techniques are divided into encryption and decryption, and are verified by encryption and decryption. However, there is a requirement of raising reliability in the encryption result in an environment where the encrypter that has carried out encryption is not reliable or decryption cannot be carried out. A representative application field may be the electronic voting system based on the encryption technique. In the electronic voting system using the encryption technique, an electronic voter acts to store ciphertexts made from values selected by users and transfer stored data to a ballot counter.
The ballot counter, upon receiving the encrypted voting values, performs decryption to calculate the voting result. In this case, if the electronic voting system intentionally or unintentionally encrypts values different from those selected by the voters, erroneous voting results are counted. Thus, it is essential to make the voter operate normally as well as verify normal operation.
A voter can verify the operation of the voting system generally according to two methods. As a first method, the voter can decrypt the ciphertext in person to verify whether or not the ciphertext is identical with his/her own selection. A second method is an indirect verification method, by which the voter can be convinced of the correctness of a value encrypted with at least preset probability. However, the first method of direct verification cannot be used in a restricted environment such as electronic voting. Because those keys for decryption are known to a single or several voting management organizations only for the purpose of having a secret ballot, the voter cannot confirm the encrypted voting value by decryption.
For these reasons, the indirect verification method is used to verify the operation of the encrypter in a restricted environment such as electronic voting. As conventional techniques for this purpose, there are an electronic voting method based on visual encryption technique and an incessant verification method using verifiers.
In the method based on visual encryption technique, a text can be read when two transparent sheets are overlapped together but the text cannot be read when the two sheets are separated from each other. A voting machine outputs a selection value of a voter on the two transparent sheets where visual encryption is applied so that the voter can recognize his/her selection value on the sheets overlapped together.
Then, one of the two sheets is selected and then discarded in the voting station, but the other sheet is kept. A ballot counter can decrypt the voting value from the single sheet by using a secret key. In this case, if sheet selection by the voter can be predicted, the voting value can be forged. Thus, the reliability of the voting system is 1/2. This method has drawbacks in that the verification probability is fixed to 1/2 and specific output devices are needed.
In the incessant verification method as the second conventional method, a reliable verifier executes verification in place of voters by using a code book where encrypted voting values for all electorate and candidates are stored previously. That is, the code book contains at least as many encrypted voting values as the total electorate number X the total candidate number which is previously calculated. A voting machine records encrypted voting values according to voter selection with reference to the code book. In this case, the reliable verifier executes voting procedures as if he/she is a voter in order to verify whether or not the code book is correctly referred to.
Since the verifier also has the same code book and thus can verify the operation of the voting machine and the voting machine cannot distinguish the verifier from the voters, it is impossible to perform any unfair operation where code book reference is enabled only when the verifier executes the voting procedures.
That is, the voters execute verification via the verifier, and the reliability of the voting machine is c/(c+1), where 1 is the electorate number and c is the number of verifications.
This method has drawbacks in that the voters should trust the verifier and the number of verifications should be larger than the electorate number to set the verification probability to be 1/2 or more.
Examples of this approach are disclosed in [1] “Verifiable Electronic Voting Scheme” (C. A. Neff and J. Adler, http://votehere.com/vhti/documentation/VH_VHTi_WhitePaper.pdf, VoteHere Inc., 2003), [2] “Secret Ballot Receipts: True Voter-Verifiable Elections” (D. Chaum, IEEE Security and Privacy Magazine, vol. 2, no. 1, pages 24-31, 2004), [3] “Voter-Verifiable Election Scheme” (D. Chaum, P. Y. A. Ryan, and S. Schneider, Proc. of 10th European Symposium on Research in Computer Security (ESORICS2005), LNCS 3679, pages 118-139, 2005)”, Korean Patent Application Publication No. 2003-0079844 (Oct. 10, 2003), Korean Patent Application Publication No. 2005-0116050 (Dec. 9, 2005) and so on.
That is, document [1] teaches a technique of creating a code book by encrypting all probable voting values of all the electorate in advance to voting, in which verification to normal operation of an electronic voting machine is carried out by a reliable verifier. Document [2] presents a technique of recording electric voting results based on visual encryption, and document [3] discloses a technique which is most similar to the current paper ballot systems and thus education of voting procedures is least required.
In addition, Korean Patent Application Publication No. 2003-0079844 discloses an electronic voting system as shown in FIG. 1. The electronic voting system includes a central system 10 storing an electorate list and candidate information in a database, a plurality of voting station systems 20 storing information corresponding to voting places in a database, a plurality of ballot counting systems 30 connected with the voting station systems 20 to execute ballot counting and transmitting counting results to the central system 10 and a number of electronic voting machines. Each of the electronic voting machines includes a voting number dispenser connected to a corresponding one of the voting station systems 20 and acts to output bar codes or punch cards which the voting machine can read automatically, a device connected to the voting station system 20 and capable of reading a voting number outputted from the voting number dispenser, user-selectable push buttons, a display screen for identifying user selection, a printer for outputting a balloting result as a print and a memory for storing each balloting result as data therein. Referring to FIG. 1, the reference sign 50 indicates the electronic voting machine in use for user selection, 60 indicates the printer for outputting the balloting result, and 70 indicates a public broadcasting network.
Korean Patent Application Publication No. 2005-0116050 discloses an electronic voting system as shown in FIG. 2. The electronic voting system includes a voting management server 700 and a ballot counting management server 720. The voting management server 700 generates voting management random numbers corresponding to an electorate list (user DB) and the total electorate number, and receives tickets decrypted from encrypted tickets CT, which are transmitted from a voter terminal 740 from the ballot counting management server 720, and encrypted voting values xi from the voter terminal 740, in which the encrypted voting values xi are produced, by public keys of the ballot counting management server 720, from voting selection v inputted from voters and ballot counting verification passwords r. Then, the voting management server 700 stores and arranges the tickets and the encrypted voting values xi in ballot boxes. The ballot counting management server 720 generates ballot counting management random numbers corresponding to the total electorate number, transmits the encrypted tickets CT to the voter terminal 740, re-arranges the ballot boxes received from the voting management, decrypts the voting values xi stored in the ballot boxes using secret keys of the ballot counting management server 720 to sum up voting results, and publish the voting results and the ballot counting verification passwords.
In FIG. 2, the voting management server 700 includes a generator 701 for generating the electorate list and the voting management random numbers, the memory 702 for storing the encrypted voting values, a transceiver 703 for transmitting/receiving data, a mixer 704 for executing arrangement according to random series, a verifier 703 for verifying the correctness of data and a publisher 706 for publishing the total electorate number. In addition, the ballot counting management sever 720 includes a generator for generating ballot counting management random numbers, a memory 722 for storing voting close confirmation codes EC, a transceiver 723 for transmitting/receiving data, a mixer 724 for rearranging the ballot boxes, a verifier for verifying the correctness of the data 725 and a publisher 726 for publishing the voting results and the ballot counting verification passwords.
However, those approaches disclosed in the foregoing documents have some problems in that the verifier for verifying the electronic voting machine should be trusted, the special printer for outputting certificates is needed, verification probability fixed to each voter cannot provide a high value, the ballot paper recorded with a ciphertext should be manufactured in advance, and the verifier for verifying the ballot paper in the voting station should be trusted.
In those approaches disclosed in foregoing Korean Patent Publications, the electronic voting machine may forge voting results and thus a measure for verifying the electronic voting machine is essentially needed.
In addition, in a situation where a voter cannot execute a decrypting operation, an indirect verification method capable of entrusting normal operation at a high probability is needed in order to verify a device for executing encryption such as the electronic voting machine.