ArticlePDF Available

A Practical Electronic Voting Protocol Using Threshold Schemes

Authors:
Ahmad Baraani-Dastjerdi at University of Isfahan
Ahmad Baraani-Dastjerdi
Josef Pieprzyk at Macquarie University
Josef Pieprzyk
Reihaneh Safavi-Naini at University of Calgary
Reihaneh Safavi-Naini
Download full-text PDF
Read full-text
Download citation

Abstract and Figures

This paper presents a novel secret voting scheme which fully conforms to the requirements of large scale elections. The participants in the scheme are voters, candidates, an administrator, and a counter. The scheme uses threshold encryption to preserve the privacy and accuracy of the votes against dishonesty of voters, candidates, the administrator, and the counter. It also ensures verifiability, fairness, and soundness of the voting process and hence neither administrator nor candidates, or the counter is capable of producing false tally, affecting the voting result, or corrupting/disrupting the election. A Practical Electronic Voting Protocol Using Threshold Schemes 1 Introduction The development of cryptographic techniques allow us to "computerize" many areas of human activities. Voting is an important human activity in a democratic society. The problem of providing a secure system which ensures privacy of the voters and accuracy of the votes, and is suitable for application in l...
Figures - uploaded by Reihaneh Safavi-Naini
Author content
All figure content in this area was uploaded by Reihaneh Safavi-Naini
Content may be subject to copyright.
Content uploaded by Reihaneh Safavi-Naini
Author content
All content in this area was uploaded by Reihaneh Safavi-Naini on Dec 01, 2014
Content may be subject to copyright.
2. Registration.
3. Voting.
1. Preparation.
4 Opening.
It consists of two steps:
The signed ballot x is sent to all N candidates anonymously by voter Vi.
i
a.
c.
a.
i
b.
i
Voters send their encryption key to the counter anonymously.
Counter opens votes and counts them and announces the result.
b.
b.
Each candidate computes his/her partial cryptogram share on the signed
The counter computes all t of N combinations c and w to get the ballot
and z . If the majority of the ballot computed is the same and psuedo
identity z is valid then a roster of valid ballot is made and published.
i
i
jj
i
ballots and decrypted psuedo identities and then (c , w ) to the counter.
j
j
A trusted party generates N secret keys of the threshold encryption scheme
distributes the partial keys to the candidates and a corresponding key K to the
counter.
The voters’ pseudo identities decrypted by K and sent via an untraceable channel.
-1
-1
a. Voter V creates x and makes the message e
i
, that hidden ballot,
and sends it to A for A’s blind signature.
Administrator A signs the message e and sends the signature to the voter.
1
executes phase
x=B(v,k)
Ballot
prepares
VOTER: Administrator
executes phase
2
list of <ID,e,s>
registered voters
Publish m as a number of the
Broadcast channel
d=S (e) if a voter not already applied and eligible
A
<ID, e, s > where s =S(e) and e= X(x, r)
VOTER
COUNTER
CANDIDATES
VOTER:
:
Each candidate
C
C
C
C
1
2
N-1
N
i i
checks y A’
signature on ballot x
i
i
j
candidate.
COUNTER:
Anonymous channel
Broadcast channel
i
j
(z ,x y )
(z ,x y )
(x , y ).c .w
(x , y ).c .w
(z ,x y )
ii
i
ii
i
i
(z ,x y )
i i i
i i
i i
(x , y ).c .w
i i
i
1
1
2 2
N N
(x ,y )c
N-1
.w
N-1
(x , y ).c .w is sent to the counter.
i i j
j
(l , x , y )
i i
i
i
THEN it is valid
sends(z ,x ,y ) IF A’signature y =R (d ,r )
ELSE publish(x , y )
i i
IF signature is valid THEN
IF t out of N Combination of c
are equal and z is valid THEN
i i A i i
i
ELSE piblishes (z ,x y )
i i
Finally m
; the number of accepted ballots, is published by the
VOTER
COUNTER
j
Anonymous channel
opens ballot x
counts votes and publishes
the result
i
C
i-th
IF t out of N m = m (<= m ) and(x , y )
A
i
i
is in the list THEN send (l, k )
i
... In [167], Baraani-Dastjerdi et al. present a secret voting scheme that leverages threshold encryption to preserve the privacy of participants, namely the voters, and ensure the accuracy of the votes against any dishonest entity inside the system which can be the voters themselves, the candidates, or the administrator. The threshold encryption scheme used is a generic construction that leverages SSS [45] to distribute N partial Threshold encryption is also popular in addressing the privacy issue of decentralized cloud storage systems. ...
L'utilisation des blockchains pour renforcer la sécurité etaméliorer la confiance dans les réseaux distribués
Thesis
Full-text available
  • Mar 2022
En 2016, le nombre de décès dus aux accidents de la route atteignait 1,35 million, et ces accidents sont souvent imputable à l’erreur humaine. L'expansion technologique d'Internet et des réseaux interconnectés facilitent l'échange d'informations, parfois vitales. C'est pourquoi beaucoup de travaux ont été produit sur l'automatisation des véhicules. L’amélioration de la sécurité routière est l'un des facteurs qui motive la recherche dans ce domaine et pousse vers l’adoption de systèmes de transport intelligents (ITS) et de réseaux véhiculaires ad hoc (VANET).Un VANET est défini comme un réseau ad-hoc particulier, formé de véhicules capables de communiquer et de traiter l’information reçue, et évoluent en milieu urbain (rues ou autoroutes). Les véhicules peuvent communiquer directement, de pair à pair, ou via un nœud intermédiaire.L'objectif principal de la sécurité des VANETs et des communications véhiculaires est de fournir l'intégrité des messages échangés et la disponibilité des services qui supportent ces échanges. La protection de la confidentialité de ce qu'ils contiennent est un objectif secondaire car non vital. Assurer la responsabilité, c'est-à-dire proposer un moyen d'identifier les entités communicantes et de les tenir responsables pour les messages qu’ils diffusent, est essentiel voire légalement obligatoire. Ce mécanisme doit garantir que tout nœud qui subit une faute, panne ou agit de façon malveillante, soit identifié, révoqué, finalement puni pour ses actions et leurs conséquences. Cependant, un tel mécanisme d'identification pose un problème et risque de compromettre la vie privée des utilisateurs, même lorsqu'ils sont honnêtes.Cette thèse porte sur le délicat compromis entre anonymat et traçabilité dans systèmes distribués tels que les ITSs. Nous étudions l'utilisation des blockchains (chaînes de blocs) dans la construction de primitives cryptographiques à seuil. Ces primitives sont utilisées afin de préserver la vie privée mais aussi la responsabilité des acteurs et étudiées dans leur application au cas des VANETs.Notre première contribution, appelée DOGS, est un schéma de signature de groupe basé sur la blockchain qui propose la fonctionnalité d'ouverture distribuée. Nous montrons, dans cette thèse, que le système améliore un schéma de signature de groupe existant et exploite un protocole de génération de clé distribuée pour répartir le rôle de l'ouvreur (Opener) sur un ensemble de nœuds appelés les sous-ouvreurs (sub-openers).Notre deuxième contribution est une génération de clé distribuée anonyme mais traçable, appelé BAT-Key, qui utilise une blockchain pour assurer la confiance entre les différentes entités qui composent le système. Dans la suite de la thèse, nous expliquons comment nous avons amélioré les protocoles traditionnels avec la propriété d'anonymat qui protège l'identité des participants.Notre troisième contribution, appelée TOAD, est un schéma de chiffrement à seuil basé sur la blockchain avec un service de déchiffrement anonyme mais traçable. Nous montrons que le schéma s'appuie sur un schéma de chiffrement à seuil connu et l’améliore par un processus de déchiffrement collaboratif qui protège l'identité des serveurs de déchiffrement.Tout au long des chapitres, nous expliquons comment l'utilisation de la blockchain garantit la traçabilité des actions effectuées au sein du système par des nœuds anonymes et assure ainsi leur responsabilité tout en préservant la vie privée.Ces schémas sont de la plus haute importance dans l'ère du numérique, même en dehors du domaine des ITSs. Pourtant, nous avons choisi d'illustrer leur importance dans le contexte des VANETs à travers notre dernière contribution : la description de notre construction d'un système de rapport de trafic routier basé sur la blockchain qui préserve l’anonymat des nœuds qui rapportent les informations, mais les tient pour responsables de leurs messages en cas de litige.
View
... Privacy is a fundamental protocol requirement for REV systems. Various approaches based on homomorphic encryption [13], [31], or blind signatures schemes [5], [22], as well as Decryption Mixnets (DMN) [11] exist. DMNs are based on multiple layers of client-slide encryptions of a ballot i.e., each voter encrypts their ballot once with the public key of each mixer. ...
View
... The main problem was voter's involvement. Baraani et al. [15] presented his protocol which involves candidates in voting procedure. The final result is generated by using threshold scheme. ...
Anonymous and formally verified dual signature based online e-voting protocol
Article
Full-text available
  • Jan 2019
  • CLUSTER COMPUT
The traditional paper-based voting is severely criticized after having found evidence of rigging in elections, leading to the uncertainty in the fairness of the election process. Traditional voting systems have severe issues in either user’s privacy or voting procedures. To counter these issues, e-voting systems have emerged as a potential solution. In this work, we proposed Internet e-voting protocol that fulfills the core properties like anonymity, verifiability, eligibility, privacy, receipt-freeness and fairness using dual signature. We prove the effectiveness and validity of our system using formal methods. A rigorous performance evaluation shows that our system clearly outperforms the existing state-of-the-art blind signature Internet e-voting protocols.
View
... This protocol, in spite of its popularity, has some fundamental problems concerning voter anonymity and in that fake votes for non-voters can be introduced by the administration. The problem of introducing fake votes was addressed by [4] by introducing voter pseudonyms sent through anonymous channels to all candidate servers, which are then used to authenticate the vote itself. ...
View
... To overcome these drawbacks, many variations of the FOO92 protocol have been suggested in the literature [2,23,[31][32][33], and several prototype implementations have been realized. One of the first and most-cited prototype systems is S, which has been implemented and tested at the Washington University [34]. ...
TrustVote: A Proposal for a Hybrid E-Voting System
Article
Full-text available
This paper presents a hybrid e-voting system, in which a transparent e-voting protocol is embedded in a traditional paper-based voting procedure. To guarantee vote anonymity, the protocol itself is based on a scalable blind signature scheme with multiple authorities. An anonymous channel is used to cast the encrypted votes onto the public board. To prevent vote buying and vote coercion, we depart from the mainstream approach of taking additional measures to guarantee receipt-freeness. Instead, we propose to exploit the existence of a receipt to allow vote revocations over the enclosing paper-based voting procedure.
View
Impact of Decentralisation on Electronic Voting Systems: A Systematic Literature Survey
Article
Full-text available
  • Jan 2023
The modernization of voting methods is a dynamic area of research currently. In the past, innovation in voting methodswas limited to the automation of steps in the process through mechanical means. This changed with the introduction of commercial cryptography in the 1970s, whose applications to voting triggered a new era in this research field. Researchers used the following years to apply tools derived from cryptographic methods to build increasingly secure, transparent, and practical electronic voting systems. Despite the effort, a true remote electronic voting system was never achieved with the technology available. The introduction of Bitcoin in 2009 brought much attention to the blockchain concept that supported it. This new data model offered new levels of transparency, data immutability, and pseudo-anonymity that made it attractive and useful to e-voting researchers. Soon after, articles detailing the first blockchain-based e-voting systems were published, and the research field entered a new era. This article presents a study on the evolution of research in electronic voting systems, following a systematic literature review methodology and a chronological evolution from the first systems that employed public cryptographic concepts up to blockchain-based proposals, with the objective of detailing the evolution of the technology as a whole, as well as all the elements, centralised and decentralised, created and used to implement voting systems.
View
View
Der Vertrauensaspekt in elektronischen Wahlen
Chapter
  • Jan 1995
In diesem Beitrag werden Konzepte zur Realisierung elektronischer Wahlen vorgestellt und ausgewählte Protokolle skizziert, ohne auf mathematische Details einzugehen. Zunächst werden die grundlegende Anforderungen erläutert, die an elektronische Wahlen gestellt werden. Die bisher publizierten Ansätze werden dann danach klassifiziert, wie groß das Vertrauen der Wähler in die Wahlleiter bzw. in die zugehörigen Trust Center ist. Die Ziele beim Entwurf eines Wahlschemas sind einerseits die weitgehende Erfüllung der an sie gestellten Sicherheitsanforderungen, die Effizienz des Verfahrens sowie der möglichst geringe Grad des Vertrauens, den die Wähler den Wahlleitern entgegenbringen müssen. Die angegebene Literatur kann als umfassende Referenz zum Thema „Elektronische Wahlen“ genutzt werden.
View
View
A Receipt-free Multi-Authority E-Voting System
Article
Full-text available
The existing e-voting schemes satisfied requirements such as eligibility, completeness, "no vote duplication", privacy but have not been able to solve the problems of universal verifiability, coercion, bribery and fairness in the overall election process. In this work, a receipt-free multi-authority e-voting system is proposed to solve the drawbacks of the existing e-voting systems is proposed. The proposed scheme employs ElGamal encryption for ensuring the security of votes because of its probabilistic nature. ElGamal which is homomorphic with multiplication is modified to be additive homomorphic in order to ensure voters" privacy and overall election efficiency. A trusted centre is involved in the scheme to distribute the shared secret key among the authorities and the Shamir(t, n) threshold scheme is used for key distribution. The authorities will then use this share secret to decrypt the encrypted ballot. 1-out-of-L re-encryption is used to guarantee receipt-freeness. The proposed scheme is divided into registration, validation, vote casting and tallying phases. The security analysis of the scheme was then carried out to show its effectiveness.
View
Completeness Theorems for Non-Cryptographic Fault-Tolerant Distributed Computation (Extended Abstract)
Conference Paper
Full-text available
  • Jan 1988
Every function of n inputs can be efficiently computed by a complete network of n processors in such a way that: If no faults occur, no set of size t < n/2 of players gets any additional information (other than the function value),Even if Byzantine faults are allowed, no set of size t < n/3 can either disrupt the computation or get additional information.Furthermore, the above bounds on t are tight!
View
Multiparty Unconditionally Secure Protocols (Abstract)
Conference Paper
Full-text available
  • Aug 1987
It has been shown previously how almost any multiparty protocol problem can be solved. All the constructions suggested so far rely on trapdoor one-way functions, and therefore must assume essentially that public key cryptography is possible. It has also been shown that unconditional protection of a single designated participant is all that can be achieved under that model. Assuming only authenticated secrecy channels between pairs of participants, we show that essentially any multiparty protocol problem can be solved. Such a model actually implies the further requirement that less than one third of the participants deviate from the protocol. The techniques presented do not, however, rely on any cryptographic assumptions; they achieve the optimal result and provide security as good as the secrecy and authentication of the channels used. Moreover, the constructions have a built-in fault tolerance: once the participants have sent messages committing themselves to the secrets they will use in the protocol, there is no way less than a third of them can stop the protocol from completing correctly. Our technique relies on the so called key-safeguarding or secret-sharing schemes proposed by Blakley and Shamir as basic building blocks. The usefulness of their homomorphic structure was observed by Benaloh, who proposed techniques very similar to ours.
View
View
View
View
View
A Cryptographic Scheme for Computerized General Elections
Conference Paper
  • Jan 1995
This paper presents a novel cryptographic scheme which fully conforms to the requirements of holding large scale general elections. The participants of the scheme are the voters, the candidates and the government. The scheme ensures independence between the voters in that they do not have to be present at the same time or go through several phases together; no global computation is needed. The scheme preserves the privacy of the votes against any subset of dishonest voters, and against any proper subset of dishonest candidates, including the government. Robustness is ensured in that no subset of voters can corrupt or disrupt the election. This also means that no voter is able to vote more than once without being detected. The verifiability of the scheme ensures that the government and the candidates cannot present a false tally without being caught. “Voting by telephone” is possible by employing the proposed scheme.
View
A Robust and Verifiable Cryptographically Secure Election Scheme (Extended Abstract)
Conference Paper
  • Jan 1985
  • Proc Annu Symp Found Comput Sci
The authors describe a cryptographic scheme for holding a secure secret ballot election in which all communication is public. Voters cast their votes electronically, suitably encrypted, and a 'government' releases a tally and a proof of its correctness that can be verified by all. The scheme has several novel aspects. First, it is robust in the sense that no conspiracy of dishonest voters can prevent, with more than very low probability, the successful completion of the election. Second, the government cannot release a false tally without being detected by every honest voter, except with very low probability. Third, if any conspiracy of dishonest voters can compromise privacy by gaining more than a very slight amount of information, beyond that which is contained in the tally, about how the honest voters voted, then one can find an efficient algorithm for a certain number-theoretic problem which has no known efficient solution. The proof is by a polynomial-time reduction of the latter problem to the former; the reduction is valid regardless of the actual complexity of the number-theoretic problem. Moreover, none of these properties depend on any unsubstantiated cryptographic assumptions.
View
Elections with Unconditionally-Secret Ballots and Disruption Equivalent to Breaking RSA
Conference Paper
  • May 1988
  • Lect Notes Comput Sci
Election protocols embodying robustness, verifiability of returns by voters, and unconditional security for voters’ privacy have been presented. The techniques also allow untraceable payments and credentials.
View
A New Multiple Key Cipher and an Improved Voting Scheme
Conference Paper
  • Jan 1989
At Eurocrypt 88 [1] we introduced the notion of a multiple key cipher and illustrated it with an example based on RSA which we called “multiple key RSA”. In this paper we consider another multiple key cipher also based on a well known cryptographic function, exponentiation in a prime field. The important difference from multiple key RSA is that this function does not possess the trapdoor property. At the end of [1] we speculated that such functions may have useful applications and here we give as one illustration a new voting scheme.
View