skip to main content
research-article

Split-ballot voting: Everlasting privacy with distributed trust

Published:05 March 2010Publication History
Skip Abstract Section

Abstract

In this article, we propose a new voting protocol with several desirable security properties. The voting stage of the protocol can be performed by humans without computers; it provides every voter with the means to verify that all the votes were counted correctly (universal verifiability) while preserving ballot secrecy. The protocol has “everlasting privacy”: Even a computationally unbounded adversary gains no information about specific votes from observing the protocol's output. Unlike previous protocols with these properties, this protocol distributes trust between two authorities: a single corrupt authority will not cause voter privacy to be breached. Finally, the protocol is receipt-free: A voter cannot prove how she voted even if she wants to do so. We formally prove the security of the protocol in the universal composability framework, based on number-theoretic assumptions.

References

  1. Adida, B. and Rivest, R. L. 2006. Scratch & vote: Self-contained paper-based cryptographic voting. In Proceedings of the 5th ACM Workshop on Privacy in Electronic Society (WPES'06). ACM, New York, 29--40. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Aumann, Y., Ding, Y. Z., and Rabin, M. O. 2002. Everlasting security in the bounded storage model. IEEE Trans. Inf. Theory 48, 6, 1668--1680. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Bellare, M. and Goldreich, O. 1992. On defining proofs of knowledge. In Proceedings of The 12th Annual International Cryptology Conference (CRYPTO'92). Springer-Verlag Inc., Berlin, 390--420. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Benaloh, J. and Tuinstra, D. 1994. Receipt-free secret-ballot elections. In Proceedings of the 26th Annual ACM Symposium on Theory of Computing. ACM, New York, 544--553. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Boudot, F. 2000. Efficient proofs that a committed number lies in an interval. In Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques (EUROCRYPT'00). Springer, Berlin, 431--444. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Bryans, J. W. and Ryan, P. Y. A. 2004. A simplified version of the Chaum voting scheme. Tech. rep. CS-TR 843, University of Newcastle.Google ScholarGoogle Scholar
  7. Camenisch, J. and Michels, M. 1999. Proving in zero-knowledge that a number is the product of two safe primes. In Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques (EUROCRYPT'99). Springer, Berlin, 107--122. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Canetti, R. 2000. Universally composable security: A new paradigm for cryptographic protocols. Cryptology ePrint Archive, Report 2000/067.Google ScholarGoogle Scholar
  9. Canetti, R. and Gennaro, R. 1996. Incoercible multiparty computation. In Proceedings of the 37th Annual Symposium on Foundations of Computer Science. IEEE, Los Alamitos, CA, 504--513. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Chaum, D. 1981. Untraceable electronic mail, return addresses, and digital pseudonyms. Commun. ACM 24, 2, 84--88. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Chaum, D. 2004. E-voting: secret-ballot receipts: True voter-verifiable elections. IEEE Security & Privacy 2, 1, 38--47. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Chaum, D. 2006. http://punchscan.org/.Google ScholarGoogle Scholar
  13. Cohen(Benaloh), J. D. and Fischer, M. J. 1985. A robust and verifiable cryptographically secure election scheme. In Proceedings of the 26th annual Symposium on Foundations of Computer Science. IEEE, Los Alamitos, CA, 372--382. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Cramer, R., Franklin, M., Schoenmakers, B., and Yung, M. 1996. Multi-authority secret-ballot elections with linear work. In Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques (EUROTCRYPT'96). Springer-Verlag, Berlin, 72--83. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Cramer, R., Gennaro, R., and Schoenmakers, B. 1997. A secure and optimally efficient multi-authority election scheme. In Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques (EUROTCRYPT'97). Springer-Verlag, Berlin, 103--118. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Damgrd, I. B. and Fujisaki, E. 2002. A statistically-hiding integer commitment scheme-based on groups with hidden order. In Proceedings of the International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT'02). Springer, Berlin, 125--142. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. Fujioka, A., Okamoto, T., and Ohta, K. 1992. A practical secret voting scheme for large scale elections. In Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques (AUSCRYPT'92). Springer-Verlag, Berlin, 244--251. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Groth, J. 2002. A verifiable secret shuffle of homomorphic encryptions. In Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography (PKC'03). Springer, Berlin, 145--160. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Hirt, M. and Sako, K. 2000. Efficient receipt-free voting based on homomorphic encryption. In Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques (EUROCRYPT'00). Springer, Berlin, 539. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. Moran, T. and Naor, M. 2006. Receipt-free universally-verifiable voting with everlasting privacy. In Proceedings of the 26th Annual International Cryptology Conference (CRYPTO'06). Springer, Berlin, 373--392. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Naor, M. and Shamir, A. 1994. Visual cryptography. In Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques (EUROCRYPT'94). Springer-Verlag, Berlin, 1--12.Google ScholarGoogle Scholar
  22. Neff, C. A. 2004. Practical high certainty intent verification for encrypted votes. http://www.votehere.net/vhti/documentation/vsv-2.0.3638.pdf.Google ScholarGoogle Scholar
  23. Popoveniuc, S. and Hosp, B. 2006. An introduction to punchscan. http://punchscan.org/papers/popoveniuc_hosp_punchscan_introduction.pdf.Google ScholarGoogle Scholar
  24. Rabin, M. O. 1983. Transaction protection by beacons. J. Comput. Syst. Sci. 27, 2, 256--267.Google ScholarGoogle ScholarCross RefCross Ref
  25. Reynolds, D. J. 2005. A method for electronic voting with coercion-free receipt. Presentation http://www.win.tue.nl/~berry/fee2005/presentations/reynolds.ppt.Google ScholarGoogle Scholar
  26. Ryan, P. Y. A. 2005. A variant of the Chaum voter-verifiable scheme. In Proceedings of the 2005 Workshop on Issues in the Theory of Security (WITS'05). ACM, New York, 81--88. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Shamir, A. 2006. Cryptographers panel, RSA conference. Webcast: http://media.omediaweb.com/rsa2006/1_5/1_5_High.asx.Google ScholarGoogle Scholar

Index Terms

  1. Split-ballot voting: Everlasting privacy with distributed trust

          Recommendations

          Comments

          Login options

          Check if you have access through your login credentials or your institution to get full access on this article.

          Sign in

          Full Access

          • Published in

            cover image ACM Transactions on Information and System Security
            ACM Transactions on Information and System Security  Volume 13, Issue 2
            February 2010
            230 pages
            ISSN:1094-9224
            EISSN:1557-7406
            DOI:10.1145/1698750
            Issue’s Table of Contents

            Copyright © 2010 ACM

            Publisher

            Association for Computing Machinery

            New York, NY, United States

            Publication History

            • Published: 5 March 2010
            • Accepted: 1 August 2008
            • Revised: 1 June 2008
            • Received: 1 February 2008
            Published in tissec Volume 13, Issue 2

            Permissions

            Request permissions about this article.

            Request Permissions

            Check for updates

            Qualifiers

            • research-article
            • Research
            • Refereed

          PDF Format

          View or Download as a PDF file.

          PDF

          eReader

          View online with eReader.

          eReader
          About Cookies On This Site

          We use cookies to ensure that we give you the best experience on our website.

          Learn more

          Got it!