Advertisement

Practical Everlasting Privacy

  • Myrto Arapinis
  • Véronique Cortier
  • Steve Kremer
  • Mark Ryan
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7796)

Abstract

Will my vote remain secret in 20 years? This is a natural question in the context of electronic voting, where encrypted votes may be published on a bulletin board for verifiability purposes, but the strength of the encryption is eroded with the passage of time. The question has been addressed through a property referred to as everlasting privacy. Perfect everlasting privacy may be difficult or even impossible to achieve, in particular in remote electronic elections. In this paper, we propose a definition of practical everlasting privacy. The key idea is that in the future, an attacker will be more powerful in terms of computation (he may be able to break the cryptography) but less powerful in terms of the data he can operate on (transactions between a vote client and the vote server may not have been stored).

We formalize our definition of everlasting privacy in the applied-pi calculus. We provide the means to characterize what an attacker can break in the future in several cases. In particular, we model this for perfectly hiding and computationally binding primitives (or the converse), such as Pedersen commitments, and for symmetric and asymmetric encryption primitives. We adapt existing tools, in order to allow us to automatically prove everlasting privacy. As an illustration, we show that several variants of Helios (including Helios with Pedersen commitments) and a protocol by Moran and Naor achieve practical everlasting privacy, using the ProVerif and the AKiSs tools.

Keywords

Equational Theory Bulletin Board Horn Clause Electronic Vote Vote Protocol 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    Abadi, M., Fournet, C.: Mobile values, new names, and secure communication. In: 28th Symposium on Principles of Programming Languages, POPL 2001. ACM Press (2001)Google Scholar
  2. 2.
    Adida, B.: Helios: web-based open-audit voting. In: 17th Conference on Security Symposium, SS 2008. USENIX Association (2008)Google Scholar
  3. 3.
    Backes, M., Hritcu, C., Maffei, M.: Automated verification of remote electronic voting protocols in the applied pi-calculus. In: 21st IEEE Computer Security Foundations Symposium, CSF 2008. IEEE (2008)Google Scholar
  4. 4.
    Blanchet, B.: An efficient cryptographic protocol verifier based on Prolog rules. In: 14th Computer Security Foundations Workshop, CSFW 2001. IEEE (2001)Google Scholar
  5. 5.
    Blanchet, B., Abadi, M., Fournet, C.: Automated verification of selected equivalences for security protocols. Journal of Logic and Algebraic Programming 75(1) (2008)Google Scholar
  6. 6.
    Chadha, R., Ciobâcă, Ş., Kremer, S.: Automated Verification of Equivalence Properties of Cryptographic Protocols. In: Seidl, H. (ed.) ESOP 2012. LNCS, vol. 7211, pp. 108–127. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  7. 7.
    Chaum, D., Ryan, P.Y.A., Schneider, S.: A Practical Voter-Verifiable Election Scheme. In: De Capitani di Vimercati, S., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 118–139. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  8. 8.
    Clarkson, M., Chong, S., Myers, A.: Civitas: Toward a secure voting system. In: 29th IEEE Symposium on Security and Privacy, S&P 2008 (2008)Google Scholar
  9. 9.
    Cortier, V., Smyth, B.: Attacking and fixing helios: An analysis of ballot secrecy. In: 24th IEEE Computer Security Foundations Symposium, CSF 2011. IEEE (June 2011)Google Scholar
  10. 10.
    Cuvelier, E., Peters, T., Pereira, O.: Election verifiabilty or ballot privacy: Do we need to choose? SecVote, Dagstuhl (2012), secvote.uni.lu/slides/opereira-verif-or-priv.pdf
  11. 11.
    Delaune, S., Kremer, S., Ryan, M.D.: Verifying privacy-type properties of electronic voting protocols. Journal of Computer Security 17(4), 435–487 (2009)Google Scholar
  12. 12.
    Demirel, D., Van De Graaf, J., Araújo, R.: Improving helios with everlasting privacy towards the public. In: International conference on Electronic Voting Technology/Workshop on Trustworthy Elections, EVT/WOTE 2012. USENIX Association (2012)Google Scholar
  13. 13.
    Dreier, J., Lafourcade, P., Lakhnech, Y.: Defining Privacy for Weighted Votes, Single and Multi-voter Coercion. In: Foresti, S., Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 451–468. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  14. 14.
    Juels, A., Catalano, D., Jakobsson, M.: Coercion-resistant electronic elections. In: ACM Workshop on Privacy in the Electronic Society, WPES 2005. ACM (2005)Google Scholar
  15. 15.
    Kremer, S., Ryan, M.: Analysis of an Electronic Voting Protocol in the Applied Pi Calculus. In: Sagiv, M. (ed.) ESOP 2005. LNCS, vol. 3444, pp. 186–200. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  16. 16.
    Kremer, S., Ryan, M., Smyth, B.: Election Verifiability in Electronic Voting Protocols. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 389–404. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  17. 17.
    Küsters, R., Truderung, T., Vogt, A.: Accountability: definition and relationship to verifiability. In: ACM Conference on Computer and Communications Security, CCS 2010 (2010)Google Scholar
  18. 18.
    Moran, T., Naor, M.: Receipt-Free Universally-Verifiable Voting with Everlasting Privacy. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 373–392. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  19. 19.
    Pedersen, T.P.: Non-interactive and Information-Theoretic Secure Verifiable Secret Sharing. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 129–140. Springer, Heidelberg (1992)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Myrto Arapinis
    • 1
  • Véronique Cortier
    • 2
  • Steve Kremer
    • 2
  • Mark Ryan
    • 1
  1. 1.School of Computer ScienceUniversity of BirminghamUK
  2. 2.LORIA, CNRSFrance

Personalised recommendations