Receipt-freeness and coercion resistance in remote E-voting systems

Remote electronic voting (E-voting) is a more convenient and efficient methodology when compared with traditional voting systems. It allows voters to vote for candidates remotely, however, remote E-voting systems have not yet been widely deployed in practical elections due to several potential security issues, such as vote-privacy, robustness and verifiability. Attackers' targets can be either voting machines or voters. In this paper, we mainly focus on three important security properties related to voters: receipt-freeness, vote-selling resistance, and voter-coercion resistance. In such scenarios, voters are willing or forced to cooperate with attackers. We provide a survey of existing remote E-voting systems, to see whether or not they are able to satisfy these three properties to avoid corresponding attacks. Furthermore, we identify and summarise what mechanisms they use in order to satisfy these three security properties.

[1]  Ralf Küsters,et al.  An Epistemic Approach to Coercion-Resistance for Electronic Voting Protocols , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[2]  Markus Jakobsson,et al.  Designated Verifier Proofs and Their Applications , 1996, EUROCRYPT.

[3]  Xukai Zou,et al.  A taxonomy and comparison of remote voting schemes , 2014, 2014 23rd International Conference on Computer Communication and Networks (ICCCN).

[4]  Ronald Cramer,et al.  A secure and optimally efficient multi-authority election scheme , 1997, Eur. Trans. Telecommun..

[5]  Ben Adida,et al.  Advances in cryptographic voting systems , 2006 .

[6]  Jeremy Clark,et al.  Panic Passwords: Authenticating under Duress , 2008, HotSec.

[7]  Bongshin Lee,et al.  Electronic voting system usability issues , 2003, CHI '03.

[8]  Pascal Lafourcade,et al.  Survey on Electronic Voting Schemes , 2010 .

[9]  Mark Ryan,et al.  Coercion-resistance and receipt-freeness in electronic voting , 2006, 19th IEEE Computer Security Foundations Workshop (CSFW'06).

[10]  Panayiotis Tsanakas,et al.  From Helios to Zeus , 2013, EVT/WOTE.

[11]  Dan S. Wallach,et al.  Analysis of an electronic voting system , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[12]  Jeremy Clark,et al.  Selections: Internet Voting with Over-the-Shoulder Coercion-Resistance , 2011, Financial Cryptography.

[13]  André Zúquete,et al.  REVS – A ROBUST ELECTRONIC VOTING SYSTEM , 2003 .

[14]  Valtteri Niemi,et al.  How to Prevent Buying of Votes in Computer Elections , 1994, ASIACRYPT.

[15]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[16]  Subariah Ibrahim,et al.  Secure E-voting with blind signature , 2003, 4th National Conference of Telecommunication Technology, 2003. NCTT 2003 Proceedings..

[17]  Philip B. Stark,et al.  STAR-Vote: A Secure, Transparent, Auditable, and Reliable Voting System , 2012, EVT/WOTE.

[18]  Ivan Damgård,et al.  Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols , 1994, CRYPTO.

[19]  Mark Ryan,et al.  Verifying privacy-type properties of electronic voting protocols , 2009, J. Comput. Secur..

[20]  France T́elécom,et al.  Verifying Properties of Electronic Voting Protocols , 2006 .

[21]  Indrajit Ray,et al.  An anonymous electronic voting protocol for voting over the Internet , 2001, Proceedings Third International Workshop on Advanced Issues of E-Commerce and Web-Based Information Systems. WECWIS 2001.

[22]  David Pointcheval,et al.  On Some Incompatible Properties of Voting Schemes , 2010, Towards Trustworthy Elections.

[24]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.

[25]  Dan Boneh,et al.  The Decision Diffie-Hellman Problem , 1998, ANTS.

[26]  Jacques Stern,et al.  Practical multi-candidate election system , 2001, PODC '01.

[27]  Kazue Sako,et al.  Efficient Receipt-Free Voting Based on Homomorphic Encryption , 2000, EUROCRYPT.

[28]  Warren D. Smith New cryptographic election protocol with best-known theoretical properties , 2005 .

[29]  Jun Qin,et al.  A Receipt-free Coercion-resistant Remote Internet Voting Protocol without Physical Assumptions through Deniable Encryption and Trapdoor Commitment Scheme , 2010, J. Softw..

[30]  Josh Benaloh,et al.  Receipt-free secret-ballot elections (extended abstract) , 1994, STOC '94.

[31]  Michael R. Clarkson,et al.  Civitas: Toward a Secure Voting System , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[32]  A. S. Sodiya,et al.  A Receipt-free Multi-Authority E-Voting System , 2011 .

[33]  Ben Adida,et al.  Helios: Web-based Open-Audit Voting , 2008, USENIX Security Symposium.

[34]  Feng Li,et al.  Assurable, transparent, and mutual restraining e-voting involving multiple conflicting parties , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[35]  Jacques Traoré,et al.  A Practical and Secure Coercion-Resistant Scheme for Internet Voting , 2010, Towards Trustworthy Elections.

[36]  Craig Gentry,et al.  A fully homomorphic encryption scheme , 2009 .

[37]  Jean-Jacques Quisquater,et al.  Electing a University President Using Open-Audit Voting: Analysis of Real-World Use of Helios , 2009, EVT/WOTE.

[38]  Emmanouil Magkos,et al.  Receipt-Freeness in Large-Scale Elections without Untappable Channels , 2001, I3E.

[39]  Rebecca T. Mercuri A better ballot box , 2002 .

[40]  Aviel D. Rubin,et al.  Security considerations for remote electronic voting , 2002, CACM.

[41]  Markus Jakobsson,et al.  Mix and Match: Secure Function Evaluation via Ciphertexts , 2000, ASIACRYPT.

[42]  Bo Meng A Critical Review of Receipt-Freeness and Coercion-Resistance , 2009 .

[43]  LoweGavin An attack on the Needham-Schroeder public-key authentication protocol , 1995 .

[44]  David Chaum,et al.  Blind Signatures for Untraceable Payments , 1982, CRYPTO.

[45]  Tatsuaki Okamoto,et al.  Receipt-Free Electronic Voting Schemes for Large Scale Elections , 1997, Security Protocols Workshop.

[46]  Peter Y. A. Ryan,et al.  Pretty Good Democracy , 2009, Security Protocols Workshop.

[47]  Erik P. de Vink,et al.  Formalising Receipt-Freeness , 2006, ISC.

[48]  Emmanuel Bresson,et al.  A Simple Public-Key Cryptosystem with a Double Trapdoor Decryption Mechanism and Its Applications , 2003, ASIACRYPT.

[49]  David A. Wagner,et al.  Analyzing internet voting security , 2004, CACM.

[50]  Josh Benaloh Rethinking Voter Coercion: The Realities Imposed by Technology , 2013, EVT/WOTE.

[51]  Matthew K. Franklin,et al.  Multi-Autority Secret-Ballot Elections with Linear Work , 1996, EUROCRYPT.

[52]  Byoungcheon Lee,et al.  An Efficient Mixnet-Based Voting Scheme Providing Receipt-Freeness , 2004, TrustBus.

[53]  Chin-Laung Lei,et al.  A Secure and Practical Electronic Voting Scheme for Real World Environments , 1997 .

[54]  Torben P. Pedersen A Threshold Cryptosystem without a Trusted Party (Extended Abstract) , 1991, EUROCRYPT.

[55]  Byoungcheon Lee,et al.  Providing Receipt-Freeness in Mixnet-Based Voting Protocols , 2003, ICISC.

[56]  Peter Y. A. Ryan,et al.  Caveat Coercitor: Coercion-Evidence in Electronic Voting , 2013, 2013 IEEE Symposium on Security and Privacy.

[57]  Josh Benaloh Verifiable secret-ballot elections , 1987 .

[58]  Kazue Sako,et al.  Receipt-Free Mix-Type Voting Scheme - A Practical Solution to the Implementation of a Voting Booth , 1995, EUROCRYPT.

[59]  Atsushi Fujioka,et al.  An Improvement on a Practical Secret Voting Scheme , 1999, ISW.

[60]  Markus Jakobsson,et al.  Coercion-resistant electronic elections , 2005, WPES '05.

[61]  Bo Meng,et al.  An Efficient Receiver Deniable Encryption Scheme and Its Applications , 2010, J. Networks.

[62]  Bo Meng,et al.  An Internet Voting Protocol with Receipt-Free and Coercion-Resistant , 2007, 7th IEEE International Conference on Computer and Information Technology (CIT 2007).

[63]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.