Advances in cryptographic voting systems

Democracy depends on the proper administration of popular elections. Voters should receive assurance that their intent was correctly captured and that all eligible votes were correctly tallied. The election system as a whole should ensure that, voter coercion is unlikely, even when voters are willing to be influenced. These conflicting requirements present a significant challenge: how can voters receive enough assurance to trust the election result, but not so much that they can prove to a potential coercer how they voted? This dissertation explores cryptographic techniques for implementing verifiable, secret-ballot elections. We present the power of cryptographic voting, in particular its ability to successfully achieve both verifiability and ballot secrecy, a combination that cannot be achieved by other means. We review a large portion of the literature on cryptographic voting. We propose three novel technical ideas: (1) a simple and inexpensive paper-base cryptographic voting system with some interesting advantages over existing techniques; (2) a theoretical model of incoercibility for human voters with their inherent limited computational ability; and a new ballot casting system that fits the new definition, and (3) a new theoretical construct for shuffling encrypted votes in full view of public observers.

[1]  Kazue Sako,et al.  Receipt-Free Mix-Type Voting Scheme - A Practical Solution to the Implementation of a Voting Booth , 1995, EUROCRYPT.

[2]  David Chaum,et al.  A Practical Voter-Verifiable Election Scheme , 2005, ESORICS.

[3]  Douglas Wikström,et al.  Five Practical Attacks for "Optimistic Mixing for Exit-Polls" , 2003, Selected Areas in Cryptography.

[4]  David Chaum,et al.  Wallet Databases with Observers , 1992, CRYPTO.

[5]  Ivan Damgård,et al.  A Generalisation, a Simplification and Some Applications of Paillier's Probabilistic Public-Key System , 2001, Public Key Cryptography.

[6]  Brian Randell,et al.  Voting Technologies and Trust , 2006, IEEE Security & Privacy.

[7]  Hugo Krawczyk,et al.  Relaxing Chosen-Ciphertext Security , 2003, CRYPTO.

[8]  Moni Naor,et al.  Public-key cryptosystems provably secure against chosen ciphertext attacks , 1990, STOC '90.

[9]  C. Andrew Ne,et al.  Practical high certainty intent verification for encrypted votes , 2004 .

[10]  Ronald Cramer,et al.  A Secure and Optimally Efficient Multi-Authority Election Scheme ( 1 ) , 2000 .

[11]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[12]  Ben Adida,et al.  How to Shuffle in Public , 2007, TCC.

[13]  Jacques Stern,et al.  Sharing Decryption in the Context of Voting or Lotteries , 2000, Financial Cryptography.

[14]  David Chaum,et al.  Secret-ballot receipts: True voter-verifiable elections , 2004, IEEE Security & Privacy Magazine.

[15]  Manuel Blum,et al.  Secure Human Identification Protocols , 2001, ASIACRYPT.

[16]  Jacques Stern,et al.  Practical multi-candidate election system , 2001, PODC '01.

[17]  C. P. Schnorr,et al.  Efficient Identification and Signatures for Smart Cards (Abstract) , 1989, EUROCRYPT.

[18]  Douglas Wikström,et al.  A Sender Verifiable Mix-Net and a New Proof of a Shuffle , 2005, ASIACRYPT.

[19]  Andrew Chi-Chih Yao,et al.  How to generate and exchange secrets , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[20]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[21]  Masayuki Abe,et al.  A Length-Invariant Hybrid Mix , 2000, ASIACRYPT.

[22]  Ivan Damgård,et al.  Towards Practical Public Key Systems Secure Against Chosen Ciphertext Attacks , 1991, CRYPTO.

[23]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[24]  Burton S. Kaliski Advances in Cryptology - CRYPTO '97 , 1997 .

[25]  Stefan A. Brands,et al.  Untraceable Off-line Cash in Wallet with Observers , 2002 .

[26]  A. D. Santis Advances in cryptology, EUROCRYPT '94 : Workshop on the Theory and Application of Cryptographic Techniques, Perugia, Italy, May 9-12, 1994 : proceedings , 1995 .

[27]  Jean-Marie Baland,et al.  Land and Power: Theory and Evidence , 2005 .

[28]  Moti Yung,et al.  Robust efficient distributed RSA-key generation , 1998, STOC '98.

[29]  Ajay D. Kshemkalyani,et al.  Proceedings of the Twentieth Annual ACM Symposium on Principles of Distributed Computing, PODC 2001, Newport, Rhode Island, USA, August 26-29, 2001 , 2001, ACM SIGACT-SIGOPS Symposium on Principles of Distributed Computing.

[30]  Yvo Desmedt,et al.  How to Break a Practical MIX and Design a New One , 2000, EUROCRYPT.

[31]  Tatsuaki Okamoto Topics in cryptology - CT-RSA 2004 : the Cryptographers' Track at the RSA Conference 2004, San Francisco, CA, USA, February 23-27, 2004 : proceedings , 2004 .

[32]  GENERAL ELECTION , 1910, British medical journal.

[33]  John Langford,et al.  CAPTCHA: Using Hard AI Problems for Security , 2003, EUROCRYPT.

[34]  Ralph C. Merkle,et al.  Secrecy, authentication, and public key systems , 1979 .

[35]  Kazue Sako,et al.  Secure Voting Using Partially Compatible Homomorphisms , 1994, CRYPTO.

[36]  Donald Beaver,et al.  Foundations of Secure Interactive Computing , 1991, CRYPTO.

[37]  Richard Clayton Improving Onion Notation , 2003, Privacy Enhancing Technologies.

[38]  Jonathan Katz,et al.  Cryptographic Counters and Applications to Electronic Voting , 2001, EUROCRYPT.

[39]  Josh Benaloh,et al.  Receipt-free secret-ballot elections (extended abstract) , 1994, STOC '94.

[40]  Alfredo De Santis,et al.  Advances in Cryptology — EUROCRYPT'94 , 1994, Lecture Notes in Computer Science.

[41]  Markus Jakobsson,et al.  A Practical Mix , 1998, EUROCRYPT.

[42]  Markus Jakobsson,et al.  An optimally robust hybrid mix network , 2001, PODC '01.

[43]  Markus Jakobsson,et al.  Flash mixing , 1999, PODC '99.

[44]  J. Markus,et al.  Millimix: Mixing in Small Batches , 1999 .

[45]  Yehuda Lindell,et al.  On the composition of authenticated byzantine agreement , 2002, STOC '02.

[46]  Mihir Bellare,et al.  Fast Batch Verification for Modular Exponentiation and Digital Signatures , 1998, IACR Cryptol. ePrint Arch..

[47]  Kaoru Kurosawa,et al.  Almost Ideal Contrast Visual Cryptography with Reversing , 2004, CT-RSA.

[48]  Jean-Jacques Quisquater,et al.  A Practical Zero-Knowledge Protocol Fitted to Security Microprocessor Minimizing Both Transmission and Memory , 1988, EUROCRYPT.

[49]  Richard J. Lipton,et al.  Cryptographic Primitives Based on Hard Learning Problems , 1993, CRYPTO.

[50]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[51]  Adi Shamir,et al.  Witness indistinguishable and witness hiding protocols , 1990, STOC '90.

[52]  Moni Naor,et al.  Visual Cryptography , 1994, Encyclopedia of Multimedia.

[53]  Yael Tauman Kalai,et al.  On the (In)security of the Fiat-Shamir paradigm , 2003, 44th Annual IEEE Symposium on Foundations of Computer Science, 2003. Proceedings..

[54]  Yael Tauman Kalai,et al.  On the impossibility of obfuscation with auxiliary input , 2005, 46th Annual IEEE Symposium on Foundations of Computer Science (FOCS'05).

[55]  Yvo Desmedt,et al.  Shared Generation of Authenticators and Signatures (Extended Abstract) , 1991, CRYPTO.

[56]  Patrick Horster,et al.  Some Remarks on a Receipt-Free and Universally Verifiable Mix-Type Voting Scheme , 1996, ASIACRYPT.

[57]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[58]  Douglas Wikström,et al.  A Universally Composable Mix-Net , 2004, TCC.

[59]  Alan T. Sherman,et al.  Punchscan: Introduction and System Definition of a High-Integrity Election System , 2006 .

[60]  Markus Jakobsson,et al.  Making Mix Nets Robust for Electronic Voting by Randomized Partial Checking , 2002, USENIX Security Symposium.

[61]  Ted Selker TESTIMONY ON VOTER VERIFICATION: PRESENTATION TO SENATE COMMITTEE ON RULES AND ADMINISTRATION , 2005 .

[62]  Aggelos Kiayias,et al.  Self-tallying Elections and Perfect Ballot Secrecy , 2002, Public Key Cryptography.

[63]  Hoeteck Wee,et al.  On obfuscating point functions , 2005, STOC '05.

[64]  Tatsuaki Okamoto,et al.  Receipt-Free Electronic Voting Schemes for Large Scale Elections , 1997, Security Protocols Workshop.

[65]  David A. Wagner,et al.  Cryptographic Voting Protocols: A Systems Perspective , 2005, USENIX Security Symposium.

[66]  Moti Yung,et al.  Robust efficient distributed RSA-key generation , 1998, STOC '98.

[67]  C. Andrew Neff,et al.  A verifiable secret shuffle and its application to e-voting , 2001, CCS '01.

[68]  Ronald L. Rivest,et al.  Scratch & vote: self-contained paper-based cryptographic voting , 2006, WPES '06.

[69]  Rebecca T. Mercuri Voting-machine risks , 1992, CACM.

[70]  Markus Jakobsson,et al.  Optimistic Mixing for Exit-Polls , 2002, ASIACRYPT.

[71]  Moti Yung,et al.  How to share a function securely , 1994, STOC '94.

[72]  Aggelos Kiayias,et al.  The Vector-Ballot e-Voting Approach , 2004, Financial Cryptography.

[73]  Kazue Sako,et al.  An Efficient Scheme for Proving a Shuffle , 2001, CRYPTO.

[74]  Matthew K. Franklin,et al.  Multi-Autority Secret-Ballot Elections with Linear Work , 1996, EUROCRYPT.

[75]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[76]  Victor Shoup,et al.  Practical Threshold Signatures , 2000, EUROCRYPT.

[77]  Dimitris Gritzalis,et al.  Secure Electronic Voting , 2003, Advances in Information Security.

[78]  Ari Juels,et al.  Authenticating Pervasive Devices with Human Protocols , 2005, CRYPTO.

[79]  Joseph Pratt Harris,et al.  Election Administration in the United States , 1934 .

[80]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[81]  Mihir Bellare,et al.  Optimal Asymmetric Encryption , 1994, EUROCRYPT.

[82]  Daniel R. Simon,et al.  Cryptographic defense against traffic analysis , 1993, STOC.

[83]  Moti Yung,et al.  Distributing the power of a government to enhance the privacy of voters , 1986, PODC '86.

[84]  D. Shanks Class number, a theory of factorization, and genera , 1971 .

[85]  Dan Boneh,et al.  Evaluating 2-DNF Formulas on Ciphertexts , 2005, TCC.

[86]  C. Moler,et al.  Advances in Cryptology , 2000, Lecture Notes in Computer Science.

[87]  Valtteri Niemi,et al.  How to Prevent Buying of Votes in Computer Elections , 1994, ASIACRYPT.

[88]  Ivan Damgård,et al.  Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols , 1994, CRYPTO.

[89]  Masayuki Abe,et al.  Universally Verifiable Mix-net with Verification Work Indendent of the Number of Mix-servers , 1998, EUROCRYPT.

[90]  Birgit Pfitzmann,et al.  Breaking Efficient Anonymous Channel , 1994, EUROCRYPT.

[91]  Amit Sahai,et al.  On the (im)possibility of obfuscating programs , 2001, JACM.

[92]  K. Nyberg Advances in cryptology-EUROCRYPT '98 : International Conference on the Theory and Application of Cryptographic Techniques, Espoo, Finland, May 31-June 4, 1998 : proceedings , 1998 .

[93]  D. Jefferson,et al.  Security analysis of SERVE 1 A Security Analysis of the Secure Electronic Registration and Voting Experiment ( SERVE ) , 2004 .

[94]  Masayuki Abe,et al.  Mix-Networks on Permutation Networks , 1999, ASIACRYPT.

[95]  Silvio Micali,et al.  Probabilistic encryption & how to play mental poker keeping secret all partial information , 1982, STOC '82.

[96]  Michael J. Fischer,et al.  A robust and verifiable cryptographically secure election scheme , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[97]  Kazue Sako,et al.  Efficient Receipt-Free Voting Based on Homomorphic Encryption , 2000, EUROCRYPT.

[98]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[99]  Jerome H. Saltzer,et al.  End-to-end arguments in system design , 1984, TOCS.

[100]  Leonid A. Levin,et al.  Fair Computation of General Functions in Presence of Immoral Majority , 1990, CRYPTO.

[101]  Kaoru Kurosawa,et al.  Attack for Flash MIX , 2000, ASIACRYPT.

[102]  Dan Boneh,et al.  Almost entirely correct mixing with applications to voting , 2002, CCS '02.

[103]  Ran Canetti,et al.  Towards Realizing Random Oracles: Hash Functions That Hide All Partial Information , 1997, CRYPTO.

[104]  Ari Juels,et al.  Parallel mixing , 2004, CCS '04.

[105]  Stefan Droste,et al.  New Results on Visual Cryptography , 1996, CRYPTO.

[106]  Ran Canetti,et al.  Incoercible Multiparty Computation (extended abstract). , 1996, IEEE Annual Symposium on Foundations of Computer Science.

[107]  Yiannis Tsiounis,et al.  On the Security of ElGamal Based Encryption , 1998, Public Key Cryptography.

[108]  Ivan Damgård,et al.  Practical Threshold RSA Signatures without a Trusted Dealer , 2000, EUROCRYPT.

[109]  Peter Y. A. Ryan,et al.  Prêt à Voter with Re-encryption Mixes , 2006, ESORICS.

[110]  Hugo Krawczyk,et al.  Secure Distributed Key Generation for Discrete-Log Based Cryptosystems , 1999, Journal of Cryptology.

[111]  Yvo Desmedt,et al.  Threshold Cryptosystems , 1989, CRYPTO.

[112]  Kaoru Kurosawa,et al.  Efficient Anonymous Channel and All/Nothing Election Scheme , 1994, EUROCRYPT.

[113]  Manuel Blum,et al.  Non-Interactive Zero-Knowledge and Its Applications (Extended Abstract) , 1988, STOC 1988.

[114]  Silvio Micali,et al.  Plaintext Awareness via Key Registration , 2003, CRYPTO.

[115]  Harriet Ortiz,et al.  Proceedings of the twenty-second annual ACM symposium on Theory of computing , 1990, STOC 1990.

[116]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[117]  A. Juels,et al.  Universal Re-encryption for Mixnets , 2004, CT-RSA.

[118]  Douglas R. Stinson,et al.  Advances in Cryptology — CRYPTO’ 93 , 2001, Lecture Notes in Computer Science.

[119]  Torben P. Pedersen A Threshold Cryptosystem without a Trusted Party (Extended Abstract) , 1991, EUROCRYPT.

[120]  Oded Goldreich,et al.  Foundations of Cryptography: Basic Tools , 2000 .

[121]  Rafail Ostrovsky,et al.  Private Searching on Streaming Data , 2005, Journal of Cryptology.

[122]  Jacques Stern,et al.  Advances in cryptology-EUROCRYPT '99 : International Conference on the Theory and Application of Cryptographic Techniques, Prague, Czech Republic, May 2-6, 1999 : proceedings , 1999 .

[123]  Rosario Gennaro Achieving independence efficiently and securely , 1995, PODC '95.

[124]  John Langford,et al.  Telling humans and computers apart automatically , 2004, CACM.

[125]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[126]  Silvio Micali,et al.  Secure Computation (Abstract) , 1991, CRYPTO.

[127]  Paul Feldman,et al.  A practical scheme for non-interactive verifiable secret sharing , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).

[128]  Charles W. Trigg A Card Trick. , 1970 .

[129]  Matthew K. Franklin,et al.  Efficient Generation of Shared RSA Keys (Extended Abstract) , 1997, CRYPTO.

[130]  C. Andrew Neff,et al.  Ballot Casting Assurance , 2006, EVT.

[131]  Bart Preneel Advances in cryptology - EUROCRYPT 2000 : International Conference on the Theory and Application of Cryptographic Techniques, Bruges, Belgium, May 14-18, 2000 : proceedings , 2000 .

[132]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[133]  Hugo Krawczyk,et al.  Robust and Efficient Sharing of RSA Functions , 2000, Journal of Cryptology.

[134]  Roy G. Saltman The history and politics of voting technology , 2006 .

[135]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[136]  Moni Naor,et al.  Visual Authentication and Identification , 1997, CRYPTO.

[137]  Kazue Sako,et al.  Fault tolerant anonymous channel , 1997, ICICS.

[138]  Birgit Pfitzmann,et al.  How to Break the Direct RSA-Implementation of Mixes , 1990, EUROCRYPT.