There are three parties in our e-voting scheme:
There are three phases in our scheme:
In order for a voter to correct his/her miscounted vote without revealing his/her ballot, this phase should be separated to two sub-phases: in the first sub-phase, the voters send to the tallier their encrypted ballots (encrypted by symmetrical key) attached by the signatures signed with their voting keys. The tallier verifies the authenticity of the encrypted ballots with the tallying keys published at the end of tallying key submission phase, then publishes all the encrypted ballots and signatures for the voters to check whether their encrypted ballots have been counted. If someone finds his or her ballot has not been counted into the tabulation (miscounted), he or she can report the miscounting by supplying his or her encrypted ballot and signature. So the miscounting can be corrected. If there is no miscounted ballot reported, the procedure goes on the second sub-phase, voters send the tallier the keys, which were used to encrypt their ballots in the first sub-phrase, as well as the signatures on it signed with their voting keys. The tallier decrypts the encrypted ballots and publishes ballots, keys used for encryption of the ballots and the signatures signed both on encrypted ballots and encrypting keys. (Please refer to 3.3, voting and tallying protocol for detail). With the published data, the result of the election can be verified universally.