PrÊt À Voter: a Voter-Verifiable Voting System

¿¿¿¿¿¿Pre¿t a¿ Voter provides a practical approach to end-to-end verifiable elections with a simple, familiar voter-experience. It assures a high degree of transparency while preserving secrecy of the ballot. Assurance arises from the auditability of the election itself, rather than the need to place trust in the system components. The original idea has undergone several revisions and enhancements since its inception in 2004, driven by the identification of threats, the availability of improved cryptographic primitives, and the desire to make the scheme as flexible as possible. This paper presents the key elements of the approach and describes the evolution of the design and their suitability in various contexts. We also describe the voter experience, and the security properties that the schemes provide.

[1]  James Heather,et al.  Implementing STV securely in Pret a Voter , 2007, 20th IEEE Computer Security Foundations Symposium (CSF'07).

[2]  Brian Randell,et al.  Voting Technologies and Trust , 2006, IEEE Security & Privacy.

[3]  Kazue Sako,et al.  Receipt-Free Mix-Type Voting Scheme - A Practical Solution to the Implementation of a Voting Booth , 1995, EUROCRYPT.

[4]  Ed Dawson,et al.  Simple and Efficient Shuffling with Provable Correctness and ZK Privacy , 2005, CRYPTO.

[5]  Jacques Stern,et al.  Sharing Decryption in the Context of Voting or Lotteries , 2000, Financial Cryptography.

[6]  Jacques Stern,et al.  Practical multi-candidate election system , 2001, PODC '01.

[7]  Peter Y. A. Ryan,et al.  Prêt à Voter with Re-encryption Mixes , 2006, ESORICS.

[8]  Hugo Krawczyk,et al.  Secure Distributed Key Generation for Discrete-Log Based Cryptosystems , 1999, Journal of Cryptology.

[9]  Yvo Desmedt,et al.  Threshold Cryptosystems , 1989, CRYPTO.

[10]  Tatsuaki Okamoto,et al.  An electronic voting scheme , 1996, IFIP World Conference on IT Tools.

[11]  Jörn Müller-Quade,et al.  Bingo Voting: Secure and Coercion-Free Voting Using a Trusted Random Number Generator , 2007, VOTE-ID.

[12]  David Chaum,et al.  A Practical Voter-Verifiable Election Scheme , 2005, ESORICS.

[13]  James Heather,et al.  The Append-Only Web Bulletin Board , 2008, Formal Aspects in Security and Trust.

[14]  Torben P. Pedersen A Threshold Cryptosystem without a Trusted Party (Extended Abstract) , 1991, EUROCRYPT.

[15]  Jacques Stern,et al.  Fully Distributed Threshold RSA under Standard Assumptions , 2001, ASIACRYPT.

[16]  Atsushi Fujioka,et al.  A Practical Secret Voting Scheme for Large Scale Elections , 1992, AUSCRYPT.

[17]  C. A. Neff Verifiable Mixing (Shuffling) of ElGamal Pairs , 2004 .

[18]  Zhe Xia,et al.  Analysis, Improvement, and Simplification of Prêt à Voter with Paillier Encryption , 2008, EVT.

[19]  R. Rivest The ThreeBallot Voting System , 2006 .

[20]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[21]  Mark Ryan,et al.  Coercion-resistance and receipt-freeness in electronic voting , 2006, 19th IEEE Computer Security Foundations Workshop (CSFW'06).

[22]  Peter Y. A. Ryan,et al.  Ballot permutations in prêt à voter , 2009 .

[23]  P. Y. A. Ryan,et al.  Prêt à Voter with Paillier Encryption - extended journal version , 2008 .

[24]  David A. Wagner,et al.  Cryptographic Voting Protocols: A Systems Perspective , 2005, USENIX Security Symposium.

[25]  Jacques Traoré,et al.  A practical and secure coercion-resistant scheme for remote elections , 2007, Frontiers of Electronic Voting.

[26]  Ben Adida,et al.  Advances in cryptographic voting systems , 2006 .

[27]  Kazue Sako,et al.  An Efficient Scheme for Proving a Shuffle , 2001, CRYPTO.

[28]  Rebecca T. Mercuri A better ballot box , 2002 .

[29]  Jeremy Clark,et al.  Scantegrity II: End-to-End Verifiability for Optical Scan Election Systems using Invisible Ink Confirmation Codes , 2008, EVT.

[30]  Mark Ryan,et al.  Analysis of an Electronic Voting Protocol in the Applied Pi Calculus , 2005, ESOP.

[31]  Josh Benaloh,et al.  Receipt-free secret-ballot elections (extended abstract) , 1994, STOC '94.

[32]  Michael R. Clarkson,et al.  Civitas: Toward a Secure Voting System , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[33]  Jeroen van de Graaf,et al.  A Verifiable Voting Protocol Based on Farnel , 2010, Towards Trustworthy Elections.

[34]  Lee Naish,et al.  Coercion-Resistant Tallying for STV Voting , 2008, EVT.

[35]  Peter Y. A. Ryan,et al.  Computing Science Pret a Voter with Paillier Encryption Pret a Voter with Paillier Encryption Bibliographical Details Pret a Voter with Paillier Encryption Suggested Keywords Prêtà Voter with Paillier Encryption , 2007 .

[36]  Peter Y. A. Ryan,et al.  Human Readable Paper Verification of Prêt à Voter , 2008, ESORICS.

[37]  Markus Jakobsson,et al.  Coercion-resistant electronic elections , 2005, WPES '05.

[38]  Victor Shoup,et al.  Practical Threshold Signatures , 2000, EUROCRYPT.

[39]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[40]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[41]  Jeremy Clark,et al.  Scantegrity: End-to-End Voter-Verifiable Optical- Scan Voting , 2008, IEEE Security & Privacy.

[42]  Matthew K. Franklin,et al.  Multi-Autority Secret-Ballot Elections with Linear Work , 1996, EUROCRYPT.

[43]  Peter Y. A. Ryan,et al.  Permutations in Prêt à Voter , 2009, EVT/WOTE.

[44]  David Chaum,et al.  Secret-ballot receipts: True voter-verifiable elections , 2004, IEEE Security & Privacy Magazine.

[45]  Birgit Pfitzmann,et al.  Breaking Efficient Anonymous Channel , 1994, EUROCRYPT.

[46]  David Lundin Component Based Electronic Voting Systems , 2010, Towards Trustworthy Elections.

[47]  Markus Jakobsson,et al.  Making Mix Nets Robust for Electronic Voting by Randomized Partial Checking , 2002, USENIX Security Symposium.

[48]  Steve A. Schneider,et al.  Pret a Voter: All-in-one , 2007 .

[49]  C. Andrew Neff,et al.  A verifiable secret shuffle and its application to e-voting , 2001, CCS '01.

[50]  Peter Y. A. Ryan,et al.  Pretty Good Democracy , 2009, Security Protocols Workshop.

[51]  Ronald L. Rivest,et al.  Scratch & vote: self-contained paper-based cryptographic voting , 2006, WPES '06.

[52]  Reihaneh Safavi-Naini,et al.  Verifiable Shuffles: A Formal Model and a Paillier-Based Efficient Construction with Provable Security , 2004, ACNS.

[53]  Moti Yung,et al.  Distributing the power of a government to enhance the privacy of voters , 1986, PODC '86.

[54]  Ronald Cramer,et al.  A secure and optimally efficient multi-authority election scheme , 1997, Eur. Trans. Telecommun..

[55]  Michael J. Fischer,et al.  A robust and verifiable cryptographically secure election scheme , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[56]  Kazue Sako,et al.  Efficient Receipt-Free Voting Based on Homomorphic Encryption , 2000, EUROCRYPT.

[57]  Peter Y. A. Ryan,et al.  A variant of the Chaum voter-verifiable scheme , 2005, WITS '05.

[58]  C. Andrew Ne,et al.  Practical high certainty intent verification for encrypted votes , 2004 .