Secure multi party computations for electronic voting

Στην παρούσα εργασία, μελετούμε το πρόβλημα της ηλεκτρονικής ψηφοφορίας. Θεωρούμε ότι είναι έκφανση μιας γενικής διαδικασίας αποφάσεων που μπορεί να υλοποιηθεί μέσω υπολογισμών πολλαπλών οντοτήτων, οι οποίοι πρέπει να ικανοποιούν πολλές και αντικρουόμενες απαιτήσεις ασφαλείας. Έτσι μελετούμε σχετικές προσεγγίσεις οι οποίες βασιζονται σε κρυπτογραφικές τεχνικές, όπως τα ομομορφικά κρυπτοσυστήματα, τα δίκτυα μίξης και οι τυφλές υπογραφές. Αναλύουμε πώς προσφέρουν ακεραιότητα και ιδιωτικότητα (μυστικότητα) στην διαδικασία και την σχέση τους με την αποδοτικότητα. Εξετάζουμε τα είδη λειτουργιών κοινωνικής επιλογής που μπορούν να υποστηρίξουν και παρέχουμε δύο υλοποιήσεις. Επιπλέον ασχολούμαστε με την αντιμετώπιση ισχυρότερων αντιπάλων μη παρέχοντας αποδείξεις ψήφου ή προσφέροντας δυνατότητες αντίστασης στον εξαναγκασμό. Με βάση την τελευταία έννοια προτείνουμε μια τροποποίηση σε ένα ευρέως χρησιμοποιούμενο πρωτόκολλο. Τέλος μελετούμε δύο γνωστές υλοποιήσεις συστημάτων ηλεκτρονικής ψηφοφοριας το Helios και το Pret a Voter .In this thesis, we study the problem of electronic voting as a general decision making process that can be implemented using multi party computations, fulfilling strict and often conflicting security requirements. To this end, we review relevant cryptographic techniques and their combinations to form voting protocols. More specifically, we analyze schemes based on homomorphic cryptosystems, mixnets with proofs of shuffles and blind signatures. We analyze how they achieve integrity and privacy in the voting process, while keeping efficiency. We examine the types of social choice functions that can be supported by each protocol. We provide two proof of concept implementations. Moreover, we review ways to thwart stronger adversaries by adding receipt freeness and coercion resistance to voting systems. We build on the latter concept to propose a modification to a well known protocol. Finally, we study two actual e-Voting implementations namely Helios and Pret a Voter

Platform-independent Secure Blockchain-Based Voting System

Cryptographic techniques are employed to ensure the security of voting systems in order to increase its wide adoption. However, in such electronic voting systems, the public bulletin board that is hosted by the third party for publishing and auditing the voting results should be trusted by all participants. Recently a number of blockchain-based solutions have been proposed to address this issue. However, these systems are impractical to use due to the limitations on the voter and candidate numbers supported, and their security framework, which highly depends on the underlying blockchain protocol and suffers from potential attacks (e.g., force-abstention attacks). To deal with two aforementioned issues, we propose a practical platform-independent secure and verifiable voting system that can be deployed on any blockchain that supports an execution of a smart contract. Verifiability is inherently provided by the underlying blockchain platform, whereas cryptographic techniques like Paillier encryption, proof-of-knowledge, and linkable ring signature are employed to provide a framework for system security and user-privacy that are independent from the security and privacy features of the blockchain platform. We analyse the correctness and coercion-resistance of our proposed voting system. We employ Hyperledger Fabric to deploy our voting system and analyse the performance of our deployed scheme numerically

Democracy Enhancing Technologies: Toward deployable and incoercible E2E elections

End-to-end verifiable election systems (E2E systems) provide a provably correct tally while maintaining the secrecy of each voter's ballot, even if the voter is complicit in demonstrating how they voted. Providing voter incoercibility is one of the main challenges of designing E2E systems, particularly in the case of internet voting. A second challenge is building deployable, human-voteable E2E systems that conform to election laws and conventions. This dissertation examines deployability, coercion-resistance, and their intersection in election systems. In the course of this study, we introduce three new election systems, (Scantegrity, Eperio, and Selections), report on two real-world elections using E2E systems (Punchscan and Scantegrity), and study incoercibility issues in one deployed system (Punchscan). In addition, we propose and study new practical primitives for random beacons, secret printing, and panic passwords. These are tools that can be used in an election to, respectively, generate publicly verifiable random numbers, distribute the printing of secrets between non-colluding printers, and to covertly signal duress during authentication. While developed to solve specific problems in deployable and incoercible E2E systems, these techniques may be of independent interest

From Information Theory Puzzles in Deletion Channels to Deniability in Quantum Cryptography

Research questions, originally rooted in quantum key exchange (QKE), have branched off into independent lines of inquiry ranging from information theory to fundamental physics. In a similar vein, the first part of this thesis is dedicated to information theory problems in deletion channels that arose in the context of QKE. From the output produced by a memoryless deletion channel with a uniformly random input of known length n, one obtains a posterior distribution on the channel input. The difference between the Shannon entropy of this distribution and that of the uniform prior measures the amount of information about the channel input which is conveyed by the output of length m. We first conjecture on the basis of experimental data that the entropy of the posterior is minimized by the constant strings 000..., 111... and maximized by the alternating strings 0101..., 1010.... Among other things, we derive analytic expressions for minimal entropy and propose alternative approaches for tackling the entropy extremization problem. We address a series of closely related combinatorial problems involving binary (sub/super)-sequences and prove the original minimal entropy conjecture for the special cases of single and double deletions using clustering techniques and a run-length encoding of strings. The entropy analysis culminates in a fundamental characterization of the extremal entropic cases in terms of the distribution of embeddings. We confirm the minimization conjecture in the asymptotic limit using results from hidden word statistics by showing how the analytic-combinatorial methods of Flajolet, Szpankowski and Vallée, relying on generating functions, can be applied to resolve the case of fixed output length and n → ∞. In the second part, we revisit the notion of deniability in QKE, a topic that remains largely unexplored. In a work by Donald Beaver it is argued that QKE protocols are not necessarily deniable due to an eavesdropping attack that limits key equivocation. We provide more insight into the nature of this attack and discuss how it extends to other prepare-and-measure QKE schemes such as QKE obtained from uncloneable encryption. We adopt the framework for quantum authenticated key exchange developed by Mosca et al. and extend it to introduce the notion of coercer-deniable QKE, formalized in terms of the indistinguishability of real and fake coercer views. We also elaborate on the differences between our model and the standard simulation-based definition of deniable key exchange in the classical setting. We establish a connection between the concept of covert communication and deniability by applying results from a work by Arrazola and Scarani on obtaining covert quantum communication and covert QKE to propose a simple construction for coercer-deniable QKE. We prove the deniability of this scheme via a reduction to the security of covert QKE. We relate deniability to fundamental concepts in quantum information theory and suggest a generic approach based on entanglement distillation for achieving information-theoretic deniability, followed by an analysis of other closely related results such as the relation between the impossibility of unconditionally secure quantum bit commitment and deniability. Finally, we present an efficient coercion-resistant and quantum-secure voting scheme, based on fully homomorphic encryption (FHE) and recent advances in various FHE primitives such as hashing, zero-knowledge proofs of correct decryption, verifiable shuffles and threshold FHE

Analysis, Improvement, and Simplification of Prêt à Voter with Paillier Encryption.

In this paper, we analyse information leakage in Ryan’s Prˆet `a Voter with Paillier encryption scheme (PAVPaillier). Our analysis shows that although PAV-Paillier seems to achieve a high level of voter privacy at first glance, it might still leak voter’s choice information in some circumstances. Some threats are trivial and have appeared in the literature, but others are more complicated because colluding adversaries may apply combined attacks. Several strategies have been suggested to mitigate these threats, but we have not resolved all the threats. We leave those unsolved threats as open questions. In order to describe our analysis in a logical manner, we will introduce an information leakage model to aid our analysis. We suggest that this model can be applied to analyse information leakage in other complex mixnet based e-voting schemes as well. Furthermore, we introduce a simplification of PAVPaillier. In our proposal, without degrading security properties such as voter privacy, verifiability and reliability, we no longer need to apply the homomorphic property to absorb the voter’s choice index into the onion, thus we step back to employ the ElGamal encryption. This results in a simpler and more straightforward threshold cryptosystem. Some other attractive properties of our proposal scheme are: unlike traditional Prˆet `a Voter schemes, the candidate list in our scheme can be in alphabetical order. Our scheme not only handles approval elections, but also it handles ranked elections (e.g. Single Transferable Voting). Furthermore, our scheme mitigates the randomisation attack

Analysis, Improvement, and Simplification of Prêt à Voter with Paillier Encryption.

In this paper, we analyse information leakage in Ryan’s Prˆet `a Voter with Paillier encryption scheme (PAVPaillier). Our analysis shows that although PAV-Paillier seems to achieve a high level of voter privacy at first glance, it might still leak voter’s choice information in some circumstances. Some threats are trivial and have appeared in the literature, but others are more complicated because colluding adversaries may apply combined attacks. Several strategies have been suggested to mitigate these threats, but we have not resolved all the threats. We leave those unsolved threats as open questions. In order to describe our analysis in a logical manner, we will introduce an information leakage model to aid our analysis. We suggest that this model can be applied to analyse information leakage in other complex mixnet based e-voting schemes as well. Furthermore, we introduce a simplification of PAVPaillier. In our proposal, without degrading security properties such as voter privacy, verifiability and reliability, we no longer need to apply the homomorphic property to absorb the voter’s choice index into the onion, thus we step back to employ the ElGamal encryption. This results in a simpler and more straightforward threshold cryptosystem. Some other attractive properties of our proposal scheme are: unlike traditional Prˆet `a Voter schemes, the candidate list in our scheme can be in alphabetical order. Our scheme not only handles approval elections, but also it handles ranked elections (e.g. Single Transferable Voting). Furthermore, our scheme mitigates the randomisation attack