The ShofarVote™ voting service is designed to be easy for the voter to use, while being as informative as desired. The anonymity of the voter is kept in high regard, while each vote is recorded and digitally signed to allow for validation of the vote by anyone. Rather than keeping the voting data secret, we make everything public, except the voter’s identity. Well established digital signature technology is used to allow challenges by individual voters, and interested parties, to the credibility of the data with hard evidence. The same technology is used to rule out bogus attempts at challenging the results.

The technology is real and we are seeking to have a complete demonstration running in September showing how this would work for elections for government offices, corporations, and organizations. The software will be available as freeware, or as a hosted service. Please consider a donation to bring this project to reality.

This is a quick overview of the voting process. A more complete graphical presentation is in development.

A voter must first register their intent to participate in an election. This may be simple or elaborate depending on the needs of the election. This can be done online, in person, or via mail.

The voter will receive a file that contains unique keys and digital signatures that will be used in voting. This file can delivered over the web for an online registration, or delivered on a low-end USB drive that will be taken to the polling place for the offline voter.

Additional layers of authentication can be employed, such as mailing a random password to a physical address to ensure the person exists, or taking a photo of the in-person registrant to use in identification at the polling place.

The voting authority’s computer, such as the board of elections, would have the list of voters, and which ballots each voter is voting on.

An online voter would connect to the voting authority’s computer and authenticate themselves. An offline voter would do a similar task at the polling place, including providing the USB drive with their identification file.

The voting authority’s computer would redirect the voter to a voting computer. The voting computer keeps no logs and only knows id numbers, and does not have any identifying information about the voter.

The voter would make their selections during this session with the voting computer. Once the vote is to be finalized, the voting computer would digitally sign each vote using keys from the voter’s identification file, the voting authority’s computer, and any additional monitoring computers. The signed vote would be added to the voter’s file, including new random keys. The vote would also be delivered to the voting authority, with different keys, and to monitoring computers, again with different keys.

When the session is complete, the voting computer erases the voting session.

When the election time is concluded, the voting authority’s computer would tally and digitally sign the result file. Additional signatures from the monitoring computers would be added. The results file would be delivered to all online voters, via email or other means. By delivering to all, there is no stigma applied to those who want to review the vote.

A voter can then examine the vote file and find their unique vote, as they are the only ones with the final id used. The voter can validate the digital signature of their vote, any particular vote, or the entire file.

A discrepancy in the voter’s vote can be challenged when the signatures don’t match. The voter is the only one who can produce the valid signature. However, bogus changes by the voter would be invalid when they cannot produce the signatures produced by the voting authority’s computer, or monitoring computers.