Skip to main content
SpringerLink
Log in
Book cover

International Joint Conference on Automated Reasoning

IJCAR 2014: Automated Reasoning pp 16–25Cite as

Electronic Voting: How Logic Can Help

  • Conference paper

Part of the Lecture Notes in Computer Science book series (LNAI,volume 8562)

Abstract

Electronic voting should offer at least the same guarantees than traditional paper-based voting systems. In order to achieve this, electronic voting protocols make use of cryptographic primitives, as in the more traditional case of authentication or key exchange protocols. All these protocols are notoriously difficult to design and flaws may be found years after their first release. Formal models, such as process algebra, Horn clauses, or constraint systems, have been successfully applied to automatically analyze traditional protocols and discover flaws. Electronic voting protocols however significantly increase the difficulty of the analysis task. Indeed, they involve for example new and sophisticated cryptographic primitives, new dedicated security properties, and new execution structures.

After an introduction to electronic voting, we describe the current techniques for e-voting protocols analysis and review the key challenges towards a fully automated verification.

Keywords

  • Vote System
  • Security Protocol
  • Blind Signature
  • Homomorphic Encryption
  • Cryptographic Primitive

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

The research leading to these results has received funding from the European Research Council under the European Union’s Seventh Framework Programme (FP7/2007-2013) / ERC grant agreement no 258865, project ProSecure.

This is a preview of subscription content, access via your institution.

Chapter
USD   29.95
Price excludes VAT (Canada)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (Canada)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (Canada)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. International association for cryptologic research. Elections page at, http://www.iacr.org/elections/

  2. Web page of the Norwegian government on the deployment of e-voting, http://www.regjeringen.no/en/dep/krd/prosjekter/e-vote-2011-project.html

  3. Documentations of the code used for the 2013 parlementary election in Norway (2013), https://brukerveiledning.valg.no/Dokumentasjon/Dokumentasjon/Forms/AllItems.aspx

  4. KRD - evalg2011 platform - update for 2013 parliamentary elections (2013), https://brukerveiledning.valg.no/Dokumentasjon/Dokumentasjon/Norway-2013_BulletinBoard_v1.2.pdf

  5. Abadi, M., Fournet, C.: Mobile values, new names, and secure communication. In: 28th ACM Symposium on Principles of Programming Languages, POPL 2001 (2001)

    Google Scholar 

  6. Abadi, M., Cortier, V.: Deciding knowledge in security protocols under equational theories. Theoretical Computer Science 367(1-2), 2–32 (2006)

    CrossRef  MATH  MathSciNet  Google Scholar 

  7. Abadi, M., Gordon, A.D.: A Calculus for Cryptographic Protocols: The Spi Calculus. In: CCS 1997: 4th ACM Conference on Computer and Communications Security, pp. 36–47. ACM Press (1997)

    Google Scholar 

  8. Adida, B., de Marneffe, O., Pereira, O., Quisquater, J.-J.: Electing a university president using open-audit voting: Analysis of real-world use of Helios. In: Proceedings of the 2009 Conference on Electronic Voting Technology/Workshop on Trustworthy Elections (2009)

    Google Scholar 

  9. Arapinis, M., Mancini, L., Ritter, E., Ryan, M.: Privacy through pseudonymity in mobile telephony systems. In: 21st Annual Network and Distributed System Security Symposium, NDSS 2014 (2014)

    Google Scholar 

  10. Arapinis, M., Chothia, T., Ritter, E., Ryan, M.: Analysing Unlinkability and Anonymity Using the Applied Pi Calculus. In: CSF 2010: 23rd Computer Security Foundations Symposium, pp. 107–121. IEEE Computer Society (2010)

    Google Scholar 

  11. Armando, A., et al.: The AVISPA Tool for the automated validation of internet security protocols and applications. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 281–285. Springer, Heidelberg (2005)

    CrossRef  Google Scholar 

  12. Armando, A., Carbone, R., Compagna, L., Cuellar, J., Abad, L.T.: Formal analysis of saml 2.0 web browser single sign-on: Breaking the saml-based single sign-on for google apps. In: Proceedings of the 6th ACM Workshop on Formal Methods in Security Engineering (FMSE 2008), pp. 1–10 (2008)

    Google Scholar 

  13. Backes, M., Pfitzmann, B.: Symmetric encryption in a simulatable Dolev-Yao style cryptographic library. In: Proc. 17th IEEE Computer Science Foundations Workshop (CSFW 2004), pp. 204–218 (2004)

    Google Scholar 

  14. Barthe, G., Grégoire, B., Heraud, S., Béguelin, S.Z.: Computer-aided security proofs for the working cryptographer. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 71–90. Springer, Heidelberg (2011)

    CrossRef  Google Scholar 

  15. Baudet, M.: Deciding security of protocols against off-line guessing attacks. In: Proceedings of the 12th ACM Conference on Computer and Communications Security (CCS 2005), pp. 16–25. ACM Press (November 2005)

    Google Scholar 

  16. Benaloh, J.: Ballot casting assurance via voter-initiated poll station auditing. In: Proceedings of the Second Usenix/ACCURATE Electronic Voting Technology Workshop (2007)

    Google Scholar 

  17. Bernhard, D., Cortier, V., Pereira, O., Smyth, B., Warinschi, B.: Adapting Helios for provable ballot secrecy. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 335–354. Springer, Heidelberg (2011)

    CrossRef  Google Scholar 

  18. Bernhard, D., Pereira, O., Warinschi, B.: How not to prove yourself: Pitfalls of the Fiat-Shamir heuristic and applications to helios. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 626–643. Springer, Heidelberg (2012)

    CrossRef  Google Scholar 

  19. Blanchet, B.: An efficient cryptographic protocol verifier based on prolog rules. In: Proc. of the 14th Computer Security Foundations Workshop (CSFW 2001). IEEE Computer Society Press (June 2001)

    Google Scholar 

  20. Blanchet, B.: An automatic security protocol verifier based on resolution theorem proving (invited tutorial). In: 20th International Conference on Automated Deduction (CADE-20) (July 2005)

    Google Scholar 

  21. Blanchet, B., Abadi, M., Fournet, C.: Automated verification of selected equivalences for security protocols. In: 20th IEEE Symposium on Logic in Computer Science (LICS 2005), pp. 331–340. IEEE Computer Society (June 2005)

    Google Scholar 

  22. Böhl, F., Cortier, V., Warinschi, B.: Deduction soundness: Prove one, get five for free. In: 20th ACM Conference on Computer and Communications Security (CCS 2013), Berlin, Germany (2013)

    Google Scholar 

  23. Bortolozzo, M., Centenaro, M., Focardi, R., Steel, G.: Attacking and fixing PKCS#11 security tokens. In: Proceedings of the 17th ACM Conference on Computer and Communications Security (CCS 2010), pp. 260–269. ACM Press (October 2010)

    Google Scholar 

  24. Brusó, M., Chatzikokolakis, K., den Hartog, J.: Formal verification of privacy for RFID systems. In: CSF 2010: 23rd Computer Security Foundations Symposium, pp. 75–88. IEEE Computer Society (2010)

    Google Scholar 

  25. Chadha, R., Ciobâcă, Ş., Kremer, S.: Automated verification of equivalence properties of cryptographic protocols. In: Seidl, H. (ed.) Programming Languages and Systems. LNCS, vol. 7211, pp. 108–127. Springer, Heidelberg (2012)

    CrossRef  Google Scholar 

  26. Cheval, V.: Apte: an algorithm for proving trace equivalence. In: Ábrahám, E., Havelund, K. (eds.) TACAS 2014 (ETAPS). LNCS, vol. 8413, pp. 587–592. Springer, Heidelberg (2014)

    CrossRef  Google Scholar 

  27. Cheval, V., Blanchet, B.: Proving more observational equivalences with ProVerif. In: Basin, D., Mitchell, J.C. (eds.) POST 2013 (ETAPS 2013). LNCS, vol. 7796, pp. 226–246. Springer, Heidelberg (2013)

    CrossRef  Google Scholar 

  28. Cheval, V., Cortier, V., Plet, A.: Lengths may break privacy – or how to check for equivalences with length. In: Sharygina, N., Veith, H. (eds.) CAV 2013. LNCS, vol. 8044, pp. 708–723. Springer, Heidelberg (2013)

    CrossRef  Google Scholar 

  29. Clarkson, M.R., Chong, S., Myers, A.C.: Civitas: Toward a secure voting system. In: Proc. IEEE Symposium on Security and Privacy, pp. 354–368 (2008)

    Google Scholar 

  30. Comon-Lundh, H., Shmatikov, V.: Intruder deductions, constraint solving and insecurity decision in presence of Exclusive Or. In: Proc. of 18th Annual IEEE Symposium on Logic in Computer Science (LICS 2003), pp. 271–280. IEEE Computer Society (2003)

    Google Scholar 

  31. Comon-Lundh, H., Cortier, V.: Computational soundness of observational equivalence. In: Proceedings of the 15th ACM Conference on Computer and Communications Security (CCS 2008), Alexandria, Virginia, USA, pp. 109–118. ACM Press (October 2008)

    Google Scholar 

  32. Cortier, V., Galindo, D., Glondu, S., Izabachene, M.: A generic construction for voting correctness at minimum cost - application to helios. Cryptology ePrint Archive, Report 2013/177 (2013)

    Google Scholar 

  33. Cortier, V., Smyth, B.: Attacking and fixing helios: An analysis of ballot secrecy. Journal of Computer Security 21(1), 89–148 (2013)

    Google Scholar 

  34. Cortier, V., Wiedling, C.: A formal analysis of the norwegian e-voting protocol. In: Degano, P., Guttman, J.D. (eds.) Principles of Security and Trust. LNCS, vol. 7215, pp. 109–128. Springer, Heidelberg (2012)

    CrossRef  Google Scholar 

  35. Cramer, R., Gennaro, R., Schoenmakers, B.: A secure and optimally efficient multi-authority election scheme. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 103–118. Springer, Heidelberg (1997)

    CrossRef  Google Scholar 

  36. Cremers, C.J.F.: The Scyther Tool: Verification, falsification, and analysis of security protocols. In: Gupta, A., Malik, S. (eds.) CAV 2008. LNCS, vol. 5123, pp. 414–418. Springer, Heidelberg (2008)

    CrossRef  Google Scholar 

  37. Cuvelier, É., Pereira, O., Peters, T.: Election verifiability or ballot privacy: Do we need to choose? In: Crampton, J., Jajodia, S., Mayes, K. (eds.) ESORICS 2013. LNCS, vol. 8134, pp. 481–498. Springer, Heidelberg (2013)

    CrossRef  Google Scholar 

  38. Dawson, J., Tiu, A.: Automating open bisimulation checking for the spi-calculus. In: Proceedings of IEEE Computer Security Foundations Symposium, CSF 2010 (2010)

    Google Scholar 

  39. Delaune, S., Kremer, S., Pereira, O.: Simulation based security in the applied pi calculus. In: Proceedings of the 29th Conference on Foundations of Software Technology and Theoretical Computer Science (FSTTCS 2009). Leibniz International Proceedings in Informatics, vol. 4, pp. 169–180 (December 2009)

    Google Scholar 

  40. Delaune, S., Kremer, S., Ryan, M.: Coercion-Resistance and Receipt-Freeness in Electronic Voting. In: CSFW 2006: 19th Computer Security Foundations Workshop, pp. 28–42. IEEE Computer Society (2006)

    Google Scholar 

  41. Delaune, S., Kremer, S., Ryan, M.D.: Verifying privacy-type properties of electronic voting protocols. Journal of Computer Security 17(4), 435–487 (2009)

    Google Scholar 

  42. Dolev, D., Yao, A.C.: On the security of public key protocols. In: Proc. of the 22nd Symp. on Foundations of Computer Science, pp. 350–357. IEEE Computer Society Press (1981)

    Google Scholar 

  43. Even, S., Goldreich, O.: On the security of multi-party ping-pong protocols. Technical Report. IEEE Computer Society Press (1983)

    Google Scholar 

  44. Feldman, A.J., Halderman, J.A., Felten, E.W.: Security analysis of the diebold accuvote-ts voting machine (2006), http://itpolicy.princeton.edu/voting/

  45. Fujioka, A., Okamoto, T., Ohta, K.: A Practical Secret Voting Scheme for Large Scale Elections. In: Zheng, Y., Seberry, J. (eds.) AUSCRYPT 1992. LNCS, vol. 718, pp. 244–251. Springer, Heidelberg (1993)

    CrossRef  Google Scholar 

  46. Gjøsteen, K.: Analysis of an internet voting protocol. Cryptology ePrint Archive, Report 2010/380 (2010), http://eprint.iacr.org/

  47. Esteve, J.B., Goldsmith, B., Turner, J.: International experience with e-voting. Technical report, Norwegian E-Vote Project (2012)

    Google Scholar 

  48. Juels, A., Catalano, D., Jakobsson, M.: Coercion-Resistant Electronic Elections. In: Chaum, D., Jakobsson, M., Rivest, R.L., Ryan, P.Y.A., Benaloh, J., Kutylowski, M., Adida, B. (eds.) Towards Trustworthy Elections. LNCS, vol. 6000, pp. 37–63. Springer, Heidelberg (2010)

    CrossRef  Google Scholar 

  49. Kremer, S., Ryan, M., Smyth, B.: Election verifiability in electronic voting protocols. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 389–404. Springer, Heidelberg (2010)

    CrossRef  Google Scholar 

  50. Küsters, R., Truderung, T., Vogt, A.: Clash Attacks on the Verifiability of E-Voting Systems. In: 33rd IEEE Symposium on Security and Privacy (S&P 2012), pp. 395–409. IEEE Computer Society (2012)

    Google Scholar 

  51. Lowe, G.: Breaking and fixing the Needham-Schroeder public-key protocol using FDR. In: Margaria, T., Steffen, B. (eds.) TACAS 1996. LNCS, vol. 1055, pp. 147–166. Springer, Heidelberg (1996)

    CrossRef  Google Scholar 

  52. Millen, J., Shmatikov, V.: Constraint solving for bounded-process cryptographic protocol analysis. In: Proc. of the 8th ACM Conference on Computer and Communications Security, CCS 2001 (2001)

    Google Scholar 

  53. Okamoto, T.: Receipt-Free Electronic Voting Schemes for Large Scale Elections. In: Christianson, B., Crispo, B., Lomas, M., Roe, M. (eds.) Security Protocols 1997. LNCS, vol. 1361, pp. 25–35. Springer, Heidelberg (1998)

    CrossRef  Google Scholar 

  54. Sakurada, H.: Computational soundness of symbolic blind signatures under active attacker. In: Danger, J.-L., Debbabi, M., Marion, J.-Y., Garcia-Alfaro, J., Heywood, N.Z. (eds.) FPS 2013, vol. 8532, pp. 247–263. Springer, Heidelberg (2014)

    Google Scholar 

  55. Schneider, S.: Verifying authentication protocols with CSP. In: Proc. of the 10th Computer Security Foundations Workshop (CSFW 1997). IEEE Computer Society Press (1997)

    Google Scholar 

  56. Thayer, J., Herzog, J., Guttman, J.: Strand spaces: proving security protocols correct. IEEE Journal of Computer Security 7, 191–230 (1999)

    Google Scholar 

  57. Unruh, D.: The impossibility of computationally sound xor, Preprint on IACR ePrint 2010/389 (July 2010)

    Google Scholar 

  58. Wolchok, S., Wustrow, E., Halderman, J.A., Prasad, H.K., Kankipati, A., Sakhamuri, S.K., Yagati, V., Gonggrijp, R.: Security analysis of india’s electronic voting machines. In: 17th ACM Conference on Computer and Communications Security, CCS 2010 (2010)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. LORIA - CNRS, France

    Véronique Cortier

Authors
  1. Véronique Cortier
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. CNRS,, New York University &amp, USA

    Stéphane Demri

  2. Department of Computer Science, University of New Mexico, 87131-0001, Albuquerque, NM, USA

    Deepak Kapur

  3. Max Planck Institute for Informatics, Campus E1 4, 66123, Saarbrücken, Germany

    Christoph Weidenbach

Rights and permissions

Reprints and Permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Cortier, V. (2014). Electronic Voting: How Logic Can Help. In: Demri, S., Kapur, D., Weidenbach, C. (eds) Automated Reasoning. IJCAR 2014. Lecture Notes in Computer Science(), vol 8562. Springer, Cham. https://doi.org/10.1007/978-3-319-08587-6_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-08587-6_2

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-08586-9

  • Online ISBN: 978-3-319-08587-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Search

Navigation