Blind Certificates for Secure Electronic Voting

Blind signature-based electronic voting is the simplest paradigm for implementing remote voting platforms due to the fact that it does not employ complicated zero-knowledge proofs. Unfortunately, the existence of a trusted entity (the "Authentication Server") that, in case of corruption, would be able to cast indistinguishable fake votes reduces the acceptance of the paradigm in non fully trusted environments. Trust on the system can be increased by splitting this entity into of a set of parties that are unlikely to collaborate in a dishonest manner. Nevertheless, this technique increases the risk of failure of some of them causing a service interruption during the voting period. Better fault tolerance is provided by proposals which permit to anticipate the interaction with the distributed authentication server before the voting period begins, so that, in case of failure, there is a broad time margin for system restoration. Previous proposals following this approach have been proven to be cryptographically weak or just provide individual verifiability. In this paper, a system that employs blind certificates is presented. Unlike previous proposals, it provides universal verifiability and permits to detect double voting without putting voters\´ privacy at risk.