Abstract
End-to-end auditable voting systems are expected to guarantee very interesting, and often sophisticated security properties, including correctness, privacy, fairness, receipt-freeness, ... However, for many well-known protocols, these properties have never been analyzed in a systematic way. In this paper, we investigate the use of techniques from the simulation-based security tradition for the analysis of these protocols, through a case-study on the ThreeBallot protocol.
Our analysis shows that the ThreeBallot protocol fails to emulate some natural voting functionality, reflecting the lack of election fairness guarantee from this protocol. Guided by the reasons that make our security proof fail, we propose a simple variant of the ThreeBallot protocol and show that this variant emulates our functionality.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Fisher, K., Carback, R., Sherman, A.T.: Punchscan: Introduction and System Definition of a High-Integrity Election System. In: Ryan, P. (ed.) IAVoSS Workshop On Trustworthy Elections (WOTE 2006) (2006)
Popoveniuc, S., Hosp, B.: An introduction to punchscan. In: Ryan, P. (ed.) IAVoSS Workshop On Trustworthy Elections (WOTE 2006) (2006)
Chaum, D., Ryan, P.Y.A., Schneider, S.A.: A practical, voter-verifiable election scheme. Technical Report CS-TR: 880, School of Computing Science, Newcastle University (2004)
Rivest, R.L., Smith, W.D.: ThreeVotingProtocols: ThreeBallot, VAV, and Twin. In: Electronic Voting Technology Workshop (EVT 2007) (2007)
Benaloh, J., Tuinstra, D.: Receipt-free secret-ballot elections. In: Proceedings of the 26th ACM Symposium on Theory of Computing, may 1994, pp. 544–553. ACM Press, New York (1994)
Juels, A., Catalano, D., Jakobsson, M.: Coercion-resistant electronic elections. In: ACM Workshop on Privacy in the Electronic Society, pp. 61–70. ACM Press, New York (2005)
Delaune, S., Kremer, S., Ryan, M.: Coercion-resistance and receipt-freeness in electronic voting. In: 19th IEEE Computer Security Foundations Workshop (CSFW-19), pp. 28–42. IEEE Computer Society Press, Los Alamitos (2006)
Moran, T., Naor, M.: Receipt-free universally-verifiable voting with everlasting privacy. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 373–392. Springer, Heidelberg (2006)
Groth, J.: Evaluating security of voting schemes in the universal composability framework. In: Jakobsson, M., Yung, M., Zhou, J. (eds.) ACNS 2004. LNCS, vol. 3089, pp. 46–60. Springer, Heidelberg (2004)
Rivest, R.L.: The ThreeBallot voting system. Accessed on (August 12, 2007) (2006), Available from http://people.csail.mit.edu/rivest/Rivest-TheThreeBallotVotingSystem.pdf
Goldwasser, S., Micali, S., Rackoff, C.: The knowledge complexity of interactive proof systems. In: Proceedings of the 17th Annual ACM Symposium on Theory of Computing (STOC 1985), pp. 291–304 (1985)
Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game a completeness theorem for protocols with honest majority. In: Proceedings of the 19th Annual ACM Symposium on the Theory of Computing (STOC), pp. 218–229. ACM Press, New York (1987)
Canetti, R.: Universally composable security: A new paradigm for cryptographic protocols. In: Naor, M. (ed.) Proceedings of the 42nd Annual Symposium on Foundations of Computer Science, pp. 136–145. IEEE Computer Society Press, Los Alamitos (2001), Full version available on http://eprint.iacr.org/2000/067
Pfitzmann, B., Waidner, M.: A model for asynchronous reactive systems and its application to secure message transmission. In: IEEE Symposium on Security and Privacy, Oakland, CA, May 2001, pp. 184–200. IEEE Computer Society Press, Los Alamitos (2001)
Araujo, R., Custodio, R.F., Graaf, J.v.d.: A verifiable voting protocol based on Farnel. In: Benaloh, J. (ed.) IAVoSS Workshop On Trustworthy Elections (WOTE 2007) (2007)
Clark, J., Essex, A., Adams, C.: On the security of ballot receipts in e2e voting systems. In: Benaloh, J. (ed.) IAVoSS Workshop On Trustworthy Elections (WOTE 2007) (2007)
Appel, A.A.: How to defeat rivest’s threeballot voting system. Accessed on August 12, 2007 (2006), Available from http://www.cs.princeton.edu/~appel/papers/DefeatingThreeBallot.pdf
Strauss, C.: The trouble with triples. a critical review of the triple ballot (3ballot) scheme. Accessed on August 12, 2007 (2006), Available from http://www.cs.princeton.edu/~appel/voting/Strauss-TroubleWithTriples.pdf
Strauss, C.: A critical review of the triple ballot voting system, part2: Cracking the triple ballot encryption. Accessed on August 12, 2007 (2006), Available from http://www.cs.princeton.edu/~appel/voting/Strauss-ThreeBallotCritique2v1.5.pdf
Jones, H., Juang, J., Belote, G.: Threeballot in the field. Term paper for MIT course 6.857. Accessed on August 12, 2007 (2006), Available from http://theory.csail.mit.edu/classes/6.857/projects/threeBallotPaper.pdf
Henry, K., Stinson, D.R., Sui, J.: The effectiveness of receipt-based attacks on threeballot. Cryptology ePrint Archive, Report 2007/287 (2007), http://eprint.iacr.org/
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
de Marneffe, O., Pereira, O., Quisquater, JJ. (2007). Simulation-Based Analysis of E2E Voting Systems . In: Alkassar, A., Volkamer, M. (eds) E-Voting and Identity. Vote-ID 2007. Lecture Notes in Computer Science, vol 4896. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77493-8_12
Download citation
DOI: https://doi.org/10.1007/978-3-540-77493-8_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-77492-1
Online ISBN: 978-3-540-77493-8
eBook Packages: Computer ScienceComputer Science (R0)