Blockchain, consensus, and cryptography in electronic voting

Motivated by the recent trends to conduct electronic elections using blockchain technologies, we review the vast literature on cryptographic voting and assess the status of the field. We analyze the security requirements for voting systems and describe the major ideas behind the most influential cryptographic protocols for electronic voting. We focus on the great importance of consensus in the elimination of trusted third parties. Finally, we examine whether recent blockchain innovations can satisfy the strict requirements set for the security of electronic voting

Distributed and Constrained H2 \mathcal{H}_2 Control Design via System Level Synthesis and Dual Consensus ADMM

Design of optimal distributed linear feedback controllers to achieve a desired aggregate behavior, while simultaneously satisfying state and input constraints, is a challenging but important problem in many applications, including future power systems with weather-dependent renewable generation. System level synthesis is a recent technique which has been used to reparametrize the optimal control problem as a convex program. However, prior work is restricted to a centralized control design, which lacks robustness to communication failures and disturbances, has high computational cost and does not preserve data privacy of local controllers. The main contribution of this work is to develop a distributed solution to the previous optimal control problem, while incorporating agent-specific and globally coupled constraints in a non-conservative manner. To achieve this, it is first shown that the dual of this problem is a distributed consensus problem. Then, an algorithm is developed based on the alternating direction method of multipliers to solve the dual while recovering a primal solution, and a convergence certificate is provided. Finally, the method's performance is demonstrated on a test case of control design for distributed energy resources that collectively provide stability services to the power grid

Conditional Blind Signatures

We propose a novel cryptographic primitive called conditional blind signatures. Our primitive allows a user to request blind signatures on messages of her choice. The signer has a secret Boolean input which determines if the supplied signature is valid or not. The user should not be able to distinguish between valid and invalid signatures. A designated verifier, however, can tell which signatures verify correctly, and is in fact the only entity who can learn the secret input associated with the (unblinded) signed message. We instantiate our primitive as an extension of the Okamoto-Schnorr blind signature scheme and provide variations to fit different usage scenarios. Finally, we analyze and prove the security properties of the new scheme and explore potential application

Security models for everlasting privacy

We propose security models for everlasting privacy, a property that protects the content of the votes cast in electronic elections against future and powerful adversaries. Initially everlasting privacy was treated synonymously with information theoretic privacy and did not take advantage of the information available to the adversary and his behavior during or after the election. More recent works provided variations of the concept, limiting the view of the future adversary to publicly available data. We consider an adversary that potentially has insider access to private election data as well. We formally express our adversarial model in game based definitions build on top of a generic voting scheme. This allows us to define a stronger version of everlasting privacy and contrast the two main proposals to achieve it, namely perfectly hiding commitment schemes and anonymous channels

Designated-Verifier Linkable Ring Signatures

We introduce Designated-Verifier Linkable Ring Signatures (DVLRS), a novel cryptographic primitive which combines designated-verifier and linkable ring signatures. Our goal is to guarantee signer ambiguity and provide the capability to the designated verifier to add ‘noise’ using simulated signatures that are publicly verifiable. This increases the privacy of the participants, as it does not allow an adversary to bypass the anonymity provided by ring signatures by using the content of a message to identify the signer. We model unforgeability, anonymity, linkability and non-transferability for DVLRS and provide a secure construction in the Random Oracle model. Finally, we explore some first applications for our primitive, which revolve around the use case of an anonymous assessment system that also protects the subject of the evaluation, even if the private key is compromised

Designated-Verifier Linkable Ring Signatures with unconditional anonymity

We propose Designated-Verifier Linkable Ring Signatures with unconditional anonymity, a cryptographic primitive that protects the privacy of signers in two ways: Firstly, it allows them to hide inside a ring (i.e. an anonymity set) they can create by collecting a set of public keys all of which must be used for verification. Secondly, it allows a designated entity to simulate signatures thus making it difficult for an adversary to deduce their identity from the content of the exchanged messages. Our scheme differs from similar proposals since the anonymity guarantees are unconditional

A Distributed Hypergradient Algorithm for Intervention in Games

Hierarchical optimization problems, such as bilevel programs and Stackelberg games, are attracting increasing interest in both engineering and machine learning communities. Yet, existing solution methods lack either convergence guarantees or computational efficiency, due to the absence of smoothness and convexity in bilevel problems. We address this gap in the literature by designing a double-loop first-order method for single-leader multi-follower bilevel games and mathematically establishing its convergence using novel tools from nonsmooth analysis. To obtain the hypergradient, i.e., the gradient of the upper-level objective, we develop a scheme that simultaneously computes the lower-level solution and its Jacobian, i.e., the sensitivity. Crucially, our scheme is amenable to a distributed implementation that renders it scalable and privacypreserving. We numerically verify the computational efficiency of our algorithm on a large-scale Stackelberg-based demand response model, and show that it significantly outperforms a popular solution approach in the literature

Ιδιωτικοστρεφή κρυπτογραφικά σχήματα και πρωτόκολλα για ηλεκτρονικές ψηφοφορίες

We propose a new cryptographic primitive, Publicly Auditable Conditional Blind Signatures (PACBS), which connects the verification of a digital signature to publicly available data. During signing, a predicate on these data is embedded into the signature, so that the latter is valid if and only if the former is true. Verification is performed by a designated verifier, in a strong manner, with the use of a private verification key. The privacy of the user requesting the signature is protected information-theoretically, because the message to be signed is blinded. Additionally, to avoid attacks from a malicious signer or verifier that disregards the predicate, all their operations are accompanied with evidence in the form of non-interactive zero-knowledge proofs of knowledge that force them to follow the protocol. We define a security model to capture the guarantees of our primitive and provide an instantiation. We utilize PACBS in a remote electronic voting protocol. The conditional nature of PACBS enables us to build credentials that allow our protocol to provide coercion resistance in there-voting with anonymous credentials paradigm of Juels, Catalano and Jakobsson. When coerced, a voter uses a fake credential to accompany the vote, while when the coercer is not watching, she can cast her real vote which is accompanied by the valid credential. Only the latter will be counted. All interactions are indistinguishable to the coercer, who cannot tell if his attack succeeded. The evidence generated by PACBS accompanied with standard evidence used in e-voting schemes allows each voter to individually verify that their votes were correctly cast and tallied. Vote counting is also universally verifiable by any interested party. Our overall architecture also provides strong privacy guarantees, since, contrary to the conventional e-voting paradigm, we do not assume that the talliers are trusted for privacy. This allows us, to extend our reasoning about privacy against a computationally unbounded attacker. We generalize our findings to express security models for everlasting privacy that also consider the data available to the adversary.Προτείνουμε τις Δημόσια Ελέγξιμες Υπο-Συνθήκη Τυφλές Υπογραφές (ΔΕΥΤΥ), ένα νέο κρυπτογραφικό σχήμα, που συνδέει την επαλήθευση μιας ψηφιακής υπογραφής με δημόσια διαθέσιμα δεδομένα. Κατά τη διάρκεια της υπογραφής, ένα κατηγόρημα που σχετίζεται με αυτά τα δεδομένα ενσωματώνεται στην υπογραφή, έτσι ώστε η τελευταία να ισχύει εάν και μόνο εάν το κατηγόρημα αποτιμάται ως αληθές. Η επαλήθευση πραγματοποιείται από έναν προκαθορισμένο επαληθευτή, με ισχυρό τρόπο, με τη χρήση ενός ιδιωτικού κλειδιού επαλήθευσης. Το απόρρητο του χρήστη που ζητά την υπογραφή προστατεύεται πληροφοριοθεωρητικά, τυφλώνοντας το προς-υπογραφή μήνυμα. Επιπλέον, για να αποφευχθούν επιθέσεις από κάποιον κακόβουλο υπογράφοντα ή επαληθευτή που αγνοούν το κατηγόρημα, η δημιουργία και ο έλεγχος των υπογραφών μας συνοδεύονται από στοιχεία με τη μορφή μη-διαδραστικών αποδείξεων μηδενικής γνώσης που αναγκάζουν συμμόρφωση προς το πρωτόκολλο. Ορίζουμε ένα μοντέλο ασφαλείας για να αποτυπώσουμε τις εγγυήσεις των υπογραφών μας και παρέχουμε μια υλοποίηση. Χρησιμοποιούμε τις ΔΕΥΤΥ σε ένα πρωτόκολλο απομακρυσμένης ηλεκτρονικής ψηφοφορίας. Η υπο-συνθήκη επαλήθευση μας βοηθά να δημιουργήσουμε ανώνυμα διαπιστευτήρια που επιτρέπουν στο σύστημά μας να αντιμετωπίζει επιθέσεις εξαναγκασμού στο υπόδειγμα πολλαπλών ψήφων ανά ψηφοφόρο σε συνδυασμό με ανώνυμα κανάλια και μια στιγμή ιδιωτικότητας. Κατά τον εξαναγκασμό, μία ψηφοφόρος χρησιμοποιεί ψεύτικο διαπιστευτήριο για να συνοδεύσει την επιλογή της, ενώ όταν ο εξαναγκαστής δεν παρακολουθεί, μπορεί να εισάγει την πραγματική ψήφο της που συνοδεύεται από έγκυρο διαπιστευτήριο. Φυσικά, μόνο η ψήφος με το έγκυρο διαπιστευτήριο θα μετρηθεί. Όλες οι αλληλεπιδράσεις είναι μη διακρίσιμες από τον εξαναγκαστή, ο οποίος δεν μπορεί να πει ποια ψήφος μέτρησε. Τα αποδεικτικά στοιχεία που δημιουργούνται από τις ΔΕΥΤΥ, μαζί με τα συνήθη αποδεικτικά στοιχεία που χρησιμοποιούνται σε συστήματα ηλεκτρονικής ψηφοφορίας, επιτρέπουν σε κάθε ψηφοφόρο να επαληθεύσει μεμονωμένα ότι η ψήφος καταχωρήθηκε σωστά και μετρήθηκε. Η καταμέτρηση των ψήφων, επιπλέον, είναι καθολικά επαληθεύσιμη, από οποιαδήποτε ενδιαφερόμενη οντότητα. Η συνολική αρχιτεκτονική του συστήματος μας, παρέχει επίσης ισχυρότερες εγγυήσεις για την προστασία της μυστικότητας της ψήφου, καθώς, σε αντίθεση με τη συνήθη πρακτική στις ηλεκτρονικές ψηφοφορίες, δεν υποθέτουμε ότι οι καταμετρητές τηρούν το απόρρητο της ψήφου. Αυτό μας επιτρέπει να επεκτείνουμε την μυστικότητα εναντίον ενός υπολογιστικά αδέσμευτου αντιπάλου. Γενικεύουμε τα ευρήματά μας για να εκφράσουμε μοντέλα ασφαλείας για αέναη προστασία μυστικότητας, που λαμβάνουν επίσης υπόψιν τα διαθέσιμα δεδομένα που διαρρέονται από την υλοποίηση του πρωτοκόλλου

Ιδιωτικοστρεφή Κρυπτογραφικά Σχήματα και Πρωτόκολλα για Ηλεκτρονικές Ψηφοφορίες

We propose a new cryptographic primitive, Publicly Auditable Conditional Blind Signatures (PACBS), which connects the verification of a digital signature to publicly available data. During signing, a predicate on these data is embedded into the signature, so that the latter is valid if and only if the former is true. Verification is performed by a designated verifier, in a strong manner, with the use of a private verification key. The privacy of the user requesting the signature is protected information-theoretically, because the message to be signed is blinded. Additionally, to avoid attacks from a malicious signer or verifier that disregards the predicate, all their operations are accompanied with evidence in the form of non-interactive zero-knowledge proofs of knowledge that force them to follow the protocol. We define a security model to capture the guarantees of our primitive and provide an instantiation. We utilize PACBS in a remote electronic voting protocol. The conditional nature of PACBS enables us to build credentials that allow our protocol to provide coercion resistance in the re-voting with anonymous credentials paradigm of Juels, Catalano and Jakobsson. When coerced, a voter uses a fake credential to accompany the vote, while when the coercer is not watching, she can cast her real vote which is accompanied by the valid credential. Only the latter will be counted. All interactions are indistinguishable to the coercer, who cannot tell if his attack succeeded. The evidence generated by PACBS accompanied with standard evidence used in e-voting schemes allows each voter to individually verify that their votes were correctly cast and tallied. Vote counting is also universally verifiable by any interested party. Our overall architecture also provides strong privacy guarantees, since, contrary to the conventional e-voting paradigm, we do not assume that the talliers are trusted for privacy. This allows us, to extend our reasoning about privacy against a computationally unbounded attacker. We generalize our findings to express security models for everlasting privacy that also consider the data available to the adversary