Applying Divertibility to Blind Ballot Copying in the Helios Internet Voting System

Cortier & Smyth have explored ballot copying in the Helios e-voting platform as an attack against privacy. They also pointed out that their approach to ballot copying could be detected by a modified Helios. We revisit ballot copying from a different viewpoint: as a tool to prevent vote diffusion (the division of votes among multiple weak candidates) and to lessen the effect of established voting blocs. Our approach is based on blinding the ballot casting protocol to create an undetectable copy. A willing voter can cooperate with a prospective copier, helping the copier produce a blinded copy of his ballot without revealing his vote. We prove that Helios is unable to detect the copying. The possibility of such cooperation between voters is manifested only in internet voting and as such is a fundamental difference between internet and booth voting.

[1]  Kazue Sako,et al.  Receipt-Free Mix-Type Voting Scheme - A Practical Solution to the Implementation of a Voting Booth , 1995, EUROCRYPT.

[2]  Bart Jacobs,et al.  Electronic Voting in the Netherlands: From Early Adoption to Early Abolishment , 2009, FOSAD.

[3]  Eric Rescorla,et al.  Proceedings of the 2010 international conference on Electronic voting technology/workshop on trustworthy elections , 2010 .

[4]  Urs Gasser,et al.  Three Case Studies from Switzerland : E-Voting , 2009 .

[5]  Yvo Desmedt,et al.  Electronic Voting: Starting Over? , 2005, ISC.

[6]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[7]  J. Vandewalle,et al.  Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology , 1990 .

[8]  Jean-Jacques Quisquater,et al.  Advances in Cryptology — EUROCRYPT ’89 , 1991, Lecture Notes in Computer Science.

[9]  Samy Bengio,et al.  Special Uses and Abuses of the Fiat-Shamir Passport Protocol , 1987, CRYPTO.

[10]  Ben Smyth,et al.  Attacking and Fixing Helios: An Analysis of Ballot Secrecy , 2011, 2011 IEEE 24th Computer Security Foundations Symposium.

[11]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[12]  Adi Shamir,et al.  Witness indistinguishable and witness hiding protocols , 1990, STOC '90.

[13]  Jeffrey Shallit,et al.  Algorithmic Number Theory , 1996, Lecture Notes in Computer Science.

[14]  Giovanni Vigna,et al.  Are your votes really counted?: testing the security of real-world electronic voting systems , 2008, ISSTA '08.

[15]  Colin J. Ihrig JavaScript Object Notation , 2013 .

[16]  Yvo Desmedt,et al.  Exploiting the Client Vulnerabilities in Internet E-voting Systems: Hacking Helios 2.0 as an Example , 2010, EVT/WOTE.

[17]  Yael Tauman Kalai,et al.  On the (In)security of the Fiat-Shamir paradigm , 2003, 44th Annual IEEE Symposium on Foundations of Computer Science, 2003. Proceedings..

[18]  David Chaum,et al.  Wallet Databases with Observers , 1992, CRYPTO.

[19]  Jean-Jacques Quisquater,et al.  Electing a University President Using Open-Audit Voting: Analysis of Real-World Use of Helios , 2009, EVT/WOTE.

[20]  Jeremy Clark,et al.  Selections: Internet Voting with Over-the-Shoulder Coercion-Resistance , 2011, Financial Cryptography.

[21]  Carl Pomerance,et al.  Advances in Cryptology — CRYPTO ’87 , 2000, Lecture Notes in Computer Science.

[22]  Olivier Pereira,et al.  Running Mixnet-Based Elections with Helios , 2011, EVT/WOTE.

[23]  David Chaum,et al.  Blind Signatures for Untraceable Payments , 1982, CRYPTO.

[24]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.

[25]  R. Fildes Journal of the Royal Statistical Society (B): Gary K. Grunwald, Adrian E. Raftery and Peter Guttorp, 1993, “Time series of continuous proportions”, 55, 103–116.☆ , 1993 .

[26]  Dan Boneh,et al.  The Decision Diffie-Hellman Problem , 1998, ANTS.

[27]  Ronald Cramer,et al.  A Secure and Optimally Efficient Multi-Authority Election Scheme ( 1 ) , 2000 .

[28]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[29]  L. Penrose The Elementary Statistics of Majority Voting , 1946 .

[30]  Ivan Damgård,et al.  Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols , 1994, CRYPTO.

[31]  Ernest F. Brickell,et al.  Advances in Cryptology — CRYPTO’ 92 , 2001, Lecture Notes in Computer Science.

[32]  C. D. Mote,et al.  Report of the national workshop on internet voting: issues and research agenda , 2000, DG.O.

[33]  Tatsuaki Okamoto,et al.  Provably Secure and Practical Identification Schemes and Corresponding Signature Schemes , 1992, CRYPTO.

[34]  L. A. Goodman,et al.  Social Choice and Individual Values , 1951 .

[35]  Amos Fiat,et al.  Zero-knowledge proofs of identity , 1987, Journal of Cryptology.

[36]  Yvo Desmedt,et al.  Advances in Cryptology — CRYPTO ’94 , 2001, Lecture Notes in Computer Science.

[37]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[38]  Andrew Odlyzko,et al.  Advances in Cryptology — CRYPTO’ 86 , 2000, Lecture Notes in Computer Science.

[39]  Kazuo Ohta,et al.  Divertible Zero Knowledge Interactive Proofs and Commutative Random Self-Reducibility , 1990, EUROCRYPT.

[40]  Kristian Gjøsteen,et al.  Analysis of an internet voting protocol , 2010, IACR Cryptol. ePrint Arch..

[41]  Claus-Peter Schnorr,et al.  Efficient signature generation by smart cards , 2004, Journal of Cryptology.

[42]  Jean-Jacques Quisquater,et al.  Advances in Cryptology — EUROCRYPT ’95 , 2001, Lecture Notes in Computer Science.

[43]  Yvo Desmedt,et al.  Efficient Zero-Knowledge Identification Schemes for Smart Cards , 1992, Comput. J..

[44]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[45]  Ran Canetti,et al.  The random oracle methodology, revisited , 2000, JACM.

[46]  Ben Adida,et al.  Helios: Web-based Open-Audit Voting , 2008, USENIX Security Symposium.

[47]  Joseph Bonneau,et al.  What's in a Name? , 2020, Financial Cryptography.