ABSTRACT
We propose a new voting scheme, BeleniosRF, that offers both receipt-freeness and end-to-end verifiability. It is receipt-free in a strong sense, meaning that even dishonest voters cannot prove how they voted. We provide a game-based definition of receipt-freeness for voting protocols with non-interactive ballot casting, which we name strong receipt-freeness (sRF). To our knowledge, sRF is the first game-based definition of receipt-freeness in the literature, and it has the merit of being particularly concise and simple. Built upon the Helios protocol, BeleniosRF inherits its simplicity and does not require any anti-coercion strategy from the voters. We implement BeleniosRF and show its feasibility on a number of platforms, including desktop computers and smartphones.
- International Association for Cryptologic Research, elections. Page at http://www.iacr.org/elections/.Google Scholar
- BeleniosRF --Voting Client Core. https://gist.github.com/pyrros/4fddd7d49ae7c9c935f5d6a9a27d14c3, 2016.Google Scholar
- B. Adida. Helios: Web-based Open-Audit Voting. In USENIX 2008, 2008. http://heliosvoting.org. Google ScholarDigital Library
- B. Adida, O. de Marneffe, O. Pereira, and J.-J. Quisquater. Electing a university president using open-audit voting: Analysis of real-world use of Helios. In EVT/WOTE 2009, 2009. Google ScholarDigital Library
- J. P. Allepuz and S. G. Castelló. Internet voting system with cast as intended verification. In VoteID 2011. Springer, 2011. Google ScholarDigital Library
- M. Bellare, A. Boldyreva, and S. Micali. Public-key encryption in a multi-user setting: Security proofs and improvements. In EUROCRYPT 2000. Springer, 2000. Google ScholarDigital Library
- J. Benaloh. Ballot casting assurance via voter-initiated poll station auditing. In EVT/WOTE 2007, 2007. Google ScholarDigital Library
- J. C. Benaloh and D. Tuinstra. Receipt-free secret-ballot elections (extended abstract). In ACM STOC 94. ACM Press, 1994. Google ScholarDigital Library
- D. Bernhard, V. Cortier, D. Galindo, O. Pereira, and B. Warinschi. A comprehensive analysis of game-based ballot privacy definitions. In IEEE Security and Privacy 2015. IEEE Computer Society, 2015. Google ScholarDigital Library
- J.-L. Beuchat, J. E. González-Díaz, S. Mitsunari, E. Okamoto, F. Rodríguez-Henríquez, and T. Teruya. High-speed software implementation of the optimal ate pairing over barreto--naehrig curves. In Pairing-Based Cryptography 2010. Springer, 2010. Google ScholarDigital Library
- O. Blazy, G. Fuchsbauer, M. Izabachene, A. Jambert, H. Sibert, and D. Vergnaud. Batch groth--sahai. In ACNS 2010. Springer, 2010. Google ScholarDigital Library
- O. Blazy, G. Fuchsbauer, D. Pointcheval, and D. Vergnaud. Signatures on randomizable ciphertexts. In PKC 2011. Springer, 2011. Google ScholarDigital Library
- D. Boneh, B. Lynn, and H. Shacham. Short signatures from the Weil pairing. Journal of Cryptology, 17(4), 2004. Google ScholarDigital Library
- K. Braunlich and R. Grimm. Formalization of receipt-freeness in the context of electronic voting. In Availability, Reliability and Security 2011. IEEE Computer Society, 2011. Google ScholarDigital Library
- R. Canetti and R. Gennaro. Incoercible multiparty computation (extended abstract). In FOCS '96. IEEE Computer Society, 1996. Google ScholarDigital Library
- R. Canetti, H. Krawczyk, and J. B. Nielsen. Relaxing chosen-ciphertext security. In CRYPTO 2003. Springer, 2003.Google ScholarCross Ref
- CertiVox. A Cryptographic Library for the Internet of Things. https://github.com/CertiVox/MiotCL, 2015.Google Scholar
- D. Chaum, A. Essex, R. Carback, J. Clark, S. Popoveniuc, A. Sherman, and P. Vora. Scantegrity: end-to-end voter-verifiable optical-scan voting. IEEE Security and Privacy, 6(3), 2008. Google ScholarDigital Library
- B. Chevallier-Mames, P. Fouque, D. Pointcheval, J. Stern, and J. Traoré. On some incompatible properties of voting schemes. In EVT/WOTE, 2010. Google ScholarDigital Library
- S. S. M. Chow, J. K. Liu, and D. S. Wong. Robust receipt-free election system with ballot secrecy and verifiability. In Network and Distributed System Security Symposium 2008. The Internet Society, 2008.Google Scholar
- M. R. Clarkson, S. Chong, and A. C. Myers. Civitas: Toward a secure voting system. In IEEE Security and Privacy 2008. IEEE Computer Society, 2008. Google ScholarDigital Library
- V. Cortier, D. Galindo, S. Glondu, and M. Izabachène. Election verifiability for Helios under weaker trust assumptions. In ESORICS 2014. Springer, 2014.Google ScholarDigital Library
- V. Cortier and B. Smyth. Attacking and fixing Helios: An analysis of ballot secrecy. In CSF 2011. IEEE, 2011. Google ScholarDigital Library
- V. Cortier and B. Smyth. Attacking and fixing Helios: An analysis of ballot secrecy. Journal of Computer Security, 21(1), 2013. Google ScholarDigital Library
- R. Cramer, R. Gennaro, and B. Schoenmakers. A secure and optimally efficient multi-authority election scheme. In EUROCRYPT'97. Springer, 1997. Google ScholarDigital Library
- S. Delaune, S. Kremer, and M. Ryan. Coercion-resistance and receipt-freeness in electronic voting. In CSFW 2006. IEEE Computer Society, 2006. Google ScholarDigital Library
- G. Fuchsbauer and D. Pointcheval. Proofs on encrypted values in bilinear groups and an application to anonymity of signatures. In Pairing-Based Cryptography--Pairing 2009. Springer, 2009. Google ScholarDigital Library
- R. W. Gardner, S. Garera, and A. D. Rubin. Coercion resistant end-to-end voting. In FC 2009. Springer, 2009. Google ScholarDigital Library
- K. Gjøsteen. The Norwegian internet voting protocol. IACR Cryptology ePrint Archive, 2013, 2013.Google Scholar
- S. Glondu, V. Cortier, and P. Gaudry. Belenios -- Verifiable online voting system. http://belenios.gforge.inria.fr, 2015.Google Scholar
- A. González, A. Hevia, and C. Ràfols. Qa-nizk arguments in asymmetric groups: new tools and new constructions. In ASIACRYPT 2015. Springer, 2015.Google ScholarDigital Library
- J. Groth and A. Sahai. Efficient non-interactive proof systems for bilinear groups. In EUROCRYPT 2008. Springer, 2008. Google ScholarDigital Library
- J. Heather and S. Schneider. A formal framework for modelling coercion resistance and receipt freeness. In Formal Methods 2012. Springer, 2012.Google Scholar
- M. Hirt. Receipt-free phK-out-of-phL voting based on ElGamal encryption. In EVT/WOTE 2010. Springer, 2010. Google ScholarDigital Library
- M. Hirt and K. Sako. Efficient receipt-free voting based on homomorphic encryption. In EUROCRYPT 2000. Springer, 2000. Google ScholarDigital Library
- H. L. Jonker and E. P. de Vink. Formalising receipt-freeness. In Information Security 2006. Springer, 2006. Google ScholarDigital Library
- A. Juels, D. Catalano, and M. Jakobsson. Coercion-resistant electronic elections. In Workshop on Privacy in the Electronic Society 2005. ACM, 2005. Google ScholarDigital Library
- A. Kiayias, T. Zacharias, and B. Zhang. End-to-end verifiable elections in the standard model. In EUROCRYPT 2015. Springer, 2015.Google ScholarCross Ref
- O. Kulyk, V. Teague, and M. Volkamer. Extending Helios towards private eligibility verifiability. In E-Voting and Identity 2015. Springer, 2015. Google ScholarDigital Library
- R. Küsters and T. Truderung. An epistemic approach to coercion-resistance for electronic voting protocols. In S&P 2009. IEEE Computer Society, 2009.Google ScholarDigital Library
- E. Magkos, M. Burmester, and V. Chrissikopoulos. Receipt-freeness in large-scale elections without untappable channels. In E-Commerce, E-Business, E-Government 2001. Kluwer, 2001. Google ScholarDigital Library
- T. Moran and M. Naor. Receipt-free universally-verifiable voting with everlasting privacy. In CRYPTO 2006. Springer, 2006. Google ScholarDigital Library
- T. Okamoto. Receipt-free electronic voting schemes for large scale elections. In Security Protocols 97. Springer, 1997. Google ScholarDigital Library
- P. Ryan, D. Bismark, J. Heather, S. Schneider, and Z. Xia. The Prêt à Voter verifiable election system. IEEE Transactions on Information Forensics and Security, 4, 2009. Google ScholarDigital Library
- P. Y. A. Ryan, P. B. Roenne, and V. Iovino. Selene: Voting with transparent verifiability and coercion-mitigation. Cryptology ePrint Archive, Report 2015/1105, 2015. http://eprint.iacr.org/.Google Scholar
- D. Springall, T. Finkenauer, Z. Durumeric, J. Kitcat, H. Hursti, M. MacAlpine, and J. A. Halderman. Security analysis of the estonian internet voting system. In ACM CCS 2014. ACM Press, 2014. Google ScholarDigital Library
- B. R. Waters. Efficient identity-based encryption without random oracles. In EUROCRYPT 2005. Springer, 2005. Google ScholarDigital Library
Index Terms
- BeleniosRF: A Non-interactive Receipt-Free Electronic Voting Scheme
Recommendations
Bare-handed electronic voting with pre-processing
EVT'07: Proceedings of the USENIX Workshop on Accurate Electronic Voting TechnologyMany electronic voting schemes assume the user votes with some computing device. This raises the question whether a voter can trust the device he is using. Three years ago, Chaum, and independently Neff, proposed what we call bare-handed electronic ...
A New Coercion-Resistant and Receipt-Free Electronic Voting System with Verifiability and Secrecy
ICEE '12: Proceedings of the 2012 3rd International Conference on E-Business and E-Government - Volume 02The coexistence of verifiability and voting receipts in an electronic voting system is a contradictory issue. Because the electronic vote is in a virtual form, voters rely on voting receipts to verify the integrity of the votes. However, the voting ...
A Receipt-Free Punch-Hole Ballot Electronic Voting Scheme
SITIS '07: Proceedings of the 2007 Third International IEEE Conference on Signal-Image Technologies and Internet-Based SystemThe punch-hole ballot electronic voting protocol is a special version of the e-voting paradigms based on homomorphic encryption. Assume that there are L candidates and a voter can select K distinct candidates, the punch-hole ballot is represented as a ...
Comments