An anonymous electronic voting system is a system that electronically realizes uninscribed secret vote effected through a network, fore example. Examples of the conventional anonymous electronic voting system are described in Patent Publication 1 and a non-Patent Publication 1. In the following description, the “vote” includes a vote for electing a candidate from among candidates set beforehand, as well as a questionnaire etc. which allows a free description. In addition, the “candidate” and “candidate name” are directed not only to a candidate and a candidate name in an election, but also to an element (item) or an element name (item name) in a case wherein the element or element name are selected by the intention of the voter from an assembly.
As shown in FIG. 28, a conventional anonymous electronic voting system includes an anonymous decryption system 900 configured by a window center 901 and a plurality of decrypting shuffle centers 902, and a vote management center (voting server) 910 to which each voter will access. The anonymous decryption system 900 is provided in order to keep the secrecy of vote, and is used for outputting the decrypted result while securing secrecy for the correspondence between the voter and the encrypted voting data.
The conventional anonymous electronic voting system having such a configuration operates as follows.
First, the window center 901 and the decrypting shuffle center 902 create public information of the system, such as an encryption key for voting, and transmit the same to the vote management center 910, which notifies each voter of the public information.
After the voting period starts, each voter encrypts own voting contents based on the public information, to create an encrypted voting contents, and also creates a digital signature of the voter, transmitting the encrypted voting contents and the digital signature to the vote management center 910. At this stage, each voter creates the encrypted voting contents and the digital signature in the own client terminal, and transmits the encrypted voting contents and the digital signature to the vote management center 910 from the own client terminal through a variety of networks. The vote management center 910 verifies the received digital signature, examines the voting right of the voter based on the list of electorate names, and accepts the received, encrypted voting contents after confirming that there is no duplication of the vote.
After the voting period expires, the vote management center 910 finishes registration of the votes, and transmits the list of the encrypted voting contents received between the start and the end of the voting period to the window center 901 of the anonymous decryption system 900. The window center 901 decrypts the list of the encrypted voting contents through the decrypting shuffle center 902, permutes the voting contents in the list to obtain the list of plaintext voting contents, and returns the list of the plaintext voting contents to the vote management center 910.
The vote management center 910 tallies (sums up) the voted results based on the list of the plaintext voting contents received from the window center 901.
Patent Publication 1: JP-2002-237810A
Patent Publication 2: JP-2001-251289A
Patent Publication 3: JP-2002-344445A
Non-Patent Publication 1: “Realization of Large-scale Electronic Voting System using Shuffling” on second meeting of Information Processing Society of Japan, March, 2001, by SAKO, Kazue etc. including other six members.