Verifiable and Privacy Preserving Electronic Voting with Untrusted Machines

Designing a trustworthy voting system that uses electronic voting machines (EVMs) for efficiency and accuracy is a challenging task. It is difficult, if not impossible, to ensure the trustworthiness of EVMs that possess computation, storage, and communication capabilities. Thus an electronic voting system that does not assume trusted EVMs is clearly desirable. In this paper, we have proposed a k-anonymized electronic voting scheme that achieves this goal by assuming a hardware-controlled trusted random number generator external to the EVM. The proposed scheme relies on a k-anonymization technique to protect privacy and resort to joint de-anonymization of the votes for counting. Since the joint de-anonymization takes into account all the votes, it is difficult to manipulate an individual vote, even by the EVM, without being detected. Besides the anonymization technique, the proposed scheme relies on standard cryptographic hashing and the concept of floating receipt to provide end-to-end verifiability that prevents coercion or vote trading.

[1]  Altair Olivo Santin,et al.  A Three-Ballot-Based Secure Electronic Voting System , 2008, IEEE Security & Privacy.

[2]  Michael R. Clarkson,et al.  Civitas: Toward a Secure Voting System , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[3]  Wolter Pieters,et al.  Anonymity and Verifiability in Voting: Understanding (Un)Linkability , 2010, ICICS.

[4]  Ralf Küsters,et al.  Verifiability, Privacy, and Coercion-Resistance: New Insights from a Case Study , 2011, 2011 IEEE Symposium on Security and Privacy.

[5]  Ralf Küsters,et al.  Clash Attacks on the Verifiability of E-Voting Systems , 2012, 2012 IEEE Symposium on Security and Privacy.

[6]  Jörn Müller-Quade,et al.  Bingo Voting: Secure and Coercion-Free Voting Using a Trusted Random Number Generator , 2007, VOTE-ID.

[7]  Moni Naor,et al.  Split-ballot voting: Everlasting privacy with distributed trust , 2007, TSEC.

[8]  Jeremy Clark,et al.  Scantegrity II: End-to-End Verifiability by Voters of Optical Scan Elections Through Confirmation Codes , 2009, IEEE Transactions on Information Forensics and Security.

[9]  Zhe Xia,et al.  PrÊt À Voter: a Voter-Verifiable Voting System , 2009, IEEE Transactions on Information Forensics and Security.

[10]  Anindya Iqbal,et al.  A Subset Coding Based k-Anonymization Technique to Trade-Off Location Privacy and Data Integrity in Participatory Sensing Systems , 2011, 2011 IEEE 10th International Symposium on Network Computing and Applications.

[11]  Mariana Raykova,et al.  Verifiable Remote Voting with Large Scale Coercion Resistance , 2011 .

[12]  Jeremy Clark,et al.  Scantegrity: End-to-End Voter-Verifiable Optical- Scan Voting , 2008, IEEE Security & Privacy.

[13]  Aggelos Kiayias,et al.  Integrity of electronic voting systems: fallacious use of cryptography , 2012, SAC '12.

[14]  Jeroen van de Graaf,et al.  A Publicly-Veri able Mix-net with Everlasting Privacy Towards Observers , 2012, IACR Cryptol. ePrint Arch..

[15]  Jeremy Clark,et al.  Scantegrity II: end-to-end verifiability by voters of optical scan elections through confirmation codes , 2009, IEEE Trans. Inf. Forensics Secur..

[16]  Jeremy Epstein,et al.  Electronic Voting , 2007, Computer.

[17]  Warren D. Smith Three Voting Protocols: ThreeBallot, VAV, and Twin , 2007, EVT.

[18]  Chun-I Fan,et al.  An efficient multi-receipt mechanism for uncoercible anonymous electronic voting , 2008, Math. Comput. Model..

[19]  Pascal Lafourcade,et al.  A formal taxonomy of privacy in voting protocols , 2012, 2012 IEEE International Conference on Communications (ICC).

[20]  Xun Yi,et al.  Practical Internet voting system , 2013, J. Netw. Comput. Appl..

[21]  David L. Dill,et al.  Point/counterpointThe U.S. should ban paperless electronic voting machines , 2008, Commun. ACM.

[22]  Urs Hengartner,et al.  Hover: Trustworthy Elections with Hash-Only Verification , 2012, IEEE Security & Privacy.