Prêt à Voter Providing Everlasting Privacy

This paper shows how Pret a Voter can be adjusted in order to provide everlasting privacy. This is achieved by adapting the ballot generation and anonymisation process, such that only unconditional hiding commitments and zero knowledge proofs are published for verification, thus ensuring privacy towards the public. This paper presents a security analysis carried out in a collaboration between computer scientists and legal researchers. On the technical side it is shown that the modified Pret a Voter provides verifiability, robustness, and everlasting privacy towards the public. Everlasting privacy towards the authorities can be achieved by implementing several organisational measures. A legal evaluation of these measures demonstrates that the level of privacy achieved would be acceptable under German law.

[1]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[2]  Kaoru Kurosawa,et al.  Efficient Anonymous Channel and All/Nothing Election Scheme , 1994, EUROCRYPT.

[3]  Kazue Sako,et al.  Receipt-Free Mix-Type Voting Scheme - A Practical Solution to the Implementation of a Voting Booth , 1995, EUROCRYPT.

[4]  Bruce Schneier,et al.  Practical cryptography , 2003 .

[5]  Security Rsa,et al.  TWIRL and RSA Key Size , 2003 .

[6]  P. Ryan,et al.  A Simplified Version of the Chaum Voting Scheme , 2004 .

[7]  David Chaum,et al.  A Practical Voter-Verifiable Election Scheme , 2005, ESORICS.

[8]  Moni Naor,et al.  Receipt-Free Universally-Verifiable Voting with Everlasting Privacy , 2006, CRYPTO.

[9]  Alan T. Sherman,et al.  Punchscan: Introduction and System Definition of a High-Integrity Election System , 2006 .

[10]  Peter Y. A. Ryan,et al.  Prêt à Voter with Re-encryption Mixes , 2006, ESORICS.

[11]  R. Rivest The ThreeBallot Voting System , 2006 .

[12]  Jörn Müller-Quade,et al.  Bingo Voting: Secure and Coercion-Free Voting Using a Trusted Random Number Generator , 2007, VOTE-ID.

[13]  James Heather,et al.  Implementing STV securely in Pret a Voter , 2007, 20th IEEE Computer Security Foundations Symposium (CSF'07).

[14]  James Heather,et al.  The Append-Only Web Bulletin Board , 2008, Formal Aspects in Security and Trust.

[15]  Jeremy Clark,et al.  Scantegrity: End-to-End Voter-Verifiable Optical- Scan Voting , 2008, IEEE Security & Privacy.

[16]  Zhe Xia,et al.  Analysis, Improvement, and Simplification of Prêt à Voter with Paillier Encryption , 2008, EVT.

[17]  Peter Y. A. Ryan,et al.  Improving the Farnel Voting Scheme , 2008, Electronic Voting.

[18]  Jeroen van de Graaf,et al.  Ieee Transactions on Information Forensics and Security: Special Issue on Electronic Voting 1 Voting with Unconditional Privacy by Merging Prêt-` A-voter and Punchscan , 2022 .

[19]  Zhe Xia,et al.  PrÊt À Voter: a Voter-Verifiable Voting System , 2009, IEEE Transactions on Information Forensics and Security.

[20]  Peter Y. A. Ryan,et al.  A Threat Analysis of Prêt à Voter , 2010, Towards Trustworthy Elections.

[21]  Jens Groth,et al.  Short Pairing-Based Non-interactive Zero-Knowledge Arguments , 2010, ASIACRYPT.

[22]  Jeroen van de Graaf,et al.  A Verifiable Voting Protocol Based on Farnel , 2010, Towards Trustworthy Elections.

[23]  Zhe Xia,et al.  Versatile Prêt à Voter: Handling Multiple Election Methods with a Unified Interface , 2010, INDOCRYPT.

[24]  Moni Naor,et al.  Split-ballot voting: Everlasting privacy with distributed trust , 2010, ACM Trans. Inf. Syst. Secur..

[25]  Melanie Volkamer,et al.  Feasibility Analysis of Prêt à Voter for German Federal Elections , 2011, VoteID.

[26]  Zhe Xia,et al.  Prêt á Voter with Write-Ins , 2011, VoteID.

[27]  David Chaum,et al.  Scantegrity III: Automatic Trustworthy Receipts, Highlighting Over/Under Votes, and Full Voter Verifiability , 2011, EVT/WOTE.

[28]  D. Demirel,et al.  Legal Analysis of Privacy Weaknesses in Poll-Site eVoting Systems , 2012 .

[29]  Jeroen van de Graaf,et al.  Improving Helios with Everlasting Privacy Towards the Public , 2012, EVT/WOTE.

[30]  Zhe Xia,et al.  Using Prêt à Voter in Victoria State Elections , 2012, EVT/WOTE.

[31]  Thomas Peters,et al.  Election Verifiability or Ballot Privacy: Do We Need to Choose? , 2013, ESORICS.

[32]  Jeroen van de Graaf,et al.  Towards a Publicly-Verifiable Mix-Net Providing Everlasting Privacy , 2013, Financial Cryptography.

[33]  Bingsheng Zhang,et al.  A more efficient computationally sound non-interactive zero-knowledge shuffle argument , 2013, J. Comput. Secur..