Universally Verifiable MPC and IRV Ballot Counting

  • Kim RamchenEmail author
  • Chris Culnane
  • Olivier Pereira
  • Vanessa TeagueEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11598)


We present a very simple universally verifiable MPC protocol. The first component is a threshold somewhat homomorphic cryptosystem that permits an arbitrary number of additions (in the source group), followed by a single multiplication, followed by an arbitrary number of additions in the target group. The second component is a black-box construction of universally verifiable distributed encryption switching between any public key encryption schemes supporting shared setup and key generation phases, as long as the schemes satisfy some natural additive-homomorphic properties. This allows us to switch back from the target group to the source group, and hence perform an arbitrary number of multiplications. The key generation algorithm of our prototypical cryptosystem, which is based upon concurrent verifiable secret sharing, permits robust re-construction of powers of a shared secret.


Multiparty computation Elections Voting Instant runoff voting Verifiable computation Verifiability 



Olivier Pereira is grateful to the Belgian Fund for Scientific Research (F.R.S.- FNRS) for its financial support provided through the SeVoTe project, to the European Union (EU) and the Walloon Region through the FEDER project USERMedia (convention number 501907-379156), and to the Melbourne School of Engineering for its fellowship.


  1. 1.
    Adida, B., De Marneffe, O., Pereira, O., Quisquater, J.J.: Electing a university president using open-audit voting: analysis of real-world use of helios. In: Proceedings of the 2009 Conference on Electronic Voting Technology/Workshop on Trustworthy Elections, EVT/WOTE 2009, p. 10. USENIX Association, Berkeley (2009).
  2. 2.
    Attrapadung, N., Hanaoka, G., Mitsunari, S., Sakai, Y., Shimizu, K., Teruya, T.: Efficient two-level homomorphic encryption in prime-order bilinear groups and a fast implementation in webassembly. In: Proceedings of the 2018 on Asia Conference on Computer and Communications Security, pp. 685–697. ACM (2018)Google Scholar
  3. 3.
    Baum, C., Damgård, I., Orlandi, C.: Publicly auditable secure multi-party computation. In: Abdalla, M., De Prisco, R. (eds.) SCN 2014. LNCS, vol. 8642, pp. 175–196. Springer, Cham (2014). Also Cryptology ePrint Archive, Report 2014/075: Scholar
  4. 4.
    Beimel, A.: Secure schemes for secret sharing and key distribution. Ph.D. thesis, Israel Institute of Technology (1996)Google Scholar
  5. 5.
    Benaloh, J., et al.: Star-vote: a secure, transparent, auditable, and reliable voting system. CoRR abs/1211.1904 (2012).
  6. 6.
    Benaloh, J., Moran, T., Naish, L., Ramchen, K., Teague, V.: Shuffle-sum: coercion-resistant verifiable tallying for STV voting. Trans. Info. For. Sec. 4(4), 685–698 (2009). Scholar
  7. 7.
    Bernhard, D., Cortier, V., Pereira, O., Smyth, B., Warinschi, B.: Adapting helios for provable ballot privacy. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 335–354. Springer, Heidelberg (2011). Scholar
  8. 8.
    Boneh, D., Goh, E.-J., Nissim, K.: Evaluating 2-DNF formulas on ciphertexts. In: Kilian, J. (ed.) TCC 2005. LNCS, vol. 3378, pp. 325–341. Springer, Heidelberg (2005). Scholar
  9. 9.
    Brakerski, Z., Gentry, C., Vaikuntanathan, V.: (Leveled) fully homomorphic encryption without bootstrapping. ACM Trans. Comput. Theory 6(3), 13:1–13:36 (2014)MathSciNetCrossRefGoogle Scholar
  10. 10.
    Castagnos, G., Imbert, L., Laguillaumie, F.: Encryption switching protocols revisited: switching modulo p. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10401, pp. 255–287. Springer, Cham (2017). Scholar
  11. 11.
    Catalano, D., Fiore, D.: Using linearly-homomorphic encryption to evaluate degree-2 functions on encrypted data. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, CCS 2015, pp. 1518–1529. ACM, New York (2015).
  12. 12.
    Cortier, V., Galindo, D., Glondu, S., Izabachène, M.: Distributed elgamal à la pedersen: application to helios. In: Proceedings of the 12th ACM Workshop on Workshop on Privacy in the Electronic Society, WPES 2013, pp. 131–142. ACM, New York (2013).
  13. 13.
    Couteau, G., Peters, T., Pointcheval, D.: Encryption switching protocols. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016, Part I. LNCS, vol. 9814, pp. 308–338. Springer, Heidelberg (2016). Scholar
  14. 14.
    Cramer, R., Gennaro, R., Schoenmakers, B.: A secure and optimally efficient multi-authority election scheme. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 103–118. Springer, Heidelberg (1997). Scholar
  15. 15.
    Damgård, I., Pastro, V., Smart, N., Zakarias, S.: Multiparty computation from somewhat homomorphic encryption. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 643–662. Springer, Heidelberg (2012). Scholar
  16. 16.
    Escala, A., Herold, G., Kiltz, E., Ràfols, C., Villar, J.: An algebraic framework for diffie-hellman assumptions. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part II. LNCS, vol. 8043, pp. 129–147. Springer, Heidelberg (2013). Scholar
  17. 17.
    Freeman, D.M.: Converting pairing-based cryptosystems from composite-order groups to prime-order groups. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 44–61. Springer, Heidelberg (2010). Scholar
  18. 18.
    Gennaro, R., Jarecki, S., Krawczyk, H., Rabin, T.: Secure distributed key generation for discrete-log based cryptosystems. J. Cryptol. 20(1), 51–83 (2007). Scholar
  19. 19.
    Goh, E.-J., Golle, P.: Event driven private counters. In: Patrick, A.S., Yung, M. (eds.) FC 2005. LNCS, vol. 3570, pp. 313–327. Springer, Heidelberg (2005). Scholar
  20. 20.
    Heather, J.: Implementing STV securely in prêt à voter. In: Proceedings of the 20th IEEE Computer Security Foundations Symposium, CSF 2007, pp. 157–169. IEEE Computer Society, Washington (2007).
  21. 21.
    Herold, G., Hesse, J., Hofheinz, D., Ràfols, C., Rupp, A.: Polynomial spaces: a new framework for composite-to-prime-order transformations. Cryptology ePrint Archive, Report 2014/445 (2014).
  22. 22.
    Ito, M., Saito, A., Nishizeki, T.: Secret sharing scheme realizing general access structure. Electron. Commun. Jpn (Part III: Fundam. Electron. Sci.) 72(9), 56–64 (1989). Scholar
  23. 23.
    Park, C., Itoh, K., Kurosawa, K.: Efficient anonymous channel and all/nothing election scheme. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 248–259. Springer, Heidelberg (1994). Scholar
  24. 24.
    Pedersen, T.P.: A threshold cryptosystem without a trusted party. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 522–526. Springer, Heidelberg (1991). Scholar
  25. 25.
    Ryan, P.Y.A.: Prêt à voter with paillier encryption. Math. Comput. Model. 48(9–10), 1646–1662 (2008). Scholar
  26. 26.
    Ryan, P.Y.A.: A variant of the chaum voter-verifiable scheme. In: Proceedings of the 2005 Workshop on Issues in the Theory of Security, WITS 2005, pp. 81–88. ACM, New York (2005).
  27. 27.
    Ryan, P.Y.A., Teague, V.: Ballot permutations in prêt à voter. In: Proceedings of the 2009 Conference on Electronic Voting Technology/Workshop on Trustworthy Elections, EVT/WOTE 2009, p. 13. USENIX Association, Berkeley (2009).
  28. 28.
    Schoenmakers, B., Veeningen, M.: Universally verifiable multiparty computation from threshold homomorphic cryptosystems. In: Malkin, T., Kolesnikov, V., Lewko, A.B., Polychronakis, M. (eds.) ACNS 2015. LNCS, vol. 9092, pp. 3–22. Springer, Cham (2015). Scholar
  29. 29.
    Scott, M.: Authenticated id-based key exchange and remote log-in with simple token and pin number. Cryptology ePrint Archive, Report 2002/164 (2002).
  30. 30.
    Waters, B.: Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 53–70. Springer, Heidelberg (2011). Scholar

Copyright information

© International Financial Cryptography Association 2019

Authors and Affiliations

  1. 1.Department of Computing and Information SystemsThe University of MelbourneMelbourneAustralia
  2. 2.ICTEAMUCLouvainLouvain-la-NeuveBelgium
  3. 3.Faculty of Information TechnologyMonash UniversityClaytonAustralia

Personalised recommendations