Voting using Blind Signatures
- User authenticates to server
- User generates 10 "vote numbers", blinds them, and sends them to server
- Server picks 1 at random.
- User gives the 9 other unblinding factors.
- Server verifies these 9 have the proper format.
- Server signs (blind) the one message it choose.
- User unblinds the signature
The user now has a random vote number, and a matching signature, but the
server does not know which random vote number the user has, nor can it
find out which user submitted which random vote number when it sees one.
- User sends random number, signature and vote to server (while somehow
staying anonymous)
- Server verifies signature, and stores random number in database, along
with vote.
- Server publishes the votes received, by random number.
Example