Glossary

Anonymity

Voting Machine

tbd

Seperate Machines

tbd

Pre-election

Anonymity is established in the pre-election period by the organizing institution. The most common implementation of such a system uses transaction numbers (TAN). These numbers are generated centrally and a scratch-field is applied. Then in a second step the voter's address is applied and sent to the voter who can use the number anonymously for exactly one vote.

During Election Period

With this method the anonymity is established during the vote casting procedure. It can either be done by separating the servers in an identification and ballot box server or by blind signatures; the most common implementation of Chaum's blind signature is in the Fujioka et al. algorithm. The process can be explained as follows: the voter fills out his/her ballot sheet, then puts it in a carbon-copy envelope. The voter then signs another envelope with his/her personal signature and inserts the carbon-copy envelope and sends the package to his/her register. They check the voting eligibility based on the voter's signature, then sign the carbon copy envelope and return it to the voter. The voter opens the cc-envelope and has a signed ballot sheet (due to the carbon copy) without the voter's register ever having seen the ballot sheet. Finally the voter returns the ballot sheet to the ballot box and has thereby cast a valid vote anonymously.

Post Casting

In this case the anonymity is established after the end of the election day, when the votes can still be identified but the count can only be conducted together meaning the content of a single vote is never released. The most common implementations use homomorphic encryption like the Schoenmakers algorithm or hardware security modules like the Estonian system.

Other

Other than the methods here specified.