Practical End-to-End Verifiable Voting via Split-Value Representations and Randomized Partial Checking

We describe how to use Rabin's "split-value" representations, originally developed for use in secure auctions, to efficiently implement end-to-end verifiable voting. We propose a simple and very elegant combination of split-value representations with "randomized partial checking" (due to Jakobsson et al. [16])

The subgraph homeomorphism problem

AbstractWe investigate the problem of finding a homeomorphic image of a “pattern” graph H in a larger input graph G. We view this problem as finding specified sets of edge disjoint or node disjoint paths in G. Our main result is a linear time algorithm to determine if there exists a simple cycle containing three given nodes in G (here H is a triangle). No polynomial time algorithm for this problem was previously known. We also discuss a variety of reductions between related versions of this problem and a number of open problems

Practical Provably Correct Voter Privacy Protecting End-to-End Voting Employing Multiparty Computations and Split Value Representations of Votes

Continuing the work of Rabin and Rivest we present another simple and fast method for conducting end to end voting and allowing public verification of correctness of the announced vote tallying results. This method was referred to in as the SV/VCP method. In the present note voter privacy protection is achieved by use of a simple form of Multi Party Computations (MPC). At the end of vote tallying process, random permutations of the cast votes are publicly posted in the clear, without identification of voters or ballot ids. Thus vote counting and assurance of correct form of cast votes are directly available. Also, a proof of the claim that the revealed votes are a permutation of the concealed cast votes is publicly posted and verifiable by any interested party. Advantages of this method are: Easy understandability by non-­‐cryptographers, implementers and ease of use by voters and election officials. Direct handling of complicated ballot forms. Independence from any specialized primitives. Speed of vote-­‐tallying and correctness proving: elections involving a million voters can be tallied and proof of correctness of results posted within a few minutes

A Modular Voting Architecture ("Frogs")

We present a “modular voting architecture” in which “vote generation” is performed separately from “vote casting.

BlindSignedID: Mitigating Denial-of-Service Attacks on Digital Contact Tracing

Due to the recent outbreak of COVID-19, many governments suspended outdoor activities and imposed social distancing policies to prevent the transmission of SARS-CoV-2. These measures have had severe impact on the economy and peoples' daily lives. An alternative to widespread lockdowns is effective contact tracing during an outbreak's early stage. However, mathematical models suggest that epidemic control for SARS-CoV-2 transmission with manual contact tracing is implausible. To reduce the effort of contact tracing, many digital contact tracing projects (e.g., PEPP-PT, DP-3T, TCN, BlueTrace, Google/Apple Exposure Notification, and East/West Coast PACT) are being developed to supplement manual contact tracing. However, digital contact tracing has drawn scrutiny from privacy advocates, since governments or other parties may attempt to use contact tracing protocols for mass surveillance. As a result, many digital contact tracing projects build privacy-preserving mechanisms to limit the amount of privacy-sensitive information leaked by the protocol. In this paper, we examine how these architectures resist certain classes of attacks, specifically DoS attacks, and present BlindSignedIDs, a privacy-preserving digital contact tracing mechanism, which are verifiable ephemeral identifiers to limit the effectiveness of MAC-compliant DoS attacks. In our evaluations, we showed BlindSignedID can effectively deny bogus EphIDs, mitigating DoS attacks on the local storage beyond 90% of stored EphIDs. Our example DoS attacks showed that using 4 attackers can cause the gigabyte level DoS attacks within normal working hours and days.Comment: 10 pages, 6 figure

On Estimating the Size and Confidence of a Statistical Audit

We consider the problem of statistical sampling for auditing elections, and we develop a remarkably simple and easily-calculated upper bound for the sample size necessary for determining with probability at least c whether a given set of n objects contains b or more “bad” objects. While the size of the optimal sample drawn without replacement can be determined with a computer program, our goal is to derive a highly accurate and simple formula that can be used by election officials equipped with only a simple calculator