An important component of an internet voting system is the underlying cryptographic secure voting protocol. A voting protocol is defined as a set of sub-protocols that allow a set of voters to cast their votes securely and with privacy, while enabling a set of talliers to compute and communicate the final tally that is verified by a set of observers. These sets need not be disjoint sets. These fundamental requirements of privacy and integrity must be addressed by the protocol.
- Mixing protocols: Mixing protocols are based on voters mixing each other's votes so that no one can associate a vote with a voter. There are no separate talliers or observers. These protocols are impractical for elections with more than a handful of voters.
- Blind signatures: These protocols use an anonymous channel to cast ballots preventing association of votes and voters. Authentication is preserved through the use of blind signatures. Blind signatures allow a document to be signed without revealing its contents and were originally used for untraceable digital cash. These protocols are very flexible and even allow write-in options.
- Protocols based on homomorphism: There are also protocols where individual votes are split up among different tallying authorities so that no single one of them can compromise the privacy of an individual voter. These protocols are based on homomorphic encryption and homomorphic secret sharing and allow for universal verifiability.
The protocol used by OpenVote
OpenVote uses a protocol based on homomorphism which introduces publicly verifiable secret sharing that makes it more robust and convenient than earlier protocols. The protocol used assumes the availability of a so-called bulletin board in which each entity can post a message exclusively to its own section, but cannot erase or overwrite previously posted messages.