Ballot Secrecy and Ballot Independence Coincide

We study ballot independence for election schemes: We formally define ballot independence as a cryptographic game and prove that ballot secrecy implies ballot independence. We introduce a notion of controlled malleability and show that it is sufficient for ballot independence. We also show that non-malleable ballots are sufficient, but not necessary, for ballot independence. We prove that ballot independence is sufficient for ballot secrecy under practical assumptions. Our results show that ballot independence is necessary in election schemes satisfying ballot secrecy. Furthermore, our sufficient conditions enable simpler proofs of ballot secrecy.

[1]  Jean-Jacques Quisquater,et al.  Electing a University President Using Open-Audit Voting: Analysis of Real-World Use of Helios , 2009, EVT/WOTE.

[2]  Yvo Desmedt,et al.  Electronic Voting: Starting Over? , 2005, ISC.

[3]  Bogdan Warinschi,et al.  How Not to Prove Yourself: Pitfalls of the Fiat-Shamir Heuristic and Applications to Helios , 2012, ASIACRYPT.

[4]  Torben P. Pedersen A Threshold Cryptosystem without a Trusted Party (Extended Abstract) , 1991, EUROCRYPT.

[5]  Ben Smyth,et al.  Adapting Helios for Provable Ballot Privacy , 2011, ESORICS.

[6]  Yvo Desmedt,et al.  Applying Divertibility to Blind Ballot Copying in the Helios Internet Voting System , 2012, ESORICS.

[7]  David Chaum,et al.  Demonstrating Possession of a Discrete Logarithm Without Revealing It , 1986, CRYPTO.

[8]  Rosario Gennaro Achieving independence efficiently and securely , 1995, PODC '95.

[9]  Moni Naor,et al.  Public-key cryptosystems provably secure against chosen ciphertext attacks , 1990, STOC '90.

[10]  David Chaum,et al.  An Improved Protocol for Demonstrating Possession of Discrete Logarithms and Some Generalizations , 1987, EUROCRYPT.

[11]  C. P. Schnorr,et al.  Efficient Identification and Signatures for Smart Cards (Abstract) , 1989, EUROCRYPT.

[12]  Mihir Bellare,et al.  Relations among Notions of Security for Public-Key Encryption Schemes , 1998, IACR Cryptol. ePrint Arch..

[13]  Ben Smyth,et al.  Attacking and Fixing Helios: An Analysis of Ballot Secrecy , 2011, 2011 IEEE 24th Computer Security Foundations Symposium.

[14]  Michael Backes,et al.  Automated Verification of Remote Electronic Voting Protocols in the Applied Pi-Calculus , 2008, 2008 21st IEEE Computer Security Foundations Symposium.

[15]  David Chaum,et al.  Wallet Databases with Observers , 1992, CRYPTO.

[16]  Ben Smyth,et al.  A note on replay attacks that violate privacy in electronic voting schemes , 2011 .

[17]  Moni Naor,et al.  Non-malleable cryptography , 1991, STOC '91.

[18]  Baruch Awerbuch,et al.  Verifiable secret sharing and achieving simultaneity in the presence of faults , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[19]  Mark Ryan,et al.  Coercion-resistance and receipt-freeness in electronic voting , 2006, 19th IEEE Computer Security Foundations Workshop (CSFW'06).

[20]  Bogdan Warinschi,et al.  On Necessary and Sufficient Conditions for Private Ballot Submission , 2012, IACR Cryptol. ePrint Arch..

[21]  Moti Yung,et al.  Distributing the power of a government to enhance the privacy of voters , 1986, PODC '86.

[22]  Mark Ryan,et al.  Verifying privacy-type properties of electronic voting protocols , 2009, J. Comput. Secur..

[23]  Moni Naor,et al.  Nonmalleable Cryptography , 2000, SIAM Rev..

[24]  Amit Sahai,et al.  Non-malleable Encryption: Equivalence between Two Notions, and an Indistinguishability-Based Characterization , 1999, CRYPTO.

[25]  Markulf Kohlweiss,et al.  Malleable Proof Systems and Applications , 2012, EUROCRYPT.

[26]  Marcos A. Kiwi,et al.  Electronic jury voting protocols , 2002, Theor. Comput. Sci..

[27]  Olivier Pereira,et al.  Running Mixnet-Based Elections with Helios , 2011, EVT/WOTE.

[28]  Ben Adida,et al.  Helios: Web-based Open-Audit Voting , 2008, USENIX Security Symposium.