Analysis of Security and Cryptographic Approaches to Provide Secret and Verifiable Electronic Voting

Electronic voting systems are inextricably bound to security and cryptographic techniques. Over the last decades, countless techniques have been proposed to face the dangers of electronic voting systems with mathematical precision. Certainly, the majority of these works address secrecy and verifiability. In this chapter, security and cryptographic techniques are analyzed with respect to those security properties that can be evaluated on the basis of these techniques: secrecy, fairness, integrity, and verifiability. Furthermore, the chapter discusses their adequacy to ensure further relevant properties like eligibility and uniqueness, and evaluates security and cryptographic techniques with respect to the costs that come along with their real-world application. The authors conclude the chapter with a summary of the evaluation results, which can serve as guideline for decision-makers.

[1]  Pascal Lafourcade,et al.  Survey on Electronic Voting Schemes , 2010 .

[2]  Warren D. Smith,et al.  Cryptography meets voting , 2005 .

[3]  Rebecca T. Mercuri A better ballot box , 2002 .

[4]  Joseph K. Liu,et al.  Linkable Spontaneous Anonymous Group Signature for Ad Hoc Groups (Extended Abstract) , 2004, ACISP.

[5]  Torben P. Pedersen A Threshold Cryptosystem without a Trusted Party (Extended Abstract) , 1991, EUROCRYPT.

[6]  Kazue Sako,et al.  Receipt-Free Mix-Type Voting Scheme - A Practical Solution to the Implementation of a Voting Booth , 1995, EUROCRYPT.

[7]  Costas Lambrinoudakis,et al.  Secure Electronic Voting: the Current Landscape , 2003 .

[8]  Moni Naor,et al.  Bit commitment using pseudorandomness , 1989, Journal of Cryptology.

[9]  Manuel Blum,et al.  Non-interactive zero-knowledge and its applications , 1988, STOC '88.

[10]  Alexander Klink Cryptographic Voting Protocols - A Prototype Design and Implementation for University Elections at {TU} Darmstadt , 2006 .

[11]  Hugo Krawczyk,et al.  Secure Distributed Key Generation for Discrete-Log Based Cryptosystems , 1999, Journal of Cryptology.

[12]  Moni Naor,et al.  Bit Commitment Using Pseudo-Randomness , 1989, CRYPTO.

[13]  Jean Everson Martina,et al.  An updated threat model for security ceremonies , 2013, SAC '13.

[14]  Moni Naor,et al.  Split-ballot voting: Everlasting privacy with distributed trust , 2007, TSEC.

[15]  Ben Adida,et al.  Helios: Web-based Open-Audit Voting , 2008, USENIX Security Symposium.

[16]  Peter Y. A. Ryan,et al.  Pretty Good Democracy for More Expressive Voting Schemes , 2010, ESORICS.

[17]  David Lundin Component Based Electronic Voting Systems , 2010, Towards Trustworthy Elections.

[18]  Jörg Helbach Code Voting mit prüfbaren Code Sheets , 2009, GI Jahrestagung.

[19]  Jörg Helbach,et al.  Code Voting - Ein Verfahren für Aktiengesellschaften? , 2008, GI Jahrestagung.

[20]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[21]  Lucie Langer,et al.  Privacy and verifiability in electronic voting , 2010 .

[22]  Melanie Volkamer Evaluation of Electronic Voting - Requirements and Evaluation Procedures to Support Responsible Election Authorities , 2009, Lecture Notes in Business Information Processing.

[23]  Lee Naish,et al.  Coercion-Resistant Tallying for STV Voting , 2008, EVT.

[24]  Moni Naor,et al.  Oblivious transfer and polynomial evaluation , 1999, STOC '99.

[25]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[26]  Mona F. M. Mursi,et al.  On the Development of Electronic Voting: A Survey , 2013 .

[27]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[28]  Melanie Volkamer,et al.  Civitas and the Real World: Problems and Solutions from a Practical Point of View , 2012, 2012 Seventh International Conference on Availability, Reliability and Security.

[29]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[30]  Mark Ryan,et al.  Election Verifiability in Electronic Voting Protocols , 2010, ESORICS.

[31]  Peter Y. A. Ryan,et al.  Prêt à Voter with Confirmation Codes , 2011, EVT/WOTE.

[32]  Rudolf Schmid,et al.  Organization for the advancement of structured information standards , 2002 .

[33]  Ben Adida,et al.  Advances in cryptographic voting systems , 2006 .

[34]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[35]  David Chaum,et al.  Wallet Databases with Observers , 1992, CRYPTO.

[36]  C. Andrew Neff Efficient Receipt-Free Ballot Casting Resistant to Covert Channels , 2009, EVT/WOTE.

[37]  Josh Benaloh,et al.  Simple Verifiable Elections , 2006, EVT.

[38]  Melanie Volkamer,et al.  Robust electronic voting: Introducing robustness in Civitas , 2011, 2011 International Workshop on Requirements Engineering for Electronic Voting Systems.

[39]  Oded Goldreich,et al.  How to construct constant-round zero-knowledge proof systems for NP , 1996, Journal of Cryptology.

[40]  Lilian Mitrou,et al.  Revisiting Legal and Regulatory Requirements for Secure E-Voting , 2002, SEC.

[41]  C. P. Schnorr,et al.  Efficient Identification and Signatures for Smart Cards (Abstract) , 1989, EUROCRYPT.

[42]  Zuzana Rjašková Electronic Voting Schemes , 2002 .

[43]  Douglas Wikström,et al.  A Sender Verifiable Mix-Net and a New Proof of a Shuffle , 2005, ASIACRYPT.

[44]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[45]  Michael R. Clarkson,et al.  Civitas: Toward a Secure Voting System , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[46]  Melanie Volkamer,et al.  Partial Verifiability in POLYAS for the GI Elections , 2012, Electronic Voting.

[47]  Kristian Gjøsteen,et al.  Analysis of an internet voting protocol , 2010, IACR Cryptol. ePrint Arch..

[48]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[49]  Paul Feldman,et al.  A practical scheme for non-interactive verifiable secret sharing , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).

[50]  Johannes A. Buchmann,et al.  On Coercion-Resistant Electronic Elections with Linear Work , 2007, The Second International Conference on Availability, Reliability and Security (ARES'07).

[51]  Jean-Jacques Quisquater,et al.  Electing a University President Using Open-Audit Voting: Analysis of Real-World Use of Helios , 2009, EVT/WOTE.

[52]  Markus Jakobsson,et al.  Making Mix Nets Robust for Electronic Voting by Randomized Partial Checking , 2002, USENIX Security Symposium.

[53]  Yael Tauman Kalai,et al.  How to Leak a Secret: Theory and Applications of Ring Signatures , 2001, Essays in Memory of Shimon Even.

[54]  C. Andrew Ne,et al.  Practical high certainty intent verification for encrypted votes , 2004 .

[55]  Melanie Volkamer,et al.  User study of the improved Helios voting system interfaces , 2011, 2011 1st Workshop on Socio-Technical Aspects in Security and Trust (STAST).

[56]  Melanie Volkamer,et al.  Introducing Verifiability in the POLYAS Remote Electronic Voting System , 2011, 2011 Sixth International Conference on Availability, Reliability and Security.

[57]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[58]  Rolf Haenni,et al.  A New Approach towards Coercion-Resistant Remote E-Voting in Linear Time , 2011, Financial Cryptography.

[59]  David Chaum,et al.  Group Signatures , 1991, EUROCRYPT.

[60]  Markulf Kohlweiss,et al.  Malleable Proof Systems and Applications , 2012, EUROCRYPT.

[61]  Michael R. Clarkson,et al.  Coercion-Resistant Remote Voting using Decryption Mixes , 2005 .

[62]  Ralf Küsters,et al.  Clash Attacks on the Verifiability of E-Voting Systems , 2012, 2012 IEEE Symposium on Security and Privacy.

[63]  Peter Y. A. Ryan Pretty Good Democracy , 2009, Security Protocols Workshop.

[64]  Carlos Ribeiro,et al.  VeryVote: A Voter Verifiable Code Voting System , 2009, VoteID.

[65]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[66]  Dan S. Wallach,et al.  The Case for Networked Remote Voting Precincts , 2008, EVT.

[67]  Melanie Volkamer,et al.  Smart Cards in Electronic Voting: Lessons Learned from Applications in Legallybinding Elections and Approaches Proposed in Scientific Papers , 2012, Electronic Voting.

[68]  Ronald Cramer,et al.  A Secure and Optimally Efficient Multi-Authority Election Scheme ( 1 ) , 2000 .

[69]  Markus Jakobsson,et al.  Mix and Match: Secure Function Evaluation via Ciphertexts , 2000, ASIACRYPT.