User:Taeshadow/Page for drafts/GNU.FREE

GNU.FREE is a free voting system that was officially part of the GNU project. It is not, however, based on any voting-oriented cryptographic primitives.

The author of GNU.FREE has publicly discontinued his work on the project, due to disillusionment with the concept of secure Internet voting.

Overview of protocol
In GNU.FREE there are two servers, the electoral roll server (ERServer), and the regional server (RTServer). All communications are encrypted using Blowfish encryption with a key exchanged by RSA encryption. The voter submits authen- tication information to the ERServer, who validates it. The voter then fills out a ballot, and sends a key along with a timestamp to the RTServer. The RT- Server then stores this, and challenges the voter for the timestamp again. If the voter provides the valid timestamp, then the key is decrypted and sent to the ERServer. The ERServer records that the voter has submitted a key and cannot vote again. The RTServer then decrypts the vote, stores it, and deletes the key. The fault in this scheme is that malicious servers can record which user voted for which candidate as the votes are submitted.