Towards Trustworthy Elections pp 191-199
On Some Incompatible Properties of Voting Schemes
In this paper, we study the problem of simultaneously achieving several security properties, for voting schemes, without non-standard assumptions. More specifically, we focus on the universal verifiability of the computation of the tally, on the unconditional privacy/anonymity of the votes, and on the receipt-freeness properties, for the most classical election processes. Under usual assumptions and efficiency requirements, we show that a voting system that wants to publish the final list of the voters who actually voted, and to compute the number of times each candidate has been chosen, we cannot achieve:
universal verifiability of the tally (UV) and unconditional privacy of the votes (UP) simultaneously, unless all the registered voters actually vote;
universal verifiability of the tally (UV) and receipt- freeness (RF), unless private channels are available between the voters and/or the voting authorities.
Unable to display preview. Download preview PDF.