How to Store some Secrets

This paper introduces a special type of symmetric cryptosystem called multi-encryption scheme. It allows users to encrypt multiple plaintexts into a single ciphertext. Each plaintext is protected with its own secret key, meaning that they can be decrypted individually by applying the decryption function with the corresponding key to the ciphertext. Compared to encrypting the ciphertexts one-by-one using a standard symmetric cryptosystem, the main advantage of using a multi-encryption scheme is the no-search property, which guarantees that knowing the key is sufficient for decrypting a single plaintext. We show how to construct a multi-encryption scheme based on polynomials over finite fields. A possible application area is coercion-resistant electronic voting. To ensure a strong form of privacy, voters are equipped with multiple fake credentials, which are indistinguishable from the proper one. While theoretically sound, this requires a voter to perfectly recall multiple lengthy random numbers, and to know which of them is the proper one. To ensure 100\% recall, users need to manage these numbers and keep them secret. A multi-encryption scheme is an elegant solution for this problem

CHVote Protocol Specification

This document provides a self-contained, comprehensive, and fully-detailed specification of a new cryptographic voting protocol designed for political elections in Switzerland. The document describes every relevant aspect and every necessary technical detail of the computations and communications performed by the participants during the protocol execution. To support the general understanding of the cryptographic protocol, the document accommodates the necessary mathematical and cryptographic background information. By providing this information to the maximal possible extent, it serves as an ultimate companion document for the developers in charge of implementing this system. It may also serve as a manual for developers trying to implement an independent election verification software. The decision of making this document public even enables implementations by third parties, for example by students trying to develop a clone of the system for scientific evaluations or to implement protocol extensions to achieve additional security properties. In any case, the target audience of this document are system designers, software developers, and cryptographic experts

Voting over the Internet on an Insecure Platform

Voters using their insecure personal devices for casting votes cause a critical but still largely unsolved problem in Internet voting. This chapter addresses this problem by introducing a trusted voting device, which can be used in combination with various cryptographic voting protocols. It's an answer to one of the main assumptions, on which these protocols are based, namely that voters can reliably perform various cryptographic computations. We suggest that all critical cryptographic computations are performed on the voting device, but we restrict its user interface to the simple task of allowing voters to confirm their votes before casting the ballot. The ballots themselves are prepared beforehand on the voter's insecure platform using its rich user interface. To provide privacy even in the presence of strong malware, the voting device receives its information from the voter's insecure platform in form of matrix barcodes. The unidirectionality of such an optical communication channel disallows the insecure platform to learn the voter's actual choice. To verify the correct functioning of the voting device, it can be challenged with test ballots that are indistinguishable from real ones.</jats:p

Why public registration boards are required in E-voting systems based on threshold blind signature protocols

In this paper, we demonstrate that e-voting protocols based on threshold blind signatures from multiple authorities allow a coalition of eligible voters to cast more than votes. This property presents a serious violation of the principles of democracy in the voting process. We analyze the applicability of this violation and provide a generic solution using a public registration board and modified threshold signature schemes

Verifizierbare Internet-Wahlen an Schweizer Hochschulen mit UniVote

Dieser Bericht dokumentiert den erstmaligen Einsatz des Internet-Wahlsystems UniVote anlässlich der Wahl des Studierendenrats an drei Schweizer Hochschulen im Frühling 2013. Mittels kryptographischer Methoden garantiert UniVote eine anonyme und geheime Stimmabgabe und ermöglicht gleichzeitig die Verifizierung des Wahlresultats durch Dritte mittels unabhängiger Software. Dazu werden sämtliche Wahldaten veröffentlicht