Add credentials (client-side)
Backported from Helios-C branch. * The Schnorr signature scheme is used for signing ballots. * The private key is derived from a (relatively) short password (advertised as "token" to the voter) that includes a checksum that is supposed to be sent to the voter. We estimate that a 15-letter password gives 82 bits of entropy, and this implementation rejects shorter ones. * We use the public credential as identity in NIZK proofs.