Receipt-Free Universally-Verifiable Voting with Everlasting Privacy

  • Tal Moran
  • Moni Naor
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4117)


We present the first universally verifiable voting scheme that can be based on a general assumption (existence of a non-interactive commitment scheme). Our scheme is also the first receipt-free scheme to give “everlasting privacy” for votes: even a computationally unbounded party does not gain any information about individual votes (other than what can be inferred from the final tally).

Our voting protocols are designed to be used in a “traditional” setting, in which voters cast their ballots in a private polling booth (which we model as an untappable channel between the voter and the tallying authority). Following in the footsteps of Chaum and Neff [7,16], our protocol ensures that the integrity of an election cannot be compromised even if the computers running it are all corrupt (although ballot secrecy may be violated in this case).

We give a generic voting protocol which we prove to be secure in the Universal Composability model, given that the underlying commitment is universally composable. We also propose a concrete implementation, based on the hardness of discrete log, that is slightly more efficient (and can be used in practice).


receipt-free voting human protocol universally composable formal proof 


  1. 1.
    Aumann, Y., Ding, Y.Z., Rabin, M.O.: Everlasting security in the bounded storage model. IEEE Transactions on Information Theory 48(6), 1668–1680 (2002)zbMATHCrossRefMathSciNetGoogle Scholar
  2. 2.
    Benaloh, J., Tuinstra, D.: Receipt-free secret-ballot elections. In: STOC 1994, pp. 544–553 (1994)Google Scholar
  3. 3.
    Bryans, J.W., Ryan, P.Y.A.: A simplified version of the Chaum voting scheme. Technical Report CS-TR 843, University of Newcastle (2004)Google Scholar
  4. 4.
    Canetti, R., Gennaro, R.: Incoercible multiparty computation. In: FOCS 1996, pp. 504–513 (1996)Google Scholar
  5. 5.
    Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM 24(2), 84–88 (1981)CrossRefGoogle Scholar
  6. 6.
    Chaum, D.: Blind signature systems. In: Advances in Cryptology 1981 - 1997, p. 153 (1983)Google Scholar
  7. 7.
    Chaum, D.: E-voting: Secret-ballot receipts: True voter-verifiable elections. IEEE Security & Privacy 2(1), 38–47 (2004)CrossRefGoogle Scholar
  8. 8.
    Cohen(Benaloh), J.D., Fischer, M.J.: A robust and verifiable cryptographically secure election scheme. In: FOCS 1985, pp. 372–382 (1985)Google Scholar
  9. 9.
    Cramer, R., Franklin, M.K., Schoenmakers, B., Yung, M.: Multi-authority secret-ballot elections with linear work. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 72–83. Springer, Heidelberg (1996)Google Scholar
  10. 10.
    Cramer, R., Gennaro, R., Schoenmakers, B.: A secure and optimally efficient multi-authority election scheme. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 103–118. Springer, Heidelberg (1997)Google Scholar
  11. 11.
    Fujioka, A., Okamoto, T., Ohta, K.: A practical secret voting scheme for large scale elections. In: Zheng, Y., Seberry, J. (eds.) AUSCRYPT 1992. LNCS, vol. 718, pp. 244–251. Springer, Heidelberg (1993)Google Scholar
  12. 12.
    Hirt, M., Sako, K.: Efficient receipt-free voting based on homomorphic encryption. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, p. 539. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  13. 13.
    Juels, A., Catalano, D., Jakobsson, M.: Coercion-resistant electronic elections. In: WPES 2005, pp. 61–70 (2005)Google Scholar
  14. 14.
    Karlof, C., Sastry, N., Wagner, D.: Cryptographic voting protocols: A systems perspective. In: USENIX Security 2005, pp. 33–50 (2005)Google Scholar
  15. 15.
    Naor, M., Shamir, A.: Visual cryptography. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 1–12. Springer, Heidelberg (1995)CrossRefGoogle Scholar
  16. 16.
    Neff, C.A.: Practical high certainty intent verification for encrypted votes (October 2004),
  17. 17.
    Pedersen, T.P.: Non-interactive and information-theoretic secure verifiable secret sharing. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 129–140. Springer, Heidelberg (1992)Google Scholar
  18. 18.
    Reynolds, D.J.: A method for electronic voting with coercion-free receipt. In: FEE 2005, Presentation:
  19. 19.
    Ryan, P.Y.A.: A variant of the Chaum voter-verifiable scheme. In: WITS 2005, pp. 81–88 (2005)Google Scholar
  20. 20.
    Sako, K., Kilian, J.: Receipt-free mix-type voting scheme. In: Guillou, L.C., Quisquater, J.-J. (eds.) EUROCRYPT 1995. LNCS, vol. 921, pp. 393–403. Springer, Heidelberg (1995)Google Scholar
  21. 21.
    Shamir, A.: Cryptographers panel, RSA conference (2006), Webcast:

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Tal Moran
    • 1
  • Moni Naor
    • 1
  1. 1.Department of Computer Science and Applied MathematicsWeizmann Institute of ScienceRehovotIsrael

Personalised recommendations