Panagiotis Grontas,Aris Pagourtzis,Alexandros Zacharakis,Bingsheng Zhang

2018-01-01

Abstract:In this work, we propose a first version of an e-voting scheme that achieves end-to-end verifiability, everlasting privacy and efficient coercion resistance in the JCJ setting. Everlasting privacy is achieved assuming an anonymous channel, without resorting to dedicated channels between the election authorities to exchange private data. In addition, the proposed scheme achieves coercion resistance under standard JCJ assumptions. As a core building block of our scheme, we also propose a new primitive called publicly auditable conditional blind signature (PACBS), where a client receives a token from the signing server after interaction; the token is a valid signature only if a certain condition holds and the validity of the signature can only be checked by a designated verifier. We utilize this primitive to blindly mark votes under coercion in an auditable manner.

Bowei Yang,Guanghua Song,Yao Zheng

DOI: https://doi.org/10.1109/IITSI.2010.37

2010-01-01

Abstract:Various P2P applications on the Internet were accused by organizations, corporations, individuals and countries. An important reason is that many popular P2P networks were not well controlled: The user generally does not need to be responsible for his behavior. As typical P2P-like applications, many C2C E-commerce websites adopt simple voluntary binary voting which leads to plenty of fake or insignificant voting results, and reduces the effectiveness of the voting system. In this paper, we proposed an innovative strategy based on information asymmetry to enhance the existing voting models, which lowers the ratio of arbitrarily or insignificant votings.

Yong Yang,Zhiguang Qin,Hu Xiong,Yang Zhao,Tian Lan

DOI: https://doi.org/10.1109/icccas.2007.6251603

2007-01-01

Abstract:We present a new e-voting scheme based on ring signature that satisfies three major properties: (1) "Everlasting anonymity" or unconditional voter-indistinguishability: even a computationally unbounded party does not gain any information about individual votes anytime, even after tally or in future. This is the first explicitly unconditional privacy discussion in e-voting schemes. (2)Uniform interface of ballots: it has no restriction on the form of ballots: "yes/no", k-out-ofm or adding their own candidates, all of which can be realized under uniform interface. (3)High-efficiency: the symmetric cryptography, which is fast and efficient, and the voting phase is only one-round. In addition, our scheme effectively prevents CTF cheating and overcomes the disadvantage in most existed solutions, which excessively dependent on the organization of voting. It not only protects benefits of voters, but also assures the fairness of voting, and can be suitable to all kinds' scales of electronic voting.

Ke Yuan,Peng Sang,Suya Zhang,Xi Chen,Wei Yang,Chunfu Jia

DOI: https://doi.org/10.7717/peerj-cs.1649

2023-10-18

Abstract:Compared with paper-based voting, electronic voting not only has advantages in storage and transmission, but also can solve the security problems that exist in traditional voting. However, in practice, most electronic voting faces the risk of voting failure due to malicious voting by voters or ballot tampering by attackers. To solve this problem, this article proposes an electronic voting scheme based on homomorphic encryption and decentralization, which uses the Paillier homomorphic encryption method to ensure that the voting results are not leaked until the election is over. In addition, the scheme applies signatures and two layers of encryption to the ballots. First, the ballot is homomorphically encrypted using the homomorphic public key; then, the voter uses the private key to sign the ballot; and finally, the ballot is encrypted using the public key of the counting center. By signing the ballots and encrypting them in two layers, the security of the ballots in the transmission process and the establishment of the decentralized scheme are guaranteed. The security analysis shows that the proposed scheme can guarantee the completeness, verifiability, anonymity, and uniqueness of the electronic voting scheme. The performance analysis shows that the computational efficiency of the proposed scheme is improved by about 66.7% compared with the Fan et al. scheme (https://doi.org/10.1016/j.future.2019.10.016).

Aggelos Kiayias,Thomas Zacharias,Bingsheng Zhang

DOI: https://doi.org/10.1108/ics-07-2016-0056

2017-01-01

Information and Computer Security

Abstract:Purpose This paper aims to investigate the importance of auditing for election privacy via issues that appear in the state-of-the-art implementations of e-voting systems that apply threshold public key encryption (TPKE) in the client such as Helios and use a bulletin board (BB). Design/methodology/approach Argumentation builds upon a formal description of a typical TPKE-based e-voting system where the election authority (EA) is the central node in a star network topology. The paper points out the weaknesses of the said topology with respect to privacy and analyzes how these weaknesses affect the security of several instances of TPKE-based e-voting systems. Overall, it studies the importance of auditing from a privacy aspect. Findings The paper shows that without public key infrastructure (PKI) support or – more generally – authenticated BB “append” operations, TPKE-based e-voting systems are vulnerable to attacks where the malicious EA can act as a man-in-the-middle between the election trustees and the voters; hence, it can learn how the voters have voted. As a countermeasure for such attacks, this work suggests compulsory trustee auditing. Furthermore, it analyzes how lack of cryptographic proof verification affects the level of privacy that can be provably guaranteed in a typical TPKE e-voting system. Originality/value As opposed to the extensively studied importance of auditing to ensure election integrity, the necessity of auditing to protect privacy in an e-voting system has been mostly overlooked. This paper reveals design weaknesses present in noticeable TPKE-based e-voting systems that can lead to a total breach of voters’ privacy and shows how auditing can be applied for providing strong provable privacy guarantees.

Myrto Arapinis,Loretta Ilaria Mancini,Eike Ritter,Mark Ryan

DOI: https://doi.org/10.48550/arXiv.1109.2066

2011-09-10

Abstract:The ubiquitous presence of mobile communication devices and the continuous development of mo- bile data applications, which results in high level of mobile devices' activity and exchanged data, often transparent to the user, makes privacy preservation an important feature of mobile telephony systems. We present a formal analysis of the UMTS Authentication and Key Agreement protocol, using the applied pi-calculus and the ProVerif tool. We formally verify the model with respect to privacy properties. We show a linkability attack which makes it possible, for individuals with low-cost equipment, to trace UMTS subscribers. The attack exploits information leaked by poorly designed error messages.

Cryptography and Security

Bingsheng Zhang,Zengpeng Li,Jan Willemson

DOI: https://doi.org/10.48550/arXiv.2109.01994

2021-09-05

Abstract:Estonian Internet voting has been used in national-wide elections since 2005. However, the system was initially designed in a heuristic manner, with very few proven security guarantees. The Estonian Internet voting system has constantly been evolving throughout the years, with the latest version (code-named IVXV) implemented in 2018. Nevertheless, to date, no formal security analysis of the system has been given. In this work, for the first time, we provide a rigorous security modeling for the Estonian IVXV system as a ceremony, attempting to capture the effect of actual human behavior on election verifiability in the universal composability (UC) framework. Based on the voter behavior statistics collected from three actual election events in Estonia, we show that IVXV achieves end-to-end verifiability in practice despite the fact that only $4\%$ (on average) of the Estonian voters audit their ballots.

Cryptography and Security,Distributed, Parallel, and Cluster Computing,Formal Languages and Automata Theory

Chi Qiu,Shibin Zhang,Yan Chang,Xi Huang,Hao Chen

DOI: https://doi.org/10.1007/s10773-021-04777-1

2021-03-26

International Journal of Theoretical Physics

Abstract:For actual voting, the most important thing is voter privacy. Ring signatures widely used in electronic voting protocols to protect voter privacy due to unconditional confidentiality. It has been found that electronic signature protocols based on mathematical complexity are not secure. We propose an electronic voting protocol based on quantum ring signatures. The generalized GHZ state is prepared and distributed by a trusted third party (TTP), so that all users in the ring can effectively act as voters or verifiers. Users in the ring and TTP use quantum key distribution technology to share keys and encrypt messages. The entire protocol uses one-time secret technology to further enhance the security of the voting process.

physics, multidisciplinary

Qiu Shujing,Xin Xiangjun,Zheng qian,Li Chaoyang,Li Fagen

DOI: https://doi.org/10.1007/s10773-024-05618-7

2024-03-25

International Journal of Theoretical Physics

Abstract:Recently, Qiu et al. proposed a semi-quantum voting scheme based on the ring signature (International Journal of Theoretical Physics, 60: 1550–1555(2021)), in which the signer and verifier only need to measure the received particles with Z-basis and perform some classical simple encryption/decryption operations on the classical message. Although their scheme is very efficient, it cannot resist the eavesdropping attacks and forgery attack. In this paper, first, the eavesdropping attacks on Qiu et al.'s scheme are proposed. Second, we show the forgery attack on their scheme. Then, based on the GHZ state, an improved semi-quantum electronic voting protocol is proposed. In the new protocol, the eavesdropping check technology not only can be used to detect the eavesdropping, but also can be used to share a random number. By using the random number and the shared key, the signed vote is encrypted so that it is infeasible for the adversary to trace the signer's identity and forge a valid signed vote. The new protocol overcomes all the security drawbacks of the old protocol. What is more, it has better practicability and efficiency than the similar semi-quantum voting protocols.

physics, multidisciplinary

Tao Li,Hao Yang,Yilei Wang,Qiuliang Xu

DOI: https://doi.org/10.1109/waina.2015.15

2015-01-01

Abstract:The most distinct character of electronic voting is that voters need not to vote at a certain ballot box. With the development of Internet, electronic voting is becoming an important field in electronic commerce. The basic security requirements for electronic voting are anonymity of the voters, privacy and fairness of the votes. In fact, electronic voting can be regarded as a multi-party computation, where distributed parties wish to securely compute the votes in electronic voting systems. In this paper, we redefined the types of parties in electronic voting by using definitions in rational multi-party computation. More specifically, voters are regarded as rational other than honest or malicious, where voting is considered as a social choice. Rational voters care about their utilities when they decide to vote. We first present a rational secret sharing scheme (RSSS) and then construct an electronic voting protocol based on this RSSS.

Prashant Agrawal,Mahabir Prasad Jhanwar,Subodh Vishnu Sharma,Subhashis Banerjee

2024-06-02

Abstract:While existing literature on electronic voting has extensively addressed verifiability of voting protocols, the vulnerability of electoral rolls in large public elections remains a critical concern. To ensure integrity of electoral rolls, the current practice is to either make electoral rolls public or share them with the political parties. However, this enables construction of detailed voter profiles and selective targeting and manipulation of voters, thereby undermining the fundamental principle of free and fair elections. In this paper, we study the problem of designing publicly auditable yet privacy-preserving electoral rolls. We first formulate a threat model and provide formal security definitions. We then present a protocol for creation, maintenance and usage of electoral rolls that mitigates the threats. Eligible voters can verify their inclusion, whereas political parties and auditors can statistically audit the electoral roll. Further, the audit can also detect polling-day ballot stuffing and denials to eligible voters by malicious polling officers. The entire electoral roll is never revealed, which prevents any large-scale systematic voter targeting and manipulation.

Cryptography and Security,Computers and Society

Yun-Xing Kho,Swee-Huay Heng,Ji-Jian Chin

DOI: https://doi.org/10.3390/sym14050858

2022-04-21

Symmetry

Abstract:A vast number of e-voting schemes including mix-net-based e-voting, homomorphic e-voting, blind signature-based e-voting, blockchain-based e-voting, post-quantum e-voting, and hybrid e-voting have been proposed in the literature for better security and practical implementation. In this paper, we review various e-voting approaches to date. We first compare the structures, advantages, and disadvantages of the different e-voting approaches. We then summarise the security properties of the e-voting approaches in terms of their functional requirements and security requirements. In addition, we provide a comprehensive review of various types of e-voting approaches in terms of their security properties, underlying tools, distinctive features, and weaknesses. We also discuss some practical considerations in the design of e-voting systems. Subsequently, some potential research directions are suggested based on our observations.

ZHONG Hong,HUANG Liu-sheng,LUO Yong-long

DOI: https://doi.org/10.3969/j.issn.1000-2162.2007.03.006

2007-01-01

Abstract:The three level securities of the e-voting are proposal and a general e-voting model is constructed that provide all important parameter to design the election scheme.The key protocols of implementation secure e-voting is analyzed.Several special e-voting problems are raised including electronic jury voting,weighted eevoting and "k-out-of-m" election etc.Several new solutions for these problem are introduced which based on secure multiparty computation protocols.Some major threads and emerging trends of research in this area are outlined.

Tzer-Long Chen,Chia-Hui Liu,Ya-Hui Ou,Yao-Min Huang,Zhen-Yu Wu

DOI: https://doi.org/10.1007/s10207-024-00852-w

2024-05-08

International Journal of Information Security

Abstract:The integrity of electronic voting systems is critical in safeguarding the democratic process worldwide. This study addresses the twin challenges of bribery and coercion that undermine most existing electronic voting systems. Recognizing the limitations of current security measures, which fail to protect voter autonomy even after the disclosure of voting secrets, we propose an innovative level-five secure e-voting system. By integrating an additional setup phase, our system maintains voter volition, ensuring security even when key secrets are compromised. Utilizing cryptographic techniques, blind signatures, and subliminal channels in conjunction with smart card PIN mechanisms, our approach not only bolsters system security but also enhances its potential for widespread adoption. This work underscores the importance of advanced cryptographic methods in developing coercion-resistant electronic voting systems that prioritize voter privacy and choice.

computer science, information systems, theory & methods, software engineering

Lai Jin,Fan Yushun

DOI: https://doi.org/10.3969/j.issn.1002-137X.2003.01.045

2003-01-01

Abstract:These years, people have proposed several anonymous based electronic voting schemes, however there is still some security weakness in them. In this paper, A improved scheme is put forward in which we use the technology of multi_blind signature to prevent the probable cheating of visa officials, propose a kind of confirmable serial NO to identify the ballots and introduce custodians to supervise the work of ballots collector. So the scheme can resolve such problems as " vote collision", " visa officials' fraud " and " voter quit in the midway", which exit

XIA Jingbo,ZHANG Silan,CHEN Jianhua

DOI: https://doi.org/10.3321/j.issn:1671-8836.2006.03.020

2006-01-01

Abstract:According to the basic demands and extended demands of electronic voting,one newly electronic voting scheme was proposed in this paper.This scheme was based on the knowledge of elliptic curve cryptography(ECC),elliptic curve digital signature algorithm(ECDSA),blind signature technique,and tamper-resist smart card.Analysis showed that this scheme achieved not only basic demands such as completeness,soundness,privacy,unreusability,but also extended demands such as receipt-freeness,universal verifiability and higher efficiency.This scheme assured the simultaneity of receipt-freeness and universal verifiability.

Fang Li,Xiaofen Wang,Xiong Li,Xichen Zhang,Rongxing Lu,Tao Chen

DOI: https://doi.org/10.21203/rs.3.rs-2562683/v1

2023-01-01

Abstract:Abstract As an electronic form of traditional voting, electronic voting is becoming more and more popular in today’s information society. Most of the existing electronic voting protocols need a trusted center to calculate the voting result, but the requirement of a trusted center is often unrealistic and prone to single point of failure. In this regard, the decentralized electronic voting protocols based on blockchain have been proposed. Unfortunately, most existing blockchain-based voting protocols fail to ensure anonymity, legitimacy, and correctness of counting. Besides, they do not satisfy robustness, i.e., the voting result cannot be counted in the event of voter abstention. To address the above challenges, we propose a novel blockchain-based self-tallying voting protocol, where the group signature and zero-knowledge proof are utilized in a way that the voter can securely distribute anonymous and unlinkable electronic ballots, thereby guaranteeing complete anonymity and legitimacy. Meanwhile, a novel signcryption algorithm is designed by combining distributed ElGamal encryption and Paillier encryption algorithms, which enhances the computational efficiency of voting results while supporting robustness. The security proof shows that our protocol ensures the confidentiality of ballots, complete anonymity, legitimacy, fairness, dispute-freeness and resistance against multi-voting. In addition, our protocol satisfies robustness, i.e., voting result can be correctly calculated and verified even if some voters abstain from voting. Finally, extensive experiments show that our protocol greatly reduces the computational cost and communication overhead, and is more practical than existing self-tallying voting protocols.

HUANG Fu-ren,QU Yu-gui

DOI: https://doi.org/10.3969/j.issn.1000-3428.2011.06.046

2011-01-01

Abstract:The disclosure of the number of votes can compromise the voters' anonymity of the electronic voting.Aiming at this problem,this paper defines anonymity by using the uncertainty of the voting choices and measures the anonymity of the whole voting system by entropy.It compares the anonymity after the release of the voting results with that before releasing the voting results.Analysis result shows that the smaller the voting scale is,the more the voters' anonymity loses.In the design of small-scale electronic-voting scheme,releasing the winner instead of the number of votes that candidates gained decreases the loss of anonymity.

Zikai Wang,Xinyi Luo,Meiqi Li,Wentuo Sun,Kaiping Xue

DOI: https://doi.org/10.1109/globecom48099.2022.10001590

2022-01-01

Abstract:E-voting plays a vital role in guaranteeing and promoting social fairness and democracy. However, traditional e-voting schemes rely on a centralized organization, leading to a crisis of trust in the vote-counting results. In response to this problem, researchers have introduced blockchain to realize decentralized e-voting, but the adoption of blockchain also brings new issues in terms of flexibility, anonymity, and usability. To this end, in this paper, we propose WeVoting, which provides weight-based flexibility with solid anonymity and enhances usability by designing a voter-independent on-chain counting mechanism. Specifically, we use distributed ElGamal homomorphic encryption and zero-knowledge proof to achieve voting anonymity with weight. Besides, WeVoting develops a counter-based counting mechanism to enhance usability compared with those self-tallying schemes. By critically designing an honesty-and-activity-based incentive algorithm, WeVoting can guarantee a correct counting result even in the presence of malicious counters. Our security and performance analyses elaborate that WeVoting achieves high anonymity in weighed voting under the premise of meeting the basic security requirements of e-voting. And meanwhile, its counting mechanism is sufficient for practical demands with reasonable overheads.

Zhong Hong,Huang Liusheng,Xiong Yan

IF: 1.019

2006-01-01

Chinese Journal of Electronics

Abstract:The weighted threshold E-voting has great value in many e-commerce applications, whose votes are tallied in proportion with voters' secret weights. It's necessary to design a scheme that satisfies the security requirements of commonly e-voting scheme and preserve the privacy of weights since the privacy of investor will be revealed if the weight is leaked. The previous solutions are mostly based on homomorphic threshold ElGamal cryptosystem and zero-knowledge proofs protocol that suffers from O(n) exponentiation when preparing proofs. This paper describes a secure and practical scheme that adopts novel secure two-party scalar product and private comparison protocol with untrusted third party. The computational cost can be O(n) by selecting reasonable security parameter. Our solution meets all security requirements of weighted voting including the privacy of vote and weight, Dispute-freeness, Fairness and Receipt-Freeness. It's worthwhile for practical applications.