Election Verifiability for Helios under Weaker Trust Assumptions

  • Véronique Cortier
  • David Galindo
  • Stéphane Glondu
  • Malika Izabachène
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8713)

Abstract

Most electronic voting schemes aim at providing verifiability: voters should trust the result without having to rely on some authorities. Actually, even a prominent voting system like Helios cannot fully achieve verifiability since a dishonest bulletin board may add ballots. This problem is called ballot stuffing.

In this paper we give a definition of verifiability in the computational model to account for a malicious bulletin board that may add ballots. Next, we provide a generic construction that transforms a voting scheme that is verifiable against an honest bulletin board and an honest registration authority (weak verifiability) into a verifiable voting scheme under the weaker trust assumption that the registration authority and the bulletin board are not simultaneously dishonest (strong verifiability). This construction simply adds a registration authority that sends private credentials to the voters, and publishes the corresponding public credentials.

We further provide simple and natural criteria that imply weak verifiability. As an application of these criteria, we formally prove the latest variant of Helios by Bernhard, Pereira and Warinschi weakly verifiable. By applying our generic construction we obtain a Helios-like scheme that has ballot privacy and strong verifiability (and thus prevents ballot stuffing). The resulting voting scheme, Helios-C, retains the simplicity of Helios and has been implemented and tested.

Keywords

voting protocols individual verifiability universal verifiability ballot stuffing ballot privacy Helios 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Adida, B., de Marneffe, O., Pereira, O., Quisquater, J.J.: Electing a university president using open-audit voting: Analysis of real-world use of Helios. In: Proceedings of the 2009 Conference on Electronic Voting Technology/Workshop on Trustworthy Elections (2009)Google Scholar
  2. 2.
    Cramer, R., Gennaro, R., Schoenmakers, B.: A secure and optimally efficient multi-authority election scheme. In: Fumy, W. (ed.) Advances in Cryptology - EUROCRYPT 1997. LNCS, vol. 1233, pp. 103–118. Springer, Heidelberg (1997)Google Scholar
  3. 3.
    Benaloh, J.: Ballot casting assurance via voter-initiated poll station auditing. In: Proceedings of the Second Usenix/ACCURATE Electronic Voting Technology Workshop (2007)Google Scholar
  4. 4.
    International association for cryptologic research, Elections page at http://www.iacr.org/elections/
  5. 5.
    Cortier, V., Smyth, B.: Attacking and fixing Helios: An analysis of ballot secrecy. In: CSF, pp. 297–311. IEEE Computer Society (2011)Google Scholar
  6. 6.
    Bernhard, D., Cortier, V., Pereira, O., Smyth, B., Warinschi, B.: Adapting Helios for provable ballot secrecy. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 335–354. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  7. 7.
    Bernhard, D., Pereira, O., Warinschi, B.: How not to prove yourself: Pitfalls of the Fiat-Shamir heuristic and applications to Helios. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 626–643. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  8. 8.
    Juels, A., Catalano, D., Jakobsson, M.: Coercion-resistant electronic elections. In: Chaum, D., Jakobsson, M., Rivest, R.L., Ryan, P.Y.A., Benaloh, J., Kutylowski, M., Adida, B. (eds.) Towards Trustworthy Elections. LNCS, vol. 6000, pp. 37–63. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  9. 9.
    Adida, B., de Marneffe, O., Pereira, O.: Helios voting system, http://www.heliosvoting.org
  10. 10.
    Pinault, T., Courtade, P.: E-voting at expatriates’ MPs elections in France. In: Kripp, M.J., Volkamer, M., Grimm, R. (eds.) Electronic Voting. LNI, vol. 205, pp. 189–195. GI (2012)Google Scholar
  11. 11.
    Camenisch, J., Lysyanskaya, A.: An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 93–118. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  12. 12.
    Delaune, S., Kremer, S., Ryan, M.D., Steel, G.: A formal analysis of authentication in the TPM. In: Degano, P., Etalle, S., Guttman, J. (eds.) FAST 2010. LNCS, vol. 6561, pp. 111–125. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  13. 13.
    Küsters, R., Truderung, T., Vogt, A.: Accountability: definition and relationship to verifiability. In: Al-Shaer, E., Keromytis, A.D., Shmatikov, V. (eds.) ACM Conference on Computer and Communications Security, pp. 526–535. ACM (2010)Google Scholar
  14. 14.
    Küsters, R., Truderung, T., Vogt, A.: Verifiability, privacy, and coercion-resistance: New insights from a case study. In: IEEE Symposium on Security and Privacy, pp. 538–553. IEEE Computer Society (2011)Google Scholar
  15. 15.
    Küsters, R., Truderung, T., Vogt, A.: Clash attacks on the verifiability of e-voting systems. In: IEEE Symposium on Security and Privacy, pp. 395–409. IEEE Computer Society (2012)Google Scholar
  16. 16.
    Groth, J.: Evaluating security of voting schemes in the universal composability framework. In: Jakobsson, M., Yung, M., Zhou, J. (eds.) ACNS 2004. LNCS, vol. 3089, pp. 46–60. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  17. 17.
    Juels, A., Catalano, D., Jakobsson, M.: Coercion-resistant electronic elections. In: Atluri, V., di Vimercati, S.D.C., Dingledine, R. (eds.) WPES, pp. 61–70. ACM (2005)Google Scholar
  18. 18.
    Cortier, V., Galindo, D., Glondu, S., Izabachène, M.: Election verifiability for Helios under weaker trust assumptions. HAL - INRIA Archive Ouverte/Open Archive, Research Report RR-8855 (2014), http://hal.inria.fr/hal-01011294
  19. 19.
    Gamal, T.E.: A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory 31(4), 469–472 (1985)CrossRefMATHGoogle Scholar
  20. 20.
    Schnorr, C.P.: Efficient signature generation by smart cards. J. Cryptology 4(3), 161–174 (1991)CrossRefMATHMathSciNetGoogle Scholar
  21. 21.
    Chaum, D., Pedersen, T.P.: Wallet databases with observers. In: Brickell, E.F. (ed.) Advances in Cryptology - CRYPTO 1992. LNCS, vol. 740, pp. 89–105. Springer, Heidelberg (1993)Google Scholar
  22. 22.
    Cramer, R., Damgård, I.B., Schoenmakers, B.: Proofs of partial knowledge and simplified design of witness hiding protocols. In: Desmedt, Y.G. (ed.) Advances in Cryptology - CRYPTO 1994. LNCS, vol. 839, pp. 174–187. Springer, Heidelberg (1994)Google Scholar
  23. 23.
    Hazay, C., Lindell, Y.: Efficient Secure Two-Party Protocols - Techniques and Constructions. Information Security and Cryptography. Springer (2010)Google Scholar
  24. 24.
    Glondu, S.: Helios with Credentials: Proof of concept and mock election results, http://stephane.glondu.net/helios/
  25. 25.
    Cortier, V., Galindo, D., Glondu, S., Izabachène, M.: Distributed ElGamal à la Pedersen: Application to Helios. In: Sadeghi, A.R., Foresti, S. (eds.) WPES, pp. 131–142. ACM (2013)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Véronique Cortier
    • 1
  • David Galindo
    • 1
  • Stéphane Glondu
    • 2
  • Malika Izabachène
    • 1
    • 3
  1. 1.LORIA - CNRSFrance
  2. 2.INRIA Nancy Grand EstFrance
  3. 3.École Polytechnique FéminineFrance

Personalised recommendations