6,721 research outputs found
Implementing broadcast channels with memory for electronic voting systems
To provide universal verifiability, cryptographic voting protocols often require a broadcast channel to spread the election data to the public. The basic requirements on such a broadcast channel are similar for most protocols, for example that the channel maintains a memory of all broadcast messages and that nothing can be deleted from the channel’s memory. In this paper, we provide a formal definition for such broadcast channels with memory and describe their properties. We also analyze the significance of a broadcast channel with memory in cryptographic voting protocols and propose that such a channel is provided in form of a service that we call bulletin board. Based on this service, we analyze some real-world problems that cryptographic voting protocols might have and provide possible solutions. For this we define a generic interface for the main board functionalities, which offers a flexible way of extending the basic properties of a bulletin board to comply with all sorts of additional requirements
Blockchain, consensus, and cryptography in electronic voting
Motivated by the recent trends to conduct electronic elections using blockchain technologies, we review the vast literature on cryptographic voting and assess the status of the field. We analyze the security requirements for voting systems and describe the major ideas behind the most influential cryptographic protocols for electronic voting. We focus on the great importance of consensus in the elimination of trusted third parties. Finally, we examine whether recent blockchain innovations can satisfy the strict requirements set for the security of electronic voting
Internet Voting Protocols: An Analysis of the Cryptographic Operations per Phase
Internet voting is a good option for Colombia thanks to the expansion of mobile technology throughout the country and the interest of the government to implement the e-voting. For this reason, we study the e-voting protocols to establish if any of them is suitable for Colombian elections. However some of them imply a great number of cryptographic operations and therefore a great computational cost for the devices, which sometimes exceed their capacity. In this paper, we determine the number of cryptographic operations per phase of four e-voting protocols: one based on blind signatures (Li, Hwang and Lai protocol), one based on mix nets (Meng protocol), one based on homomorphic encryption (EVIV protocol) and one used in real electoral processes (I-Voting for Estonian Elections). Then, we analyze the changes in the number of operations when the number of voters, number of votes, number of authorities and number of candidates increase for small, medium and large elections. Finally, we establish the protocol that imply a less number of cryptographic operations and is suitable for big electoral processes, such as congress elections in Colombia
Automated Cryptographic Analysis of the Pedersen Commitment Scheme
Aiming for strong security assurance, recently there has been an increasing
interest in formal verification of cryptographic constructions. This paper
presents a mechanised formal verification of the popular Pedersen commitment
protocol, proving its security properties of correctness, perfect hiding, and
computational binding. To formally verify the protocol, we extended the theory
of EasyCrypt, a framework which allows for reasoning in the computational
model, to support the discrete logarithm and an abstraction of commitment
protocols. Commitments are building blocks of many cryptographic constructions,
for example, verifiable secret sharing, zero-knowledge proofs, and e-voting.
Our work paves the way for the verification of those more complex
constructions.Comment: 12 pages, conference MMM-ACNS 201
Proving Coercion-Resistance of Scantegrity II
By now, many voting protocols have been proposed that, among others, are designed to achieve coercion-resistance, i.e., resistance to vote buying and voter coercion. Scantegrity II is among the most prominent and successful such protocols in that it has been used in several elections. However, almost none of the modern voting protocols used in practice, including Scantegrity II, has undergone a rigorous cryptographic analysis.
In this paper, we prove that Scantegrity II enjoys an optimal level of coercion-resistance, i.e., the same level of coercion-resistance as an ideal voting protocol (which merely reveals the outcome of the election), except for so-called forced abstention attacks. This result is obtained under the (necessary) assumption that the workstation used in the protocol is honest.
Our analysis is based on a rigorous cryptographic definition of coercion-resistance we recently proposed. We argue that this definition is in fact the only existing cryptographic definition of coercion-resistance suitable for analyzing Scantegrity II. Our case study should encourage and facilitate rigorous cryptographic analysis of coercion-resistance also for other voting protocols used in practice
Verifying privacy by little interaction and no process equivalence
While machine-assisted verification of classical security goals such as confidentiality and authentication is
well-established, it is less mature for recent ones. Electronic voting protocols claim properties such as voter
privacy. The most common modelling involves indistinguishability, and is specified via trace equivalence in cryptographic extensions of process calculi. However, it has shown restrictions. We describe a novel model, based on unlinkability between two pieces of information. Specifying it as an extension to the Inductive Method allows us to establish voter privacy without the need for approximation or session bounding. The two
models and their latest specifications are contrasted
Return Codes from Lattice Assumptions
We present an approach for creating return codes for latticebased
electronic voting. For a voting system with four control components
and two rounds of communication our scheme results in a total
of 2.3MB of communication per voter, taking less than 1 s of computation.
Together with the shuffle and the decryption protocols by Aranha et
al. [1,2], the return codes presented can be used to build a post-quantum
secure cryptographic voting scheme
Public Evidence from Secret Ballots
Elections seem simple---aren't they just counting? But they have a unique,
challenging combination of security and privacy requirements. The stakes are
high; the context is adversarial; the electorate needs to be convinced that the
results are correct; and the secrecy of the ballot must be ensured. And they
have practical constraints: time is of the essence, and voting systems need to
be affordable and maintainable, and usable by voters, election officials, and
pollworkers. It is thus not surprising that voting is a rich research area
spanning theory, applied cryptography, practical systems analysis, usable
security, and statistics. Election integrity involves two key concepts:
convincing evidence that outcomes are correct and privacy, which amounts to
convincing assurance that there is no evidence about how any given person
voted. These are obviously in tension. We examine how current systems walk this
tightrope.Comment: To appear in E-Vote-Id '1
- …