CosmoVoting
Akash Kumar
IIT Bombay
Smit Rajput
IIIT Vadodara
Tezan Sahu
IIT Bombay
Elections in India
Facts and Figures, Lok Sabha Elections 2014
Population eligible to vote 900 million
Intra-India migrant population which didn’t vote: 281 million
Approx. 30%
Long time in
Queues
Lengthy Voting
+ Counting Process
Large population�is migrant
Problems
Why not a solution until now?
anonymity
Transparency
Security
Voting
Blockchain
Decentralized Voting System
Solution
Processes
Registration
Voting
Counting
Entities Involved
Voter
Political Parties
Constituencies
ECI
Registration
The voter uploads
Information on
Online portal
Verification done by
ECI
Voter UUID hash Created
a mapping of hash to kycDone made true on blockchain
Voting
Registered Voters
Logins with OTP & UUID
Voting
Registered Voters
Logins with OTP & UUID
UUID_hash is checked
from the registration done
on the blockchain
Voting
Registered Voters
Logins with OTP & UUID
Selects the party
for the vote
UUID_hash is checked
from the registration done
on the blockchain
Voting
Registered Voters
Logins with OTP & UUID
Selects the party
for the vote
UUID_hash is checked
from the registration done
on the blockchain
party_hash is created
combining party_id with
a random_number
Voting
Registered Voters
Logins with OTP & UUID
Selects the party
for the vote
Contract is
Updated with the vote
UUID_hash is checked
from the registration done
on the blockchain
party_hash is created
combining party_id with
a random_number
Voting
Registered Voters
Logins with OTP & UUID
Selects the party
for the vote
Contract is
Updated with the vote
UUID_hash is checked
from the registration done
on the blockchain
party_hash is created
combining party_id with
a random_number
Transaction is completed
on blockchain
Counting
Chief Election Officer
concludes the voting
3 way authentication
+ decryption
Run the vote_count
function
Vote count declared
Elections complete
Benefits
Faster Elections
More voters vote as it can
be done from anywhere
Anonymity for Voter
Trust
The Way Forward
Replace the postal voting system
Will result in increasing awareness among citizens, increasing voter turn out
Can be conducted in parallel with the normal elections. Schools’ computer labs can be utilised as polling booths
Future Prospects
MnC elections
Co-operative societies’ elections
Integration with services like civic and decentralized oracles
City wide elections
Using Sovrin network for decentralized identity
How do we ensure the anonymity and secrecy of vote on a public blockchain?
Diving deep into Cryptography
Voting
5 parameters generated on client side :
Constituency
Constituency the person belongs to
uuid hash
voter’s adhaar number
Hash function
uuid hash
voter’s adhaar number
Hash function
UUID Hash
Vote hash
voter’s adhaar number
Vote hash
voter’s adhaar number
Salt added by user. This is to be remembered to verify vote
Vote hash
voter’s adhaar number
Hash function
Salt added by user. This is to be remembered to verify vote
Vote hash
voter’s adhaar number
Hash function
Vote hash.
Salt added by user. This is to be remembered to verify vote
party data hash
voter’s chosen Party
party data hash
voter’s chosen Party
Salt added by a random generator. This need not be remembered
party data hash
voter’s chosen Party
Hash function
Salt added by a random generator. This need not be remembered
party data hash
voter’s chosen Party
Hash function
Party data hash.
Salt added by a random generator. This need not be remembered
Public-Private Key Pair
Publlic Key
Private Key
This needs to be kept safe till the end of election
party data encrypted
voter’s chosen Party
same Salt which was used to generate party data hash
party data encrypted
voter’s chosen Party
Encryption Algorithm
Salt added by a random generator. This need not be remembered
party data encrypted
voter’s chosen Party
Encryption Algorithm
Salt added by a random generator. This need not be remembered
Publlic Key
party data encrypted
voter’s chosen Party
Encryption Algorithm
Party data encrypted.
Salt added by a random generator. This need not be remembered
Publlic Key
Registering Vote
Transaction data
Constituency
Registering Vote
UUID Hash
Transaction data
Constituency
Registering Vote
Vote hash.
UUID Hash
Transaction data
Constituency
Registering Vote
Party data hash.
Vote hash.
UUID Hash
Transaction data
Constituency
Registering Vote
Party data encrypted.
Party data hash.
Vote hash.
UUID Hash
Transaction data
Constituency
Registering Vote
Smart contract on the blockchain
Party data encrypted.
Party data hash.
Vote hash.
UUID Hash
Transaction data
Constituency
In smart Contract
UUID Hash
Check if the person have voted before or not
in smart contract
A mapping of constituency to array of vote data is generated
Constituency
vote data
in smart contract
A mapping of constituency to array of vote data is generated
Constituency
vote data
in smart contract
A mapping of constituency to array of vote data is generated
Constituency
vote data
Decryption
Party data encrypted is sent
Smart Contract
Oracle
Decryption
Party data encrypted is sent
Smart Contract
Oracle
Oracle decrypts the data using private key
Decryption
Party data encrypted is sent
Smart Contract
Oracle
Oracle decrypts the data using private key
Party Data
Private key
Decryption
Party data encrypted is sent
Smart Contract
Oracle
Party Data
Party Data is signed by the oracle and sent back
Signed Party Data
Private key
Oracle decrypts the data using private key
Verification
Decrypted Party Data
Hash function
Verification
New Party data hash.
Decrypted Party Data
Hash function
Verification
New Party data hash.
This check makes sure there is no data manipulation by the oracle
Decrypted Party Data
Hash function
Party data hash.
chosen party extraction
Decrypted Party data
Salt previously added by a random generator. Not needed
chosen party extraction
voter’s chosen Party
Decrypted Party data
Salt previously added by a random generator. Not needed
in smart contract
A mapping of constituency to party to array of vote hashes is generated
Constituency
vote hash
Party A
Party B
in smart contract
A mapping of constituency to party to array of vote hashes is generated
Constituency
vote hash
Party A
Party B
in smart contract
A mapping of constituency to party to array of vote hashes is generated
Constituency
vote hash
Party A
Party B
in smart contract
A mapping of constituency to party to array of vote hashes is generated
Constituency
vote hash
Party A
Party B
in smart contract
A mapping of constituency to party to array of vote hashes is generated
Constituency
vote hash
Party A
Party B
in smart contract
A mapping of constituency to party to array of vote hashes is generated
Constituency
vote hash
Party A
Party B
Counting
Chief Election Officer
concludes the voting
Run the vote_count
function
Calculate length of arrays to decide the winner
Verification of vote
voter’s adhaar number
Hash function
Vote hash.
Salt added by user initially
Verification of vote
Vote Hashes are made public at the end of election
Constituency
Party A
Party B
Matched
CosmoVoting
Thank You
Akash Kumar
IIT Bombay
Smit Rajput
IIIT Vadodara
Tezan Sahu
IIT Bombay
Pseudo Code
Voting process :
�On the client side :
Parameters generated:
Pseudo Code
In smart contract:
Check if:
�Once checking is done, store the data in the following manner:
�Contract :
Vote_data[Constituency][{votedata1},{votedata2},{votedata3}..]
vote data = {
Vote_hash
Party_data_hash
party_data_encrypted
}
� �
Pseudo Code
Decryption process :
The decryption oracle loops through the voting data, decrypts the data
and sends back the plain text.
�Decrypter <== Contract
(constituency, index)
�Decrypter ==> Contract
(constituency, index, plaintext(partyID||random_no))
��In the Contract:
Check if:
Hash(plaintext) == Party_data_hash (Hash(partyID||random_no))
Pseudo Code
The last step makes sure there is no manipulation of vote data by the decryption oracle.
�Now, use the party ID, to generate vote hash arrays :
we have the following data:� constituency
party ID
vote hash
�Contract :
Vote_hashes [Constituency][partyID][votehash1, votehash2,...]
��
Pseudo Code
Vote Calculation process :
�EC Head ==> Contract: calculateVotes ()
calculateVotes() :
Loop across constituencies :
Loop across party ids :
Number of votes = the array length of vote hashes
Check which party have highest votes�Store the winner as winner[constituency] = partyID with max votes
//done
�Here no entity can manipulate the calculation of votes.
�Later election commission can make public the array of
vote hashes corresponding to every party in every constituency.
��
Pseudo Code
After Election :
�Voter :
�Uuid + security token (chosen at the time of voting) ==> vote hash
�Go to publicly available list of vote hashes => check vote
hash belong to the array of the party he voted for
�