Extending Helios Towards Private Eligibility Verifiability

  • Oksana KulykEmail author
  • Vanessa Teague
  • Melanie Volkamer
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9269)


We show how to extend the Helios voting system to provide eligibility verifiability without revealing who voted which we call private eligibility verifiability. The main idea is that real votes are hidden in a crowd of null votes that are cast by others but are indistinguishable from those of the eligible voter. This extended Helios scheme also improves Helios towards receipt-freeness.


Bulletin Board Modular Exponentiation Eligible Voter Cast Vote Participation Privacy 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.



This project (HA project no. 435/14-25) is funded in the framework of Hessen ModellProjekte, financed with funds of LOEWE – Landes-Offensive zur Entwicklung Wissenschaftlich-ökonomischer Exzellenz, Förderlinie 3: KMU-Verbundvorhaben (State Offensive for the Development of Scientific and Economic Excellence).


  1. 1.
    Adida, B.: Helios: web-based open-audit voting. USENIX Security Symposium. vol. 17, pp. 335–348 (2008)Google Scholar
  2. 2.
    Araújo, R., Traoré, J.: A practical coercion resistant voting scheme revisited. In: Heather, J., Schneider, S., Teague, V. (eds.) Vote-ID 2013. LNCS, vol. 7985, pp. 193–209. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  3. 3.
    Bell, S., Benaloh, J., Byrne, M.D., DeBeauvoir, D., Eakin, B., Fisher, G., Kortum, P., McBurnett, N., Montoya, J., Parker, M., Pereira, O., Stark, P.B., Wallach, D.S., Winn, M.: STAR-vote: a secure, transparent, auditable, and reliable voting system. USENIX J. Election Technol. Syst. (JETS) 1(1), 18–37 (2013)Google Scholar
  4. 4.
    Ben-Nun, J., Fahri, N., Llewellyn, M., Riva, B., Rosen, A., Ta-Shma, A., Wikström, D.: A new implementation of a dual (paper and cryptographic) voting system. In: 5th International Conference on Electronic Voting (EVOTE) (2012).
  5. 5.
    Benaloh, J.: Simple verifiable elections. In: Proceedings of the USENIX/Accurate Electronic Voting Technology Workshop 2006 on Electronic Voting Technology Workshop, pp. 5–5. USENIX Association (2006)Google Scholar
  6. 6.
    Bernhard, D., Cortier, V., Pereira, O., Smyth, B., Warinschi, B.: Adapting helios for provable ballot privacy. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 335–354. Springer, Heidelberg (2011) CrossRefGoogle Scholar
  7. 7.
    Bernhard, D., Pereira, O., Warinschi, B.: How not to prove yourself: pitfalls of the Fiat-shamir heuristic and applications to Helios. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 626–643. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  8. 8.
    Carback, R., Chaum, D., Clark, J., Conway, J., Essex, A., Herrnson, P.S., Mayberry, T., Popoveniuc, S., Rivest, R.L., Shen, E., Sherman, A.T., Vora, P.L.: Scantegrity II municipal election at Takoma Park: the first E2E binding governmental election with ballot privacy. In: Proceedings of USENIX Security (2010)Google Scholar
  9. 9.
    Chaum, D., Pedersen, T.P.: Wallet databases with observers. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 89–105. Springer, Heidelberg (1993) Google Scholar
  10. 10.
    Clark, J., Hengartner, U.: Selections: internet voting with over-the-shoulder coercion-resistance. In: Danezis, G. (ed.) FC 2011. LNCS, vol. 7035, pp. 47–61. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  11. 11.
    Cortier, V., Galindo, D., Glondu, S., Izabachène, M.: Distributed Elgamal à la Pedersen: application to Helios. In: Proceedings of the 12th ACM Workshop on Workshop on Privacy in the Electronic Society, pp. 131–142. ACM (2013)Google Scholar
  12. 12.
    Cramer, R., Damgård, I.B., MacKenzie, P.D.: Efficient zero-knowledge proofs of knowledge without intractability assumptions. In: Imai, H., Zheng, Y. (eds.) PKC 2000. LNCS, vol. 1751, pp. 354–373. Springer, Heidelberg (2000) CrossRefGoogle Scholar
  13. 13.
    Cramer, R., Damgård, I.B., Schoenmakers, B.: Proof of partial knowledge and simplified design of witness hiding protocols. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 174–187. Springer, Heidelberg (1994) Google Scholar
  14. 14.
    Culnane, C., Schneider, S.: A peered bulletin board for robust use in verifiable voting systems. In: 2014 IEEE 27th Computer Security Foundations Symposium (CSF), pp. 169–183. IEEE (2014)Google Scholar
  15. 15.
    Essex, A., Clark, J., Hengartner, U.: Cobra: toward concurrent ballot authorization for internet voting. In: Proceedings of the 2012 International Conference on Electronic Voting Technology/Workshop on Trustworthy Elections, EVT/WOTE, p. 3 (2012)Google Scholar
  16. 16.
    Fiat, A., Shamir, A.: How to prove yourself: practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987) CrossRefGoogle Scholar
  17. 17.
    Furukawa, J., Sako, K.: An efficient scheme for proving a shuffle. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, p. 368. Springer, Heidelberg (2001) CrossRefGoogle Scholar
  18. 18.
    Grewal, G.S., Ryan, M.D., Bursuc, S., Ryan, P.Y.: Caveat coercitor: coercion-evidence in electronic voting. In: 2013 IEEE Symposium on Security and Privacy (SP), pp. 367–381. IEEE (2013)Google Scholar
  19. 19.
    Groth, J.: A verifiable secret shuffe of homomorphic encryptions. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 145–160. Springer, Heidelberg (2002) CrossRefGoogle Scholar
  20. 20.
    Guillou, L.C., Quisquater, J.-J.: A practical zero-knowledge protocol fitted to security microprocessor minimizing both transmission and memory. In: Günther, C.G. (ed.) EUROCRYPT 1988. LNCS, vol. 330, pp. 123–128. Springer, Heidelberg (1988) Google Scholar
  21. 21.
    Guillou, L.C., Quisquater, J.-J.: A “paradoxical” identity-based signature scheme resulting from zero-knowledge. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 216–231. Springer, Heidelberg (1990) Google Scholar
  22. 22.
    Haenni, R., Spycher, O.: Secure internet voting on limited devices with anonymized dsa public keys. In: Proceedings of the 2011 Conference on Electronic Voting Technology/Workshop on Trustworthy Elections, pp. 8–8. EVT/WOTE 2011. USENIX Association (2011)Google Scholar
  23. 23.
    Heiberg, S., Laud, P., Willemson, J.: The application of i-voting for estonian parliamentary elections of 2011. In: Kiayias, A., Lipmaa, H. (eds.) VoteID 2011. LNCS, vol. 7187, pp. 208–223. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  24. 24.
    Jakobsson, M., Juels, A.: Mix and match: secure function evaluation via ciphertexts. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, p. 162. Springer, Heidelberg (2000) CrossRefGoogle Scholar
  25. 25.
    Juels, A., Catalano, D., Jakobsson, M.: Coercion-resistant electronic elections. In: Proceedings of the 2005 ACM workshop on Privacy in the electronic society, pp. 61–70. ACM (2005)Google Scholar
  26. 26.
    Koenig, R., Haenni, R., Fischli, S.: Preventing board flooding attacks in coercion-resistant electronic voting schemes. In: Camenisch, J., Fischer-Hübner, S., Murayama, Y., Portmann, A., Rieder, C. (eds.) SEC 2011. IFIP AICT, vol. 354, pp. 116–127. Springer, Heidelberg (2011) CrossRefGoogle Scholar
  27. 27.
    Kutyłowski, M., Zagórski, F.: Verifiable internet voting solving secure platform problem. In: Miyaji, A., Kikuchi, H., Rannenberg, K. (eds.) IWSEC 2007. LNCS, vol. 4752, pp. 199–213. Springer, Heidelberg (2007) CrossRefGoogle Scholar
  28. 28.
    Neff, C.A.: A verifiable secret shuffle and its application to e-voting. In: Proceedings of the 8th ACM conference on Computer and Communications Security, pp. 116–125. ACM (2001)Google Scholar
  29. 29.
    Neumann, S., Feier, C., Volkamer, M., Koenig, R.: Towards a practical jcj/civitas implementation. In: INF13 - Workshop: Elektronische Wahlen: Ich sehe was, das Du nicht siehst - öffentliche und geheime Wahl, pp. 804–818 (2013)Google Scholar
  30. 30.
    Pedersen, T.P.: Non-interactive and information-theoretic secure verifiable secret sharing. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 129–140. Springer, Heidelberg (1992) Google Scholar
  31. 31.
    Pfitzmann, B.: Breaking an efficient anonymous channel. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 332–340. Springer, Heidelberg (1995) Google Scholar
  32. 32.
    Raykova, M., Wagner, D.: Verifable remote voting with large scale coercion resistance. Technical report CUCS-041-11, Columbia (2011)Google Scholar
  33. 33.
    Ryan, P.Y., Bismark, D., Heather, J., Schneider, S., Xia, Z.: Prêt à voter: a voter-verifiable voting system. IEEE Trans. Inf. Forensics Secur. 4(4), 662–673 (2009)CrossRefGoogle Scholar
  34. 34.
    Schläpfer, M., Haenni, R., Koenig, R., Spycher, O.: Efficient vote authorization in coercion-resistant internet voting. In: Kiayias, A., Lipmaa, H. (eds.) VoteID 2011. LNCS, vol. 7187, pp. 71–88. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  35. 35.
    Schnorr, C.P.: Efficient signature generation by smart cards. J. Cryptol. 4(3), 161–174 (1991)MathSciNetCrossRefGoogle Scholar
  36. 36.
    Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)MathSciNetCrossRefzbMATHGoogle Scholar
  37. 37.
    Springall, D., Finkenauer, T., Durumeric, Z., Kitcat, J., Hursti, H., MacAlpine, M., Halderman, J.A.: Security analysis of the estonian internet voting system. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 703–715. ACM (2014)Google Scholar
  38. 38.
    Spycher, O., Koenig, R., Haenni, R., Schläpfer, M.: A new approach towards coercion-resistant remote e-voting in linear time. In: Danezis, G. (ed.) FC 2011. LNCS, vol. 7035, pp. 182–189. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  39. 39.
    Spycher, O., Volkamer, M., Koenig, R.: Transparency and technical measures to establish trust in Norwegian internet voting. In: Kiayias, A., Lipmaa, H. (eds.) VoteID 2011. LNCS, vol. 7187, pp. 19–35. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  40. 40.
    Srinivasan, S., Culnane, C., Heather, J., Schneider, S., Xia, Z.: Countering ballot stuffing and incorporating eligibility verifiability in Helios. In: Au, M.H., Carminati, B., Kuo, C.-C.J. (eds.) NSS 2014. LNCS, vol. 8792, pp. 335–348. Springer, Heidelberg (2014) Google Scholar
  41. 41.
    Terelius, B., Wikström, D.: Proofs of restricted shuffles. In: Bernstein, D.J., Lange, T. (eds.) AFRICACRYPT 2010. LNCS, vol. 6055, pp. 100–113. Springer, Heidelberg (2010) CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Oksana Kulyk
    • 1
    Email author
  • Vanessa Teague
    • 2
  • Melanie Volkamer
    • 1
    • 3
  1. 1.Technische Universität Darmstadt/CASEDDarmstadtGermany
  2. 2.University of MelbourneMelbourneAustralia
  3. 3.Karlstad UniversityKarlstadSweden

Personalised recommendations