On the Use of Financial Data as a Random Beacon

In standard voting procedures, random audits are one method for increasing election integrity. In the case of cryptographic (or end-to-end) election verification, random challenges are often used to establish that the tally was computed correctly. In both cases, a source of randomness is required. In two recent binding cryptographic elections, this randomness was drawn from stock market data. This approach allows anyone with access to financial data to verify the challenges were generated correctly and, assuming market fluctuations are unpredictable to some degree, the challenges were generated at the correct time. However the degree to which these fluctuations are unpredictable is not known to be sufficient for generating a fair and unpredictable challenge. In this paper, we use tools from computational finance to provide an estimate of the amount of entropy in the closing price of a stock. We estimate that for each of the 30 stocks in the Dow Jones industrial average, the entropy is between 6 and 9 bits per trading day. We then propose a straight-forward protocol for regularly publishing verifiable 128-bit random seeds with entropy harvested over time from stock prices. These "beacons" can be used as challenges directly, or as a seed to a deterministic pseudorandom generator for creating larger challenges.

[1]  Ga Miller,et al.  Note on the bias of information estimates , 1955 .

[2]  F. Black,et al.  The Pricing of Options and Corporate Liabilities , 1973, Journal of Political Economy.

[3]  Michael O. Rabin,et al.  Transaction Protection by Beacons , 1983, J. Comput. Syst. Sci..

[4]  László Babai,et al.  Trading group theory for randomness , 1985, STOC '85.

[5]  Oded Goldreich,et al.  A randomized protocol for signing contracts , 1985, CACM.

[6]  Shafi Goldwasser,et al.  Private coins versus public coins in interactive proof systems , 1986, STOC '86.

[7]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[8]  Manuel Blum,et al.  Non-interactive zero-knowledge and its applications , 1988, STOC '88.

[9]  Eli Biham,et al.  Two Practical and Provably Secure Block Ciphers: BEARS and LION , 1996, FSE.

[10]  Donald E. Eastlake Publicly Verifiable Nomcom Random Selection , 2000, RFC.

[11]  Markus Jakobsson,et al.  How to turn loaded dice into fair coins , 2000, IEEE Trans. Inf. Theory.

[12]  Michael Schröder Brownian excursions and Parisian barrier options: a note , 2002 .

[13]  Stephen Wolfram,et al.  A New Kind of Science , 2003, Artificial Life.

[14]  Yael Tauman Kalai,et al.  On the (In)security of the Fiat-Shamir paradigm , 2003, 44th Annual IEEE Symposium on Foundations of Computer Science, 2003. Proceedings..

[15]  Liam Paninski,et al.  Estimation of Entropy and Mutual Information , 2003, Neural Computation.

[16]  Rajesh Aggarwal,et al.  Stock Market Manipulation - Theory and Evidence , 2003 .

[17]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[18]  Brent Waters,et al.  New client puzzle outsourcing techniques for DoS resistance , 2004, CCS '04.

[19]  Donald E. Eastlake,et al.  Publicly Verifiable Nominations Committee (NomCom) Random Selection , 2004, RFC.

[20]  Hugo Krawczyk,et al.  Randomness Extraction and Key Derivation Using the CBC, Cascade and HMAC Modes , 2004, CRYPTO.

[21]  Shai Halevi,et al.  A model and architecture for pseudo-random generation with applications to /dev/random , 2005, CCS '05.

[22]  Yevgeniy Dodis,et al.  A Verifiable Random Function with Short Proofs and Keys , 2005, Public Key Cryptography.

[23]  R. C. Merton,et al.  Theory of Rational Option Pricing , 2015, World Scientific Reference on Contingent Claims Analysis in Corporate Finance.

[24]  M. Yor,et al.  Brownian Excursions and Parisian Barrier Options , 1997, Advances in Applied Probability.

[25]  D. Dill,et al.  The Role of Dice in Election Audits – Extended Abstract , 2006 .

[26]  Jan Camenisch,et al.  How to win the clonewars: efficient periodic n-times anonymous authentication , 2006, CCS '06.

[27]  R. Pass,et al.  Cryptography from Sunspots: How to Use an Imperfect Reference String , 2007, FOCS 2007.

[28]  Brent Waters,et al.  Harvesting verifiable challenges from oblivious online sources , 2007, CCS '07.

[29]  Abhi Shelat,et al.  Cryptography from Sunspots: How to Use an Imperfect Reference String , 2007, 48th Annual IEEE Symposium on Foundations of Computer Science (FOCS'07).

[30]  Jeremy Clark,et al.  Punchscan in Practice: An E2E Election Case Study , 2007 .

[31]  J. Clark,et al.  Secure and Observable Auditing of Electronic Voting Systems using Stock Indices , 2007, 2007 Canadian Conference on Electrical and Computer Engineering.

[32]  Edward W. Felten,et al.  In Defense of Pseudorandom Sample Selection , 2008, EVT.

[33]  Jeremy Clark,et al.  Scantegrity II: End-to-End Verifiability for Optical Scan Election Systems using Invisible Ink Confirmation Codes , 2008, EVT.

[34]  Amit Sahai,et al.  Efficient Non-interactive Proof Systems for Bilinear Groups , 2008, EUROCRYPT.

[35]  Reza Rezaeian Farashahi,et al.  Extractors for binary elliptic curves , 2008, Des. Codes Cryptogr..

[36]  Ben Adida,et al.  Helios: Web-based Open-Audit Voting , 2008, USENIX Security Symposium.

[37]  Jean-Jacques Quisquater,et al.  Electing a University President Using Open-Audit Voting: Analysis of Real-World Use of Helios , 2009, EVT/WOTE.

[38]  Eric Rescorla,et al.  On the Security of Election Audits with Low Entropy Randomness , 2009, EVT/WOTE.