End-to-End Verifiable Quadratic Voting with Everlasting Privacy

  • Olivier Pereira
  • Peter B. RønneEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11599)


Quadratic voting is an intriguing new method for public choice suggested by Lalley and Weyl, which they showed to be utilitarian efficient. Voters are given a budget of credits and can assign each of the candidates a (perhaps negative) value, where the price paid for their voting choice is the sum of the squared values. From a security viewpoint, we generally request elections to be private and have integrity, and even further (end-to-end) verifiability which entails public bulletin boards. Such public data might be troublesome when considering future adversaries capable of breaking current cryptographic primitives, either due to computational power advances, broken primitives or scientific breakthroughs. This calls for election schemes with everlasting privacy and perfectly private audit trails. In the case of quadratic voting this is even more crucial since budget balances have to be linked between elections in a verifiable way, and revealing old budget values partially break privacy in later elections. In this paper, we suggest an efficient construction of electronic quadratic voting with end-to-end verifiability and a perfectly private audit trail inspired by the methods of Cuvelier, Pereira and Peters, but adapted to include the quadratic relations and keeping budget balances everlasting private.



The authors acknowledge support from the Luxembourg National Research Fund (FNR) and Belgium Fonds de la Recherche Scientifique for the joint FNR/F.R.S.-FNRS project SeVoTe. PBR also acknowledges the FNR INTER project VoteVerif. This work has also been funded in part by the European Union (EU) and the Walloon Region through the FEDER project USERMedia (convention number 501907-379156).


  1. 1.
    Adida, B., De Marneffe, O., Pereira, O., Quisquater, J.-J.: Electing a university president using open-audit voting: analysis of real-world use of Helios. In: Proceedings of the 2009 Conference on Electronic Voting Technology/Workshop on Trustworthy Elections, EVT/WOTE 2009, Berkeley, CA, USA, p. 10. USENIX Association (2009)Google Scholar
  2. 2.
    Barreto, P.S.L.M., Naehrig, M.: Pairing-friendly elliptic curves of prime order. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 319–331. Springer, Heidelberg (2006). Scholar
  3. 3.
    Bellare, M., Goldwasser, S.: Verifiable partial key escrow. In: Proceedings of the 4th ACM Conference on Computer and Communications Security, pp. 78–91. ACM (1997)Google Scholar
  4. 4.
    Benaloh, J.: Ballot casting assurance via voter-initiated poll station auditing. In: USENIX/ACCURATE Electronic Voting Technology Workshop, EVT 2007. USENIX Association (2007)Google Scholar
  5. 5.
    Bernhard, D., Pereira, O., Warinschi, B.: How not to prove yourself: pitfalls of the fiat-shamir heuristic and applications to Helios. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 626–643. Springer, Heidelberg (2012). Scholar
  6. 6.
    Boneh, D., Goh, E.-J., Nissim, K.: Evaluating 2-DNF formulas on ciphertexts. In: Kilian, J. (ed.) TCC 2005. LNCS, vol. 3378, pp. 325–341. Springer, Heidelberg (2005). Scholar
  7. 7.
    Camenisch, J.: Group signature schemes and payment systems based on the discrete logarithm problem. PhD thesis, ETH Zurich (1998)Google Scholar
  8. 8.
    Chandar, B., Weyl, E.G.: Quadratic voting in finite populations (2017)Google Scholar
  9. 9.
    Chuengsatiansup, C., Naehrig, M., Ribarski, P., Schwabe, P.: PandA: pairings and arithmetic. In: Cao, Z., Zhang, F. (eds.) Pairing 2013. LNCS, vol. 8365, pp. 229–250. Springer, Cham (2014). Scholar
  10. 10.
    Cramer, R., Damgård, I., Schoenmakers, B.: Proofs of partial knowledge and simplified design of witness hiding protocols. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 174–187. Springer, Heidelberg (1994). Scholar
  11. 11.
    Cramer, R., Gennaro, R., Schoenmakers, B.: A secure and optimally efficient multi-authority election scheme. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 103–118. Springer, Heidelberg (1997). Scholar
  12. 12.
    Cuvelier, É., Pereira, O., Peters, T.: Election verifiability or ballot privacy: do we need to choose? In: Crampton, J., Jajodia, S., Mayes, K. (eds.) ESORICS 2013. LNCS, vol. 8134, pp. 481–498. Springer, Heidelberg (2013). Scholar
  13. 13.
    Damgård, I.: On sigma protocols (2010).
  14. 14.
    Fiat, A., Shamir, A.: How to prove yourself: practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987). Scholar
  15. 15.
    Gennaro, R., Jarecki, S., Krawczyk, H., Rabin, T.: Secure distributed key generation for discrete-log based cryptosystems. J. Cryptol. 20(1), 51–83 (2007)MathSciNetCrossRefGoogle Scholar
  16. 16.
    Lalley, S.P., Weyl, E.G.: Nash equilibria for a quadratic voting game. CoRR, abs/1409.0264 (2014)Google Scholar
  17. 17.
    Park, S., Rivest, R.L.: Towards secure quadratic voting. Public Choice 172(1–2), 151–175 (2017). Scholar
  18. 18.
    Pedersen, T.P.: A threshold cryptosystem without a trusted party. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 522–526. Springer, Heidelberg (1991). Scholar
  19. 19.
    Quarfoot, D., von Kohorn, D., Slavin, K., Sutherland, R., Goldstein, D., Konar, E.: Quadratic voting in the wild: real people, real votes. Public Choice 172(1), 283–303 (2017). Scholar
  20. 20.
    Sasson, E.B., et al.: Decentralized anonymous payments from Bitcoin. In: Proceedings of the 2014 IEEE Symposium on Security and Privacy, SP 2014, Washington, DC, USA, pp. 459–474. IEEE Computer Society (2014)Google Scholar
  21. 21.
    Schnorr, C.P.: Efficient identification and signatures for smart cards. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 239–252. Springer, New York (1990). Scholar
  22. 22.
    Wikström, D.: Simplified submission of inputs to protocols. In: Ostrovsky, R., De Prisco, R., Visconti, I. (eds.) SCN 2008. LNCS, vol. 5229, pp. 293–308. Springer, Heidelberg (2008). Scholar

Copyright information

© International Financial Cryptography Association 2020

Authors and Affiliations

  1. 1.Université catholique de LouvainLouvain-la-NeuveBelgium
  2. 2.SnT, University of LuxembourgLuxembourgLuxembourg

Personalised recommendations