sElect: A Lightweight Verifiable Remote Voting System

Modern remote electronic voting systems, such as the prominent Helios system, are designed to provide vote privacy and verifiability, where, roughly speaking, the latter means that voters can make sure that their votes were actually counted. In this paper, we propose a new practical voting system called sElect (secure/simple elections). This system, which we implemented as a platform independent web-based application, is meant for low-risk elections and is designed to be particularly simple and lightweight in terms of its structure, the cryptography it uses, and the user experience. One of the unique features of sElect is that it supports fully automated verification, which does not require any user interaction and is triggered as soon as a voter looks at the election result. Despite its simplicity, we prove that this system provides a good level of privacy, verifiability, and accountability for low-risk elections.

[1]  Shahram Khazaei,et al.  A Mix-Net from Any CCA2 Secure Cryptosystem , 2012, ASIACRYPT.

[2]  Ralf Küsters,et al.  Accountability: definition and relationship to verifiability , 2010, CCS '10.

[3]  李幼升,et al.  Ph , 1989 .

[4]  Véronique Cortier,et al.  SoK: A Comprehensive Analysis of Game-Based Ballot Privacy Definitions , 2015, 2015 IEEE Symposium on Security and Privacy.

[5]  Véronique Cortier,et al.  Election Verifiability for Helios under Weaker Trust Assumptions , 2014, ESORICS.

[6]  Nancy A. Lynch,et al.  Cryptographic protocols , 1982, STOC '82.

[7]  Ralf Küsters,et al.  A Game-Based Definition of Coercion-Resistance and Its Applications , 2010, 2010 23rd IEEE Computer Security Foundations Symposium.

[8]  Melanie Volkamer,et al.  Usability Analysis of Helios - An Open Source Verifiable Remote Electronic Voting System , 2011, EVT/WOTE.

[9]  Melanie Volkamer,et al.  Mental Models of Verifiability in Voting , 2013, VoteID.

[10]  Michael R. Clarkson,et al.  Du-Vote: Remote Electronic Voting with Untrusted Computers , 2015, 2015 IEEE 28th Computer Security Foundations Symposium.

[11]  Stephan Neumann,et al.  Pretty Understandable Democracy 2.0 , 2014, IACR Cryptol. ePrint Arch..

[12]  Steve A. Schneider,et al.  The Prêt à Voter Verifiable Election System , 2009 .

[13]  Jeremy Clark,et al.  Remotegrity: Design and Use of an End-to-End Verifiable Remote Voting System , 2013, ACNS.

[14]  조위덕 Cryptography , 1987, The Official (ISC)2 SSCP CBK Reference.

[15]  Aggelos Kiayias,et al.  DEMOS-2: Scalable E2E Verifiable Elections without Random Oracles , 2015, CCS.

[16]  Ralf Küsters,et al.  Verifiability, Privacy, and Coercion-Resistance: New Insights from a Case Study , 2011, 2011 IEEE Symposium on Security and Privacy.

[17]  Ralf Küsters,et al.  Clash Attacks on the Verifiability of E-Voting Systems , 2012, 2012 IEEE Symposium on Security and Privacy.

[18]  Melanie Volkamer,et al.  User study of the improved Helios voting system interfaces , 2011, 2011 1st Workshop on Socio-Technical Aspects in Security and Trust (STAST).

[19]  Jean-Jacques Quisquater,et al.  Electing a University President Using Open-Audit Voting: Analysis of Real-World Use of Helios , 2009, EVT/WOTE.

[20]  Aggelos Kiayias,et al.  End-to-End Verifiable Elections in the Standard Model , 2015, EUROCRYPT.

[21]  Vincenzo Iovino,et al.  Selene: Voting with Transparent Verifiability and Coercion-Mitigation , 2016, Financial Cryptography Workshops.

[22]  Bogdan Warinschi,et al.  How Not to Prove Yourself: Pitfalls of the Fiat-Shamir Heuristic and Applications to Helios , 2012, ASIACRYPT.

[23]  Steve A. Schneider,et al.  A Peered Bulletin Board for Robust Use in Verifiable Voting Systems , 2014, 2014 IEEE 27th Computer Security Foundations Symposium.

[24]  Véronique Cortier,et al.  Analysis of an Electronic Boardroom Voting System , 2013, VoteID.

[25]  Ross J. Anderson,et al.  A Birthday Present Every Eleven Wallets? The Security of Customer-Chosen Banking PINs , 2012, Financial Cryptography.

[26]  Michael R. Clarkson,et al.  Civitas: Toward a Secure Voting System , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[27]  Ben Smyth,et al.  Attacking and Fixing Helios: An Analysis of Ballot Secrecy , 2011, 2011 IEEE 24th Computer Security Foundations Symposium.

[28]  Dan S. Wallach,et al.  Usability of Voter Verifiable, End-to-end Voting Systems: Baseline Data for Helios, Prêt à Voter, and Scantegrity II , 2014, EVT/WOTE.

[29]  Melanie Volkamer,et al.  Helios Verification: To Alleviate, or to Nominate: Is That the Question, or Shall we Have Both? , 2014, EGOVIS.

[30]  Ben Adida,et al.  Helios: Web-based Open-Audit Voting , 2008, USENIX Security Symposium.

[31]  Peter Y. A. Ryan,et al.  Pretty Good Democracy for More Expressive Voting Schemes , 2010, ESORICS.

[32]  Peter Y. A. Ryan,et al.  vVote: a Verifiable Voting System (DRAFT) , 2014, ArXiv.

[33]  Jeremy Clark,et al.  Scantegrity II Municipal Election at Takoma Park: The First E2E Binding Governmental Election with Ballot Privacy , 2010, USENIX Security Symposium.

[34]  Joseph Bonneau,et al.  The Science of Guessing: Analyzing an Anonymized Corpus of 70 Million Passwords , 2012, 2012 IEEE Symposium on Security and Privacy.

[35]  Philip B. Stark,et al.  STAR-Vote: A Secure, Transparent, Auditable, and Reliable Voting System , 2012, EVT/WOTE.

[36]  J. Alex Halderman,et al.  Security Analysis of the Estonian Internet Voting System , 2014, CCS.

[37]  Janna-Lynn Weber,et al.  Usability Study of the Open Audit Voting System Helios , 2009 .

[38]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.