A blind signature is a cryptographic technique that allows a signer to produce a valid digital signature on a document without ever seeing its contents. Evoting uses blind signatures to solve a fundamental tension in anonymous voting: the administrator must confirm that a voter is eligible, but must not learn who that voter chose to vote for.Documentation Index
Fetch the complete documentation index at: https://mintlify.com/Crypto-Project-ENSTA/front-end/llms.txt
Use this file to discover all available pages before exploring further.
Why blind signatures are necessary
The administrator’s role is to verify voter eligibility. It receives a voter’s N1 authentication token, checks with the commissioner that the N1 is valid, and then signs the ballot to authorize it for submission. Without blind signatures, this process would require the administrator to read the ballot — which would immediately reveal the vote choice. Blind signatures break this link: the administrator can authenticate the voter and sign the ballot in a single step, without the ballot content ever being visible to it.The blind signature flow
Ballot creation
The voter selects a candidate and enters their N2 verification code in the browser. These two pieces of information together form the ballot message: a
(vote choice, N2) pair that will eventually be published for public verification.Blinding
Before the ballot is sent anywhere, the voter’s client applies a blinding factor — a random number used to mathematically obscure the ballot. The result is a “blind ballot” that contains no readable information about the original vote choice. The blinding factor is kept secret on the voter’s device and is never transmitted.
Eligibility verification and signing
The voter submits their N1 token and the blind ballot to the administrator. The administrator checks the N1 against the commissioner’s list of valid tokens. If the N1 is present, the administrator signs the blind ballot using its private key and returns the blind signature. At no point does the administrator see the unblinded ballot content.
Unblinding
The voter’s client takes the blind signature returned by the administrator and removes the blinding factor using the inverse of the operation applied in step 2. The result is a valid administrator signature on the original, unblinded ballot. This signature is mathematically indistinguishable from one produced by directly signing the original ballot — it will pass standard signature verification.
Encryption and anonymous submission
The unblinded, signed ballot is encrypted with the counter’s public key. The encrypted ballot — along with the administrator’s signature — is then submitted through the anonymizer, which decouples the voter’s IP address and session identity from the ballot before it reaches the counter’s storage.
Security guarantee
After unblinding, the signed ballot carries a cryptographically valid administrator signature. During counting, the counter verifies this signature using the administrator’s public key. The signature is valid precisely because the mathematical relationship between the blinding, signing, and unblinding operations guarantees it — not because the administrator ever saw the original content.This property is sometimes called “signer blindness”: the administrator can prove it signed a ballot in the election, but it cannot determine which candidate that ballot was for, nor can it link the signature back to the voter who submitted it.