• 专利附录
  • 专利说明
  • 权利要求
  • 类似技术
  • 同族专利
  • 引用文献
  • 法律状态
  • 优先权
    • 专利摘要:
    The invention relates to a method of enrolling a voter implemented from at least one biometric datum acquired on the voter, comprising steps of receiving biometric datum and of associating the biometric datum with at least one cryptographic voting data or a pointer, so that later, during a poll, the voter can identify himself biometrically using the electronic device and vote with the cryptographic voting data. The invention also relates to an electronic voting method comprising steps of receiving biometric data acquired by a biometric sensor on an individual, said biometric data corresponding to a type of biometric data used for enrollment, verification of a correspondence between the acquired biometric data and a stored biometric data, and if said verification is positive, of transmission of a voting result generated using cryptographic voting data.
    公开号:FR3085777A1
    申请号:FR1858179
    申请日:2018-09-12
    公开日:2020-03-13
    发明作者:Herve Chabanne;Emmanuelle Dottax
    申请人:Idemia Identity and Security France SAS;
    IPC主号:
    专利说明:

    Biometric biometric identification electronic voting method and system
    TECHNICAL FIELD OF THE INVENTION
    The invention is in the field of secure electronic voting. In particular, the invention relates to a method of enrollment upstream of a ballot, comprising the loading of smart cards enabling biometric identification of voters, as well as a method of voting using smart cards.
    STATE OF THE ART
    To facilitate and make voting operations more reliable during a poll, several states and local authorities have already adopted electronic voting protocols and have dispensed with paper ballots.
    Two fundamental properties of an electronic voting process are the confidentiality of ballots, as well as verifiability: the ability for a third party to verify that the final result of the vote corresponds to the votes cast by the voters.
    To ensure confidentiality, it is known to encrypt the voting options expressed by voters so that only a certified server knows the decryption key allowing to go back to a voting option. Certain types of encryption allow an administration server to determine a final voting result without having access to each individual vote in decrypted form.
    With regard to verifiability, the use of private key signature algorithms when sending votes ensures that only previously authorized voters participated in the ballot.
    To enhance the security of the polls, it is known to ask each voter for a password when registering the votes. As such, a known system is based on the supply of a smart card to each voter, during a registration prior to the ballot. The voter must therefore bring his card to participate in the vote.
    On the smart card, or “smart card”, a private key is registered which allows the voter to identify himself in a unique way. The use of a smart card is advantageous because such a card constitutes a material which can easily be audited, in order to prove the integrity and the security of the algorithms which are encoded there.
    The publication Receipt-free electronic voting scheme with a tamperresistant randomizer, Lee, Kim, In: Information Security and Cryptology - ICISC 2002, Revised Papers, pp. 389-406 (2002) describes smart cards in which private voting keys are encoded and equipped with random generators in order to encrypt a voting option.
    The publication Receipt-freeness in large-scale elections without untappable channels, Magkos, Chrissikopoulos, In: Towards the ESociety: E-Commerce, E-Business, and E-Government, I3E, n pp. 683693 (2001) also describes a voting protocol with the encoding of a private voting key on a smart card.
    It is however impractical to provide each voter with a smart card containing a unique private key.
    A major obstacle is the cost of such a deployment, since it is necessary to provide for a number of smart cards equal to the number of authorized voters. In addition, the cards are not easily recoverable for subsequent polls because each authorized voter keeps a card in his possession.
    Another drawback is the possibility for an authorized voter to entrust his chip card to individuals who are not authorized voters and to communicate a password to them unlocking access to the card data, which would allow them to participate at the ballot.
    GENERAL PRESENTATION OF THE INVENTION
    In view of the above, there is a need for an enrollment process and a voting process which are much less costly for States and communities.
    The reduction in the cost of enlistment must, however, be obtained without compromising the security of the ballots, particularly as regards the fundamental property of verifiability of votes.
    The invention relates to this title, according to a first aspect, a method of enrolling at least one voter for a ballot, the method being implemented by an electronic device from at least one biometric datum acquired on the at least one voter, the method comprising steps of:
    reception of the biometric data, association, in a memory of the electronic device, of the biometric data with at least one cryptographic data of vote or a pointer corresponding to a cryptographic data of vote, so that later, during the ballot, the voter can identify themselves biometrically using the electronic device and vote with the cryptographic voting data.
    The recording, in the electronic device, of an association between a biometric datum and at least one cryptographic voting datum makes it possible to store the cryptographic datum on an electronic device which can be used later by several voters. Subsequent biometric identification during voting ensures that the correct person will use the correct cryptographic data.
    This enrollment method therefore has the advantage of being less expensive than known enrollment techniques, since it is not necessary to provide a large number of devices - for example smart cards - at a rate of device for each voter to enroll.
    The security of storing private keys is also increased since the electronic device is configured to allow the use of cryptographic voting data only on condition that a biometric identification is successful.
    An additional advantage is that an authorized voter is not asked to learn or keep a password or username. The identification for taking part in the ballot is of biometric type. This type of identification is quick and practical for the voter.
    The enrollment process defined above may include the following characteristics, optional and not limiting, taken alone or in any one of their technically possible combinations:
    - several biometric data are received during the reception step and each of the biometric data is associated with cryptographic data for voting by a single voter in the memory;
    the method comprises an additional step of generating the cryptographic data for voting by the electronic device;
    the method comprises receiving the cryptographic voting data;
    - the biometric data is associated in the memory with a pointer corresponding to the cryptographic voting data and said cryptographic data is recorded in a remote database;
    - the cryptographic voting data include a secret uskid voter key and a public upkid voter key, preferably in the form upkid = g uskid mod p with p and g domain parameters;
    - the voter is associated in a database with a polling station, the biometric data being transmitted only to an electronic device brought to be in said polling station during the ballot.
    The invention further relates to an electronic voting method in a polling station, comprising the following steps implemented by an electronic device during the polling:
    reception of biometric data acquired by a biometric sensor on an individual, said biometric data corresponding to a type of biometric data used for enrollment, verification of a correspondence between the biometric data acquired and a biometric data stored in the electronic device, if said verification is positive, transmission of a voting result generated using cryptographic voting data.
    The voting process can in particular be implemented following an enrollment process as defined above.
    The voting process may include the following non-limiting characteristics, taken alone or in any of their technically possible combinations:
    the method comprises additional steps of entering a voting option by the individual and encrypting the voting option using a voting key to obtain an encrypted vote included in the voting result;
    - The encryption step further comprises the generation of proof of validity of vote using the cryptographic data, preferably using a secret voter key included in the cryptographic data;
    the method comprises an additional step of signature, by the individual, of the encrypted vote using the cryptographic data, preferably using a secret voter key included in the cryptographic data, to obtain a vote signed included in the voting result;
    - to generate the voting result, the electronic device transmits to a remote server a pointer corresponding to cryptographic voting data, and receives from said remote server the cryptographic data;
    - The cryptographic data is preferably encrypted with an encryption key (e) of the electronic device;
    the verification includes a calculation of Euclidean or Hamming distance between the acquired biometric data and the stored biometric data;
    the method comprises a verification of correspondence between the biometric data acquired and a plurality of biometric data stored for different authorized voters, preferably by a method of search for the nearest neighbor or "Nearest Neighbor Search";
    the method comprises a subsequent counting step comprising a calculation of a voting result from encrypted votes associated with signed votes having a valid signature;
    - in the latter case, the counting includes a calculation of the voting result from the encrypted voting options and using homomorphic properties of the ballot encryption system;
    the method comprises steps of reception of voting results by an administration server and of calculation of a total result comprising a verification of the voting results using proof of correct counting.
    The invention relates in another aspect to an electronic device comprising a secure element for the implementation of a voter registration process as defined above and for the implementation of a voting process such as defined above, said secure element comprising a memory in which are recorded a plurality of associations between at least one cryptographic voting datum and a biometric datum, said electronic device being configured to verify a correspondence between one of the biometric datums stored and an acquired biometric data of the same type as the recorded biometric data.
    The electronic device can also, without limitation, be configured to encrypt a voting option submitted by an individual using a voting key prerecorded in the electronic card and / or to generate a vote signed by the using cryptographic voting data.
    The electronic device can be, without limitation, a smart card or a USB key or a secure mobile device.
    The invention also relates to a voting device intended to be installed in a polling station comprising such a secure element, a biometric sensor and a voting terminal comprising a user interface.
    GENERAL PRESENTATION OF THE FIGURES
    Other characteristics, objects and advantages of the invention will emerge from the description which follows, which is purely illustrative and not limiting, accompanied by the appended drawings among which:
    Figure 1 schematically shows an example of an electronic voting system of the invention;
    Figure 2 schematically shows a voting device according to one embodiment, intended for use in a polling station;
    Figure 3a illustrates the steps of an enrollment method according to a first embodiment;
    Figure 3b illustrates the steps of an enrollment method according to a second embodiment;
    FIG. 4 illustrates the steps of an electronic voting method according to a possible embodiment in which the cryptographic voting data comprises, for a previously enrolled voter, a private key and a public key.
    DETAILED DESCRIPTION OF EMBODIMENTS
    In the following, we describe the use of smart cards to submit an electronic vote during a poll. However, enrollment for voting as well as electronic voting itself could be carried out with an electronic device other than a chip card, as soon as said device comprises a secure element.
    By “secure element” is meant a platform with a secure processor configured to perform tamper-proof storage of data using secure keys. The processor is here also configured to perform calculations, in particular comparisons between an acquired biometric datum and a biometric datum stored in memory. Such a secure element is easily auditable by a trusted authority. A SIM card, an eSE card, a micro-SD card are examples of such secure elements.
    The Mobile / NFC Security Fundamentals, Smart Card Alliance presentation, available at the following URL:
    https://www.securetechalliance.org/resources/webinars/Secure Element s 101 FINAL3 032813.pdf, describes, in particular on pages 6 to 9, examples of secure elements and a possible architecture of an electronic card constituting a secure element.
    In addition, the description below concerns a vote in an official polling station in a territory (state or local authority). The invention applies with the same advantages in any other type of ballot, or in a context other than a ballot requiring several individuals to communicate a datum of their choice in an authentifiable manner, for example in the context of a control of knowledge. It is therefore not necessary that the data communicated be encrypted.
    In the appended figures and in the description below, similar elements are designated by the same alphanumeric reference.
    Electronic voting system
    FIG. 1 shows a functional architecture of an electronic voting system according to an example, allowing voters Vi, ..., Vi, ..., V n to participate in a poll. The voting system comprises an enrollment server C and at least one, preferably several, voting devices each comprising a voting terminal S, a biometric sensor CB and a chip card Em.
    Preferably, the voting system also includes a voting administration server A as well as a plurality of certification servers SCi, ..., SQ, ..., SCi.
    The enrollment server C includes a memory for storing biometric data acquired in a certified manner, or as an alternative, has access to a certified biometric database.
    In a possible variant, the server C is configured to generate cryptographic voting data and to transmit said data to a smart card Em. To do this, the server can be provided with a card reading interface.
    The server A is connected to the servers SCj and to the voting terminal S by a communication network with a high level of security. Data exchanges between said entities are preferably encrypted.
    FIG. 2 illustrates a voting device according to an example, comprising the voting terminal S, the electronic card E m and the biometric sensor CB. In the following, we will talk indifferently of "electronic card" or "smart card".
    The voting device in Figure 2 is for example made available to authorized voters during a poll, in a voting booth at a polling station. The confidentiality of the vote is guaranteed by the fact that the voting booth can only admit one person at a time.
    The sensor CB includes a slot 21 for insertion of the chip card Em. The slot includes an electronic link to allow an exchange of data between the card and the sensor. Preferably, the data thus exchanged is not communicated to the terminal S.
    The CB sensor further comprises a biometric acquisition zone 22; in the present example, fingerprints are used as biometrics and area 22 is a finger positioning area. The CB sensor is preferably configured to perform a liveness detection during the acquisition of biometric data, in order to detect possible identity theft during the acquisition.
    The chip card Em comprises calculation means configured to implement the enrollment and electronic voting methods described below. The smart card further comprises a memory 23 on which are recorded a plurality of associations between cryptographic data DC of voters and biometric data t acquired in a certified manner, for example in the form of pairs (DC, t). The cryptographic data are for example pairs comprising a private key and a public key. The generation of the public key and the private key do not necessarily imply an authority of a PKI-type infrastructure.
    The calculation means and the memory are included in a secure element.
    The calculation means are in particular configured to acquire biometric data b from an acquisition interface of the sensor CB and to verify a correspondence between the data b acquired and one of the data t present in the memory 23.
    The smart card can also have an encryption key e which allows it to encrypt data exchanged with external entities. It can be symmetric or asymmetric encryption.
    The voting terminal S has a user interface comprising a screen, using which a voter can view the proposed voting options and select one or more voting options. The interface can be touch or button.
    Preferably, the terminal S is configured to automatically detect a sabotage attempt by an external attacker.
    Optionally, the voting device can also be equipped with a printer connected to the terminal S, configured to print a ballot paper identifier in the form of a character string, a bar code or a a QR. Coded. The printed identifier is retrieved by an individual after submission of his ballot.
    It will be noted that each voting device preferably contains a single smart card E m to reduce the costs of deploying the voting system. In addition, the memory of each Em card can be emptied and reused after each poll.
    Thus, the cost of deploying the voting devices necessary for a poll, organized for example by the State or by local authorities, is greatly reduced compared to known solutions based on the provision of an individual smart card for each voting authorized.
    Enrollment of authorized voters
    FIG. 3a shows a method of enrolling authorized voters upstream of a ballot, according to a first embodiment. This method is for example implemented by an enrollment server C and an electronic card E m illustrated in FIG. 1.
    In an optional step 100, a polling key pk is obtained. In a possible example, the public polling key pk is generated by the administration server A in relation to the certification servers SCj, each certification server generating part of the polling key and the administration server calculating the key public pk.
    In this example, the public polling key pk then corresponds to a plurality of secret polling keys skj, each certification server SCj holding one of said secret keys.
    In addition, an encryption T is obtained by the card, preferably a homomorphic encryption making it possible to decrypt the accumulation of votes without having access to each individual vote in decrypted form. If the encryption T is homomorphic by addition, it checks the following equality for Vk voting options:
    T (vi + ... + vn) = T (vi) + .... T (vn)
    Enrollment continues with a step 110 of acquisition, by the enrollment server C, of biometric data in a certified manner. By "certified acquisition" is meant that the acquired data can be reliably associated with the individual (preferably, the individual is asked to provide an official identity document during this acquisition). The biometric data can in particular be a fingerprint and / or an iris image and / or a face image. Alternatively, any biometrics that can be acquired on the fly at the time of voting can be used with sufficient speed and reliability.
    As an alternative to step 110, a pre-stored biometric data item t is retrieved from a database by the enrollment server.
    The enrollment then comprises a step 120a of generating by the card at least one cryptographic datum DC associated with the voter. Alternatively, step 120a is implemented in parallel with steps 100 and 110 or before steps 100 and 110.
    The DC cryptographic data is a data which makes it possible to carry out a cryptographic operation on a voting data:
    encryption, signature ... Here, the DC data corresponds in a unique way to the voter.
    In the example which follows, the voter cryptographic DC data for a voter, associated with an identifier id corresponding in a unique manner to the voter, is a private uskid key and a public upkid key which make it possible to sign a vote. The keys here verify the following equation:
    = g uskld mod p where p and g are domain parameters. For an example of the form of the domain parameters p and g, we can refer to page 15 of the following document:
    https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.Ddf·
    Alternatively, any known algorithm for generating signature keys could be used.
    The uskid secret key can be obtained by applying a hash function to a passphrase or passphrase.
    In the method of Figure 3a, the cryptographic DC voting data is therefore generated inside the card.
    The cryptographic data (for example a private key) can be a function of the biometric data t acquired and a master secret, or even be a function of a voter identifier and a master secret. One advantage is to ensure that the data generated by several smart cards are of the same shape.
    In a step 130, the server C transmits to the electronic card E m the polling key pk and the biometric data t, preferably in encrypted form.
    The enrollment method then comprises a step 140 of storage, in the memory 23 of the card, of the data DC (here the private key and the public key) in association with the biometric data t of the individual, for example under pair form (DC, t).
    As a variant, in the memory of the card, in place of the cryptographic data DC, a data pointer Pdc corresponding to the cryptographic data DC is recorded. The pointer is much smaller than that of the complete DC data. An advantage of this variant is to save storage space on the card. The DC data is then stored in a remote database, preferably encrypted with a card encryption key K.
    Advantageously, the DC data (or the associated pointer) is only saved in the smart card or cards which are intended to be in the polling station where the voter is expected, according to information from a remote database. . One advantage is to limit the storage resources required on each of the smart cards.
    An advantage of storing the cryptographic data DC allowing electronic voting in relation to a biometric data is to secure the access to the cryptographic data.
    Another advantage is to be able to store several cryptographic data on a single smart card, while ensuring that each person using the smart card can only access their own cryptographic data.
    In the present example, the public key upkd can, advantageously, be published at the end of the enrollment in a list L of public keys accessible on the network.
    FIG. 3b shows a method of enrolling authorized voters according to a second alternative embodiment.
    In this mode, the cryptographic DC voting data is not generated inside the card Em, but is generated by the enrollment server C in a step 120b.
    Steps 100 and 110 are identical to those in Figure 3a.
    During step 120b, the server C generates the cryptographic data DC (for example a private key and a public key in accordance with the example described above in relation to FIG. 3a).
    During step 130, the server C transmits the biometric data t to the smart card. It also transmits a pointer Pdc corresponding to the cryptographic data DC in a relational database.
    Thus, it is not necessary to transmit the cryptographic data DC to the smart card.
    Alternatively, the complete DC data is recorded in the memory of the smart card. In this case, the DC data can be forgotten by the enrollment server C, once the enrollment is complete.
    In a step 140, an association between the pointer Pdc and the biometric datum t - or, alternatively, an association between the DC datum and the biometric datum t - is recorded in the memory of the smart card Em. At the end of this recording, a public part of the DC data can be published.
    An advantage of this second embodiment is that the computing power and the storage space of the smart card E m can be reduced, since it is not necessary to size the card to generate and store cryptographic data complete.
    Electronic voting
    Figure 4 illustrates an electronic voting method according to one embodiment. This method is for example implemented by the voting device described above in relation to FIG. 2, comprising the sensor CB and the card Em, in relation to the enrollment server C.
    During electronic voting, an individual presents himself at the polling station which corresponds to him, the chip card Em having been previously placed in a voting booth at the polling station. The individual first performs a biometric identification using the sensor CB and the Em card. If the identification is successful, he can use the cryptographic DC voting data associated with him to submit a ballot.
    In a step 210, the individual performs his identification by presenting on the sensor CB a type of biometric data which corresponds to a biometry used for enrollment, here a fingerprint deposited in the zone 22 of the sensor.
    The sensor CB then transmits the biometric data b acquired to the card Em for verification, in a step 220, of a correspondence with one of the biometric data t stored in the card. The verification corresponds to a “Match on Card”. During identification, the individual trying to identify himself is sought from among the N individuals whose biometric data is stored on the card ("1: N Match"). As an alternative, an authentication corresponding to a “1: 1 Match” could be provided: the individual seeking to participate in the ballot then announces an identity, and said identity is sought in the card.
    In the present example, fingerprints are used as biometric data stored in the form of 512-bit vectors. We can refer to the following document: MINEX II - An assessment of Match-onCard technology available at https: //www.nist.qov/itl/iad/imaqe-Qroup/minex-ii-assessment-matchcard-technology .
    In another example, the biometric data are face images stored on 128-bit vectors in Euclidean space. The document Facenet: A unified embedding for face recognition and clustering, Schroff, Kalenichenko, Philbin, In: IEEE Conference on Computer Vision and Pattern Recognition, CVPR. Pp 815-823 (2015) describes a possible implementation of a biometric identification algorithm for faces.
    The biometric identification can include, in particular in the two examples above, a calculation of the distance between the acquired biometric data and a stored biometric data to verify a correspondence between the two said data. The distance used is a Euclidean distance or a Hamming distance.
    Advantageously, the correspondence verification includes a search for the nearest neighbor to the acquired biometric datum, or “Nearest Neighbor Search”, the correspondence being verified between the acquired datum and said nearest neighbor.
    We use for example a nearest neighbor search method based on Locality Sensitive Hashing, or LSH. The document A fast search algorithm fora large fuzzy database, Hao, Daugman, Zielinski, IEEE Trans. Information Forensics and Security 3 (2), pp. 203-212 (2008) describes an LSH implementation for an identification context using images of individuals' iris, the iris data being vectors of size 256 bits. Such calculations generally require less calculation time and resources in comparison to distance calculations for all the voters registered on the smart card. These calculations can therefore be easily integrated into the smart card.
    To increase the security of identification, the acquired data b is only exchanged between the card E m and the sensor CB.
    If the individual is not authenticated or identified as an authorized voter, the individual cannot use the voting terminal to submit a valid voting option.
    If a verification is on the contrary positive, the card Em or the sensor CB transmits, at a step 230, to the voting terminal an OK command for authorization for the individual to submit a voting option. Figure 4 corresponds to a positive verification.
    The voter can then use a digital interface of the voting terminal S to select a voting option v from among several possible options, for example among several candidates.
    According to variants, it is possible to select several options during a single vote and / or you can submit a blank vote.
    According to another variant, the biometric data necessary for authentication and the selected voting option are submitted to the Em card at the same time. In this case, the voting option is taken into account if the biometric identification in the card is successful.
    It may happen that an authorized voter cannot carry out a biometric identification with a biometry used by the biometric sensor CB if said biometry is altered in this voter. Preferably, the voting device provides for the possibility of using another type of identification, or else of entering a non-electronic vote with a paper ballot.
    In this example, electronic voting checks privacy and verifiability properties. Here, the voting option selected by the voter is encrypted and the encrypted vote is signed, resulting in a complete and secure ballot B.
    Optionally, the DC cryptographic data necessary for encryption and signature is not stored on the card but in a remote database, for example in the enrollment server C. The card E m then communicates to the server C the pointer Pdc associated in the memory of the card with the biometric data which was recognized during the identification. The card then recovers from the server C the data DC encrypted with the key K for encryption of the card.
    Here, the card retrieves the uskid private key. The upkid key is public.
    Then, in a step 240, a voting option v selected by the voter is encrypted using the polling key pk, resulting in an encrypted vote c.
    Here, the voting option is also encrypted using homomorphic T encryption.
    In this example, the vote encryption is performed using an El Gamal encryption algorithm. A new random integer r is generated during each encryption of a new voting option, preferably by a random generator of the card Em, and the encrypted vote is generated according to the voting option v and the public polling key pk.
    For example, encrypted voting has the form c = (α, β) where β depends on the voting option and the public key pk and a depends on the integer r.
    The number a may have been pre-calculated before encryption, since it does not depend on the voting option selected. This number can be retrieved in step 240 in encrypted form from a database.
    Advantageously, the encryption 240 further comprises the generation of proof of vote validity associated with the encrypted vote. This is proof that the voting option and encrypted voting are well formed.
    We can refer to section 4.8 of the Belenios specification document: http: //www.belenios.oro/sDecification.Ddf for an example of how to calculate the vote cryDted according to the ballot key and proof of validity of the vote in function a Driven key ("credential").
    The voter can only generate proof of the validity of the vote if he obtains cryptographic voting data recorded on the card. This guarantees that the crygtage grove comes from an electronic card, after a successful biometric identification. Glus, this mode of encryption guarantees the confidential nature of the vote guisque the decryption key associated with homomorghe encryption is gas gublique.
    On a floor 250, the voting grocédé understands the signature gar the voter with his crygiated vote c, to obtain a signed vote σ. The signature comes from the votive uskid key key as well as from the encrypted vote c.
    In the present example, the signature is obtained by a digital signature algorithm from Schnorr. The signature then descends from the uskid key, but also from the ugkid gublique key.
    Glus, the signature uses a random number obtained gar a random generator of the card E m with each new signature. The signature geut include a number of the form g w with w a random integer. This number must have been calculated-upstream of the signature.
    The validity of the signature gourra will subsequently be checked at the voting terminal and / or during the counting process, using the ugkid voter key, without requiring knowledge of the uskd key.
    Such a signature has many advantages. It guarantees that the vote has not been altered after the selection of the voting option for the voter. It also guarantees the identity of the voter and germet to verify that a single vote has been submitted by authorized voter, to avoid jamming of the ballot boxes.
    Please refer to section 4.11 of the Belenios sgecification document: http: //www.belenios.orQ/sDecification.Ddf for an algorithm for calculating a signature and for verifying the validity of the signature later.
    The voting option v is transmitted to the card E m at the end of step 230 and the encryption steps 240 and signature 250 are carried out inside the card Em.
    An advantage of carrying out the encryption and the signature of the votes inside the smart card is to increase the security of the voting process in the face of possible external attacks. The smart card is more resistant to hacking than a server connected to the network.
    In particular, assuming that the smart card is resistant to external attacks, the voter cannot have access to the intermediate encryption and signature data of his own vote. Thus, the voting process has a property of no receipt (or "receipt-freeness").
    At the end of step 250, a complete ballot B was constructed from the voting option submitted by the voter.
    In this example, the ballot has the form B = (upkd, c, σ).
    The ballot B is centralized by the voting terminal S for sending to the administration server A.
    Optionally, the voting terminal S implements a verification of the ballot before transmitting the ballot. The voting terminal S verifies the validity of the signed vote σ using the upkd voter public key, preferably according to a zero knowledge proof algorithm.
    The terminal S also checks the validity of the encrypted vote c. We verify without decryption that the encrypted vote corresponds to the encryption of a valid vote.
    If the above checks are positive, bulletin B is sent to a server for processing.
    Counting of votes
    The counting of votes can be carried out by the SCj certification servers. Each server has a secret key skj to obtain the voting options selected by the voting participants from the encrypted votes c present in the B ballot papers considered to be valid.
    The administration server A carries out a sum of the encrypted votes. The certification servers SCj each calculate a partial decryption of said sum. Finally, server A combines the partial decryptives to obtain the decrypted sum of the encrypted votes.
    The complete decryption of the voting options chosen by voters therefore requires the cooperation of all the SCj servers.
    The administration server thus generates a total voting result p.tot, for example a distribution of votes between the various candidates, after a possible check of decryption evidence generated by the servers SCj.
    As the encryption of the voting options is homomorphic, the servers that perform the counting can obtain the decrypted vote result, without having the individual decrypted votes.
    Alternatively, the counting can be carried out by a single server, for example the administration server A.
    Advantageously, when the total voting result is published, a list comprising hashed ballots is also made public. Each voter can have the printed identifier that he obtained from the voting terminal during the ballot. This printed identifier shows a hash uniquely associated with ballot B when generating ballot B. The voter can check that said hash is in the list, to ensure that his vote has been counted in the total result.
    权利要求:
    Claims (16)
    [1" id="c-fr-0001]
    1. Method for enrolling at least one voter for a ballot, the method being implemented by an electronic device (Em) from at least one biometric datum (t) acquired on the at least one voting, the method comprising steps of:
    reception (130) of the biometric data (t), association (140), in a memory of the electronic device, of the biometric data (t) with at least one cryptographic data item (DC) of vote or with a pointer corresponding to a data item cryptographic voting system, so that later, during the ballot, the voter can identify himself biometrically using the electronic device and vote with the cryptographic data (DC) to vote.
    [2" id="c-fr-0002]
    2. The enrollment method according to claim 1, in which several biometric data are received during the reception step and each of the biometric data is associated with cryptographic data for voting by a single voter in the memory.
    [3" id="c-fr-0003]
    3. Enrollment method according to one of claims 1 or 2, comprising an additional step of generation (120a) of the cryptographic data (DC) to vote by the electronic device.
    [4" id="c-fr-0004]
    4. Enrollment method according to one of claims 1 or 2, comprising reception of the voting cryptographic data (DC).
    [5" id="c-fr-0005]
    5. Enrollment method according to one of claims 1 to 4, in which the biometric datum (t) is associated in the memory with a pointer (Pdc) corresponding to the voting cryptographic datum and said cryptographic datum (DC) is stored in a remote database.
    [6" id="c-fr-0006]
    6. Enrollment method according to one of claims 1 to 5, in which the cryptographic voting data comprises a secret uskid voter key and a public upkid voter key, preferably of the form upkid = g uskid mod p with p and g domain parameters.
    [7" id="c-fr-0007]
    7. Enrollment method according to one of claims 1 to 6, in which the voter is associated in a database with a polling station, the biometric datum (t) being transmitted only to an electronic device brought to be in said polling station during the ballot.
    [8" id="c-fr-0008]
    8. Electronic voting method comprising the implementation of an enrollment method according to one of claims 1 to 7, the voting method further comprising the following steps implemented by the electronic device (Em) during the ballot:
    reception (210) of biometric data (b) acquired by a biometric sensor (CB) on an individual, said biometric data (b) corresponding to a type of biometric data used for enrollment, verification (220) of a correspondence between the biometric data acquired and a biometric data (t) stored in the electronic device, if said verification is positive, transmission of a voting result generated using cryptographic data (DC) for voting.
    [9" id="c-fr-0009]
    9. The voting method according to claim 8, in which, to generate the voting result, the electronic device transmits to a remote server a pointer (Pdc) corresponding to a voting cryptographic datum, and receives from said remote server the cryptographic datum ( DC) of voting, the cryptographic data being preferably encrypted with an encryption key (K) of the electronic device.
    [10" id="c-fr-0010]
    10. The voting method according to claim 8 or 9, comprising additional steps for entering (230) a voting option (v) by the individual and encrypting (240) the voting option using a voting key (pk) to obtain an encrypted vote (c) included in the voting result.
    [11" id="c-fr-0011]
    11. A voting method according to claim 10, in which the encryption step (240) further comprises the generation of proof of validity of vote using the cryptographic data (DC), preferably with the using a secret voter key (uskid) included in the cryptographic data.
    [12" id="c-fr-0012]
    12. Voting method according to one of claims 8 to 11, comprising an additional step of signature (250), by the individual, of the encrypted vote (c) using the cryptographic data (DC), preferably using a secret voter key (uskid) included in the cryptographic data, to obtain a signed vote (σ) included in the voting result.
    [13" id="c-fr-0013]
    13. Electronic device (Em) comprising a secure element for the implementation of a voter registration method according to one of claims 1 to 7 and for the implementation of a voting method according to one of claims 8 to 12, said secure element comprising a memory in which a plurality of associations are recorded between at least one cryptographic data item (DC) for voting and a biometric item (t), said electronic device being configured to verify a correspondence between one of the recorded biometric data (t) and an acquired biometric data of the same type as the recorded biometric data (t).
    [14" id="c-fr-0014]
    14. An electronic device according to claim 13, further configured to encrypt a voting option (v) submitted by an individual using a polling key (pk) prerecorded in the electronic card and / or to generate a vote signed (σ) using cryptographic data (DC) to vote.
    [15" id="c-fr-0015]
    15. Electronic device according to one of claims 13 or 14,
    5 the electronic device being a smart card or a USB key or a secure mobile device.
    [16" id="c-fr-0016]
    16. Voting device intended to be installed in a polling station and comprising:
    10 - an electronic device (Em) according to one of claims 13 to
    15,
    - a biometric sensor (CB),
    - a voting terminal (S) comprising a user interface.
    类似技术:
    公开号 | 公开日 | 专利标题
    US10728027B2|2020-07-28|One-time passcodes with asymmetric keys
    US20200396076A1|2020-12-17|Public/Private Key Biometric Authentication System
    EP3623975A1|2020-03-18|Method and system for electronic voting by biometric identification
    EP1815637B1|2016-04-20|Securely computing a similarity measure
    Xi et al.2011|A fingerprint based bio‐cryptographic security protocol designed for client/server authentication in mobile computing environment
    US8670562B2|2014-03-11|Generation and use of a biometric key
    CN103679436A|2014-03-26|Electronic contract security system and method based on biological information identification
    Xi et al.2010|Bio-cryptography
    EP1832036A2|2007-09-12|Method and device for key generation and proving authenticity
    Olaniyi et al.2016|Design of secure electronic voting system using fingerprint biometrics and crypto watermarking approach
    WO2014057107A1|2014-04-17|Electronic signature method with ephemeral signature
    Oke et al.2017|Developing multifactor authentication technique for secure electronic voting system
    EP2568406B1|2018-10-31|Implementation method, from a terminal, of cryptographic data for a user stored in a database
    FR3054905A1|2018-02-09|KEY GENERATION METHOD AND ACCESS CONTROL METHOD
    Pooja et al.2021|Face Detection using Deep Learning to ensure a Coercion Resistant Blockchain-based Electronic Voting
    US20200295948A1|2020-09-17|System for generation and verification of identity and a method thereof
    EP3742699A1|2020-11-25|Method for strong authentication of an individual
    AU2016353324B2|2022-03-03|Public/private key biometric authentication system
    Neethu2018|Revocable Session Key Generation Using Combined Fingerprint Template
    Abid2011|User identity based authentication mechanisms for network security enhancement
    CN108885656A|2018-11-23|account access
    Joshi2012|Information security Using vault in cryptography
    Obi et al.2008|Security Issues in Helper Data Systems."
    EP2836952A1|2015-02-18|Method for identity generation and verification indicating the uniqueness of a carrier-object pair
    同族专利:
    公开号 | 公开日
    US20200084039A1|2020-03-12|
    FR3085777B1|2020-10-09|
    EP3623975A1|2020-03-18|
    引用文献:
    公开号 | 申请日 | 公开日 | 申请人 | 专利标题
    US7729991B2|2001-03-20|2010-06-01|Booz-Allen & Hamilton Inc.|Method and system for electronic voter registration and electronic voting over a network|
    WO2016114841A1|2014-10-31|2016-07-21|Vasco Data Security, Inc.|A multi-user strong authentication token|US10979225B1|2018-11-15|2021-04-13|Amazon Technologies, Inc.|Secure and anonymous electronic polling|
    US11161626B2|2020-02-25|2021-11-02|The Government of the United States of America, as represented by the Secretary of Homeland Security|Electronic baggage locks|
    US11206544B2|2020-04-13|2021-12-21|Apple Inc.|Checkpoint identity verification on validation using mobile identification credential|
    法律状态:
    2019-08-20| PLFP| Fee payment|Year of fee payment: 2 |
    2020-03-13| PLSC| Search report ready|Effective date: 20200313 |
    2020-08-19| PLFP| Fee payment|Year of fee payment: 3 |
    2021-08-19| PLFP| Fee payment|Year of fee payment: 4 |
    优先权:
    申请号 | 申请日 | 专利标题
    FR1858179A|FR3085777B1|2018-09-12|2018-09-12|ELECTRONIC VOTING METHOD AND SYSTEM WITH BIOMETRIC IDENTIFICATION|FR1858179A| FR3085777B1|2018-09-12|2018-09-12|ELECTRONIC VOTING METHOD AND SYSTEM WITH BIOMETRIC IDENTIFICATION|
    EP19197106.8A| EP3623975A1|2018-09-12|2019-09-12|Method and system for electronic voting by biometric identification|
    US16/568,832| US20200084039A1|2018-09-12|2019-09-12|Method and system for electronic voting with biometric identification|
    [返回顶部]