Voting with untrusted servers: A new architecture

As far as I know this is the only proposed design for a anonymous, verifiable voting system in which the server is untrusted.


  1. There is a public list of voters who are real and eligible to vote.
  2. The voter’s computers are secure

A basic outline

Voters connect to the server establishing a secure connection. The server places voters into groups of 30 or so. The server then shares the IP addresses of all the group members with each other. The voters then disconnect with the server and vote on their local machines. Each user must enter an passphrase(footnote 4) that will correspond to their vote. Their votes along with passphrases are then encrypted using the servers public key. These encrypted  vote+passphrase packets are sent from each member of the group to every other member of the group.  Packets are also randomly forwarded between members so that no group member can know from whom the packet is coming.

At the end of a given time interval(20 mins) all the group members have 30 encrypted votes on their machine. Each voter then sends all 30 votes, the groupID and the 30 passphrases back to the server. The server then decrypts the packets, verifies that the votes coming from each of the group members are not contradictory and then publicly publishes the decrypted votes, the members of each group and the pass phases(see footnote 2)

Voters can then verify that their vote was counted by going to the public vote list, finding their group and checking that they are listed as a member of the group, and that their pass phrase corresponds to their vote. If their pass phrase does not correspond to their vote they can force the whole group to be broken up and re-vote.(footnote 1)

Anyone in the world can access the public lists of voters, and votes at anytime during the voting process.


Possible areas of attack:

  • If all of voters of a given group minus 1 collude the anonymity of the trustworthy voter is lost.
  • A virus on the voters computer can compromise the voters anonymity
  • Physical coercion can force the voter to vote a certain way. The voter can always recall the vote at a later point.
  • An untrustworthy server can falsify groups. Sending untrustworthy IPs to each of the group members and compromise anonymity. This can be solved by publishing the IPs along with the group. Voters record the IPs of their group members and can check that they are the same as the ones published.


  1. This is a big problem with this design. It allows voters to disrupt the voting process.  If a voter does this more than twice then the system can revoke their ability to vote for this election online and require them to go to a polling station.  Other options include tracking culprits and flagging them.
  2. A passphrase is just a string like “doggy”


Introduction to neural network articles

Neural Networks are a vast and broad subject.  The intent of these articles is to shed light on just a small part of the subject.  Namely on SANNA.

SANNA is a neural network architecture that I (as well as a few others) are developing.  The goal of the SANNA project is to build a neural network as powerful as the human brain. Although our goal is not very practical right now, we believe that through critical thinking and experiment we can slowly approach it.

The SANNA project is interested in studying the mechanics of the human brain only as a means to developing a functional ANN.  Reverse engineering the worlds most powerful neural network seems to be the best approach to developing an artificial one.  We have no interest in modelling the details of the brains, instead we are interested in the theory behind the details.

The articles that are to continue are written for the lay programmer. They are simplified in order to convey theory without bogging the reader down with the algorithmic details. If you are interested in the details feel free to contact me.



Trie categorization as an effective neural network architecture

Why do we tend to obsessiveness categorize things? Every sensory item, every abstract idea, everything  fits into one or more categories. Try it yourself, try to think of something that does not fit into a category. You cant!

I propose that a category trie is the fundamental data structure of the brain for both conscious and subconscious memories. These memories include everything from personalities(big memory) to senones(the building blocks of phonemes- small memories).

In computer science a trie is an extremely efficient data structure for storing and accessing data.  When the trie is brought from the a RAM/CPU architecture to a neural architecture magic happens. All of a sudden the trie is no longer just storage structure but a highly adaptable, fast, efficient, highly parallel processing machine!

To demonstrate lets use speech recognition as an example of the effectiveness of trie categorization.  Note that speech recognition is a particularly easy example, but the argument holds true for any type of  object recognition (visual, oral, etc)  as well as for decision making(to be explained in future posts).

We know the human ears works. It is therefore it is a good reference point for this discussion.  Sound comes to the brain through the ears where the spiral ganlion perform the equivalent of a Fourier Transform on the incoming sound waves. The brains auditory cortex thus receives electrical signals as a function of frequency.

When the brain recognizes a sound, it is essentially taking a combination of pitch, volume, and timing and turning it into an image/word in the consciousness. For example if we take a bird’s tweet and shift it from 1khz  to 100hz it would be totally unrecognizable. Or if we took the same tweet and extended the silent parts to be 40 seconds pauses it would also be unrecognizable. From this we see the importance of both temporal and frequency information.

So how does this all relate to neurons? 

The beauty of neurons is there sensitivity to temporal information. A neuron will only fire if it receives a given stimulation within a given time period. If the time period is too long or the stimulation too weak then the neuron does not fire. The implications of this are that neurons are built to process temporal sequential information.

Back to our speech recognition example. The sound goes through the Fourier Transform is translated to electrical activity then hits the root level of the trie. The roots of the trie corresponding to the incoming frequencies then fire exciting the second level of the network.  Each level of the network acts as a filter, categorizing the data from the above level and sending it on.

Look at the trie diagram above. For simplicity lets pretend that instead of representing frequencies the roots of the trie represented letters. As the letter “i” comes in from the ears, the “i” neuron fires exciting the “in” neuron. The “in” neuron however will not fire until it has received a signal from both the “i” neuron and then the “n” neuron.  If another “n” comes in from the ears then that will be sent to “in” and “inn” will fire.

But what if “in” fires and then another “n” comes from the ears? Now we have fired “in” and “inn” and created quite a mess! This is where the inhibitory neurons come to save the day. But before we go there notice the incredible thing that is happening.

The neurons that store data on how phonemes sound are the same neurons that process the data for the incoming sounds. In a neural network the storage sorts!