Verifiable Elections That Scale for Free

  • Melissa Chase
  • Markulf Kohlweiss
  • Anna Lysyanskaya
  • Sarah Meiklejohn
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7778)

Abstract

In order to guarantee a fair and transparent voting process, electronic voting schemes must be verifiable. Most of the time, however, it is important that elections also be anonymous. The notion of a verifiable shuffle describes how to satisfy both properties at the same time: ballots are submitted to a public bulletin board in encrypted form, verifiably shuffled by several mix servers (thus guaranteeing anonymity), and then verifiably decrypted by an appropriate threshold decryption mechanism. To guarantee transparency, the intermediate shuffles and decryption results, together with proofs of their correctness, are posted on the bulletin board throughout this process.

In this paper, we present a verifiable shuffle and threshold decryption scheme in which, for security parameter k, L voters, M mix servers, and N decryption servers, the proof that the end tally corresponds to the original encrypted ballots is only O(k(L + M + N)) bits long. Previous verifiable shuffle constructions had proofs of size O(kLM + kLN), which, for elections with thousands of voters, mix servers, and decryption servers, meant that verifying an election on an ordinary computer in a reasonable amount of time was out of the question.

The linchpin of each construction is a controlled-malleable proof (cm- NIZK), which allows each server, in turn, to take a current set of ciphertexts and a proof that the computation done by other servers has proceeded correctly so far. After shuffling or partially decrypting these ciphertexts, the server can also update the proof of correctness, obtaining as a result a cumulative proof that the computation is correct so far. In order to verify the end result, it is therefore sufficient to verify just the proof produced by the last server.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Abe, M.: Universally Verifiable Mix-Net with Verification Work Independent of the Number of Mix-Servers. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 437–447. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  2. 2.
    Adida, B., Neff, C.A.: Efficient Receipt-Free Ballot Casting Resistant to Covert Channels. Cryptology ePrint Archive, Report 2008/207 (2008), http://eprint.iacr.org/2008/207
  3. 3.
    Benaloh, J.D.C.: Verifiable Secret-Ballot Elections. PhD thesis, Yale University (1987)Google Scholar
  4. 4.
    Bernhard, D., Cortier, V., Pereira, O., Smyth, B., Warinschi, B.: Adapting Helios for Provable Ballot Privacy. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 335–354. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  5. 5.
    Boneh, D., Boyen, X., Shacham, H.: Short Group Signatures. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 41–55. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  6. 6.
    Canetti, R., Goldwasser, S.: An Efficient Threshold Public Key Cryptosystem Secure against Adaptive Chosen Ciphertext Attack. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 90–106. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  7. 7.
    Chase, M., Kohlweiss, M., Lysyanskaya, A., Meiklejohn, S.: Malleable Proof Systems and Applications. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 281–300. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  8. 8.
    Chase, M., Kohlweiss, M., Lysyanskaya, A., Meiklejohn, S.: Succinct Malleable NIZKs and an Application to Compact Shuffles. Cryptology ePrint Archive, Report 2012/506 (2012), http://eprint.iacr.org/2012/506
  9. 9.
    Chase, M., Kohlweiss, M., Lysyanskaya, A., Meiklejohn, S.: Verifiable Elections that Scale for Free. Cryptology ePrint Archive (2012), http://eprint.iacr.org/
  10. 10.
    Damgård, I.: On Sigma Protocols, http://www.daimi.au.dk/~ivan/Sigma.pdf
  11. 11.
    Damgård, I., Groth, J., Salomonsen, G.: The Theory and Implementation of an Electronic Voting System. In: Proceedings of Secure Electronic Voting (SEC), pp. 77–100 (2003)Google Scholar
  12. 12.
    De Santis, A., Di Crescenzo, G., Ostrovsky, R., Persiano, G., Sahai, A.: Robust Non-interactive Zero Knowledge. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 566–598. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  13. 13.
    Desmedt, Y., Frankel, Y.: Threshold Cryptosystems. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 307–315. Springer, Heidelberg (1990)Google Scholar
  14. 14.
    Fiat, A., Shamir, A.: How to Prove Yourself: Practical Solutions to Identification and Signature Problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987)CrossRefGoogle Scholar
  15. 15.
    Furukawa, J., Imai, H.: An Efficient Aggregate Shuffle Argument Scheme. In: Dietrich, S., Dhamija, R. (eds.) FC 2007 and USEC 2007. LNCS, vol. 4886, pp. 260–274. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  16. 16.
    Groth, J.: A Verifiable Secret Shuffle of Homomorphic Encryptions. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 145–160. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  17. 17.
    Groth, J.: Non-interactive Zero-Knowledge Arguments for Voting. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 467–482. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  18. 18.
    Groth, J.: Simulation-Sound NIZK Proofs for a Practical Language and Constant Size Group Signatures. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 444–459. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  19. 19.
    Groth, J., Lu, S.: A Non-interactive Shuffle with Pairing Based Verifiability. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 51–67. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  20. 20.
    Groth, J., Sahai, A.: Efficient Non-interactive Proof Systems for Bilinear Groups. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 415–432. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  21. 21.
    Juels, A., Catalano, D., Jakobsson, M.: Coercion-Resistant Electronic Elections. In: Chaum, D., Jakobsson, M., Rivest, R.L., Ryan, P.Y.A., Benaloh, J., Kutylowski, M., Adida, B. (eds.) Towards Trustworthy Elections. LNCS, vol. 6000, pp. 37–63. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  22. 22.
    Neff, C.A.: A Verifiable Secret Shuffle and its Application to E-Voting. In: Proceedings of ACM CCS 2001, pp. 116–125. ACM Press (November 2001)Google Scholar
  23. 23.
    Sandler, D., Derr, K., Wallach, D.S.: Votebox: A Tamper-evident, Verifiable Electronic Voting System. In: USENIX Security Symposium, pp. 349–364 (2008)Google Scholar
  24. 24.
    Shoup, V., Gennaro, R.: Securing Threshold Cryptosystems against Chosen Ciphertext Attack. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 1–16. Springer, Heidelberg (1998)CrossRefGoogle Scholar

Copyright information

© International Association for Cryptologic Research 2013

Authors and Affiliations

  • Melissa Chase
    • 1
  • Markulf Kohlweiss
    • 2
  • Anna Lysyanskaya
    • 3
  • Sarah Meiklejohn
    • 4
  1. 1.Microsoft ResearchRedmondUSA
  2. 2.Microsoft ResearchCambridgeUK
  3. 3.Brown UniversityUSA
  4. 4.UC San DiegoUSA

Personalised recommendations