Distributed, end-to-end verifiable, and privacy-preserving internet voting systems

We present the D-DEMOS suite of distributed, privacy-preserving, and end-to-end verifiable e-voting systems; one completely asynchronous and one with minimal timing assumptions but better performance. Their distributed voting operation is human verifiable; a voter can vote over the web, using an unsafe web client stack, without sacrificing her privacy, and get recorded-as-cast assurance. Additionally, a voter can outsource election auditing to third parties, still without sacrificing privacy. We provide a model and security analysis of the systems, implement prototypes of the complete systems, measure their performance experimentally, demonstrate their ability to handle large-scale elections, and demonstrate the performance trade-offs between the two versions

D-DEMOS: A Distributed, End-to-End Verifiable, Internet Voting System

E-voting systems have emerged as a powerful technology for improving democracy by reducing election cost, increasing voter participation, and even allowing voters to directly verify the entire election procedure. Prior internet voting systems have single points of failure, which may result in the compromise of availability, voter secrecy, or integrity of the election results. In this paper, we present the design, implementation, security analysis, and evaluation of D-DEMOS, a complete e-voting system that is distributed, privacy-preserving and end-to-end verifiable. Our system includes a fully asynchronous vote collection subsystem that provides immediate assurance to the voter her vote was recorded as cast, without requiring cryptographic operations on behalf of the voter. We also include a distributed, replicated and fault-tolerant Bulletin Board component, that stores all necessary election-related information, and allows any party to read and verify the complete election process. Finally, we also incorporate trustees, i.e., individuals who control election result production while guaranteeing privacy and end-to-end-verifiability as long as their strong majority is honest. Our system is the first e-voting system whose voting operation is human verifiable, i.e., a voter can vote over the web, even when her web client stack is potentially unsafe, without sacrificing her privacy, and still be assured her vote was recorded as cast. Additionally, a voter can outsource election auditing to third parties, still without sacrificing privacy. Finally, as the number of auditors increases, the probability of election fraud going undetected is diminished exponentially. We provide a model and security analysis of the system. We implement a prototype of the complete system, we measure its performance experimentally, and we demonstrate its ability to handle large-scale elections.Comment: 17 pages, 5 figure

Implementing a Smart Contract PKI

Public key infrastructures (PKIs) provide the foundations for securing Internet communications. Currently, PKIs are operated by centralized authorities, which have been involved in numerous security incidents. Blockchain or smart contract PKIs employ their distributed, fault-tolerant log of transactions to store either all identity records, or, constant-sized data to verify identity records stored off-chain. However, as most of these systems have never been implemented, there is little information regarding their practical implications. In this article, we implement, evaluate, and provide a complete security proof for the smart contract-based PKI of (Patsonakis et al.) on Ethereum. This construction incurs constant-sized storage at the expense of computational complexity. To explore this tradeoff, we propose and implement a second construction which, eliminates the need for trusted setup, preserves its security properties and show that it is the only version with constant-sized state that can be deployed on Ethereum's live chain. We compare these constructions with the simple approach of storing all identity records on the smart contract's state, to illustrate several shortcomings of Ethereum and its cost model. We propose several modifications for fine tuning the model, which should be considered for any smart contract platform like Ethereum so that it may support arbitrary distributed applications. © 1988-2012 IEEE

On achieving interactive consistency in real-world distributed systems

Interactive consistency is the problem in which n distinct nodes, each having its own private value, where up to t may be Byzantine, run an algorithm that allows all non-faulty nodes to infer the values of each other node. This problem is relevant to critical applications that rely on the combination of the opinions of multiple peers to provide a service. Examples include monitoring a content source to prevent equivocation or to track variability in the content provided, and resolving divergent state amongst the nodes of a distributed system. Previous works assume a fully synchronous system, where one can make strong assumptions such as negligible message delivery delays and/or detection of absent messages. However, practical, real-world systems are mostly asynchronous, i.e., they exhibit only some periods of synchrony during which message delivery is timely, thus requiring a different approach. In this paper, we present a thorough study of practical interactive consistency. We leverage the vast prior work on broadcast and Byzantine consensus algorithms to design, implement and evaluate a set of randomized algorithms, with only a single synchronization barrier and varying message complexities, that can be used to achieve interactive consistency in real-world distributed systems. We present formal proofs of correctness and message complexity of our proposed algorithms. We provide a complete, open-source implementation of each proposed interactive consistency algorithm by building a multi-layered software stack of algorithms that includes several broadcast algorithms, as well as a binary and a multi-valued consensus algorithm. Most of these algorithms have never been implemented and evaluated in a real system before. Finally, we analyze the performance of our suite of algorithms experimentally by testing both single instance and multiple parallel instances of each alternative and present a case study of achieving interactive consistency in a real-world distributed e-voting system. © 2020 Elsevier Inc

Distributed, end-to-end verifiable, and privacy-preserving internet voting systems

We present the D-DEMOS suite of distributed, privacy-preserving, and end-to-end verifiable e-voting systems; one completely asynchronous and one with minimal timing assumptions but better performance. Their distributed voting operation is human verifiable; a voter can vote over the web, using an unsafe web client stack, without sacrificing her privacy, and get recorded-as-cast assurance. Additionally, a voter can outsource election auditing to third parties, still without sacrificing privacy. We provide a model and security analysis of the systems, implement prototypes of the complete systems, measure their performance experimentally, demonstrate their ability to handle large-scale elections, and demonstrate the performance trade-offs between the two versions. © 201