A Publicly-Veri able Mix-net with Everlasting Privacy Towards Observers

In this paper we present a novel, publicly verifiable mixing scheme which has everlasting privacy towards observers: all the information published on the bulletin board by the mixes (audit information etc) reveals no information about the identity of any of the messages published. The correctness of the mixing process is statistical: even if all authorities conspire, they cannot change the contents of any message without being detected with overwhelming probability. We accomplish this by encoding the messages submitted using so-called Pedersen commitments. Decoding (opening) these is possible because we create a parallel mix-net run by the same mixes to which the public has no access. This private mix-net uses the same permutations as the public one, but uses homomorphic encryption, which is used to send auxiliary information (messages, decommitment values) through the mix-net to allow decoding.

[1]  Kaoru Kurosawa,et al.  Efficient Anonymous Channel and All/Nothing Election Scheme , 1994, EUROCRYPT.

[2]  Takeo Kanade,et al.  Formal Aspects in Security and Trust , 2008, Lecture Notes in Computer Science.

[3]  Jens Groth,et al.  Short Pairing-Based Non-interactive Zero-Knowledge Arguments , 2010, ASIACRYPT.

[4]  Markulf Kohlweiss,et al.  Malleable Proof Systems and Applications , 2012, EUROCRYPT.

[5]  Douglas Wikström,et al.  Five Practical Attacks for "Optimistic Mixing for Exit-Polls" , 2003, Selected Areas in Cryptography.

[6]  D. Chaum Secret-Ballot Receipts and Transparent Integrity , 2002 .

[7]  Moni Naor,et al.  Split-ballot voting: Everlasting privacy with distributed trust , 2007, TSEC.

[8]  Ben Adida,et al.  Helios: Web-based Open-Audit Voting , 2008, USENIX Security Symposium.

[9]  Jun Furukawa Efficient and Verifiable Shuffling and Shuffle-Decryption , 2005, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[10]  Hideki Imai,et al.  Flaws in Some Robust Optimistic Mix-Nets , 2003, ACISP.

[11]  David Chaum,et al.  Secret-Ballot Receipts and Transparent Integrity Better and less-costly electronic voting at polling places , 2003 .

[12]  James Heather,et al.  The Append-Only Web Bulletin Board , 2008, Formal Aspects in Security and Trust.

[13]  David Chaum,et al.  Multiparty Computations Ensuring Privacy of Each Party's Input and Correctness of the Result , 1987, CRYPTO.

[14]  Markus Jakobsson,et al.  Optimistic Mixing for Exit-Polls , 2002, ASIACRYPT.

[15]  Kazue Sako,et al.  Receipt-Free Mix-Type Voting Scheme - A Practical Solution to the Implementation of a Voting Booth , 1995, EUROCRYPT.

[16]  Melanie Volkamer,et al.  Random Block Verification: Improving the Norwegian Electoral Mix-Net , 2012, Electronic Voting.

[17]  David Chaum A New Paradigm for Individuals in the Information Age , 1984, 1984 IEEE Symposium on Security and Privacy.

[18]  Kristian Gjøsteen,et al.  Analysis of an internet voting protocol , 2010, IACR Cryptol. ePrint Arch..

[19]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[20]  Jordi Puiggali,et al.  Universally Verifiable Efficient Re-encryption Mixnet , 2010, Electronic Voting.

[21]  Douglas Wikstr m,et al.  Five Practical Attacks for "Optimistic Mixing for Exit-Polls , 2003 .

[22]  Douglas Wikström,et al.  A Commitment-Consistent Proof of a Shuffle , 2009, ACISP.

[23]  Jeremy Clark,et al.  Scantegrity II: End-to-End Verifiability by Voters of Optical Scan Elections Through Confirmation Codes , 2009, IEEE Transactions on Information Forensics and Security.

[24]  Zhe Xia,et al.  PrÊt À Voter: a Voter-Verifiable Voting System , 2009, IEEE Transactions on Information Forensics and Security.

[25]  Jens Groth,et al.  Efficient Zero-Knowledge Argument for Correctness of a Shuffle , 2012, EUROCRYPT.

[26]  Markus Jakobsson,et al.  Making Mix Nets Robust for Electronic Voting by Randomized Partial Checking , 2002, USENIX Security Symposium.

[27]  C. Andrew Neff,et al.  A verifiable secret shuffle and its application to e-voting , 2001, CCS '01.

[28]  Michael R. Clarkson,et al.  Civitas: Toward a Secure Voting System , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[29]  Dan Boneh,et al.  Almost entirely correct mixing with applications to voting , 2002, CCS '02.

[30]  Jeroen van de Graaf,et al.  Ieee Transactions on Information Forensics and Security: Special Issue on Electronic Voting 1 Voting with Unconditional Privacy by Merging Prêt-` A-voter and Punchscan , 2022 .