Practical Strategy-Resistant Privacy-Preserving Elections

  • Sébastien Canard
  • David Pointcheval
  • Quentin SantosEmail author
  • Jacques Traoré
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11099)


Recent advances in cryptography promise to let us run complex algorithms in the encrypted domain. However, these results are still mostly theoretical since the running times are still much larger than their equivalents in the plaintext domain. In this context, Majority Judgment is a recent proposal for a new voting system with several interesting practical advantages, but which implies a more involved tallying process than first-past-the-post voting. To protect voters’ privacy, such a process needs to be done by only manipulating encrypted data.

In this paper, we then explore the possibility of computing the (ordered) winners in the Majority Judgment election without leaking any other information, using homomorphic encryption and multiparty computation. We particularly focus on the practicality of such a solution and, for this purpose, we optimize both the algorithms and the implementations of several cryptographic building blocks. Our result is very positive, showing that this is as of now possible to attain practical running times for such a complex privacy-protecting tallying process, even for large-scale elections.



This work was supported in part by the European Research Council under the European Community’s Seventh Framework Programme (FP7/2007-2013 Grant Agreement no. 339563 – CryptoCloud).


  1. [APB+04]
    Aditya, R., Peng, K., Boyd, C., Dawson, E., Lee, B.: Batch verification for equality of discrete logarithms and threshold decryptions. In: Jakobsson, M., Yung, M., Zhou, J. (eds.) ACNS 2004. LNCS, vol. 3089, pp. 494–508. Springer, Heidelberg (2004). Scholar
  2. [BL07]
    Balinski, M., Laraki, R.: A theory of measuring, electing, and ranking. Proc. Natl. Acad. Sci. 104(21), 8720–8725 (2007)MathSciNetCrossRefGoogle Scholar
  3. [BL10]
    Balinski, M., Laraki, R.: Majority Judgment: Measuring Ranking and Electing. MIT Press, Cambridge (2010)zbMATHGoogle Scholar
  4. [BMN+09]
    Benaloh, J., Moran, T., Naish, L., Ramchen, K., Teague, V.: Shuffle-sum: coercion-resistant verifiable tallying for STV voting. IEEE Trans. Inf. Forensics Secur. 4(4), 685–698 (2009)CrossRefGoogle Scholar
  5. [CP93]
    Chaum, D., Pedersen, T.P.: Wallet databases with observers. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 89–105. Springer, Heidelberg (1993). Scholar
  6. [DFK+06]
    Damgård, I., Fitzi, M., Kiltz, E., Nielsen, J.B., Toft, T.: Unconditionally secure constant-rounds multi-party computation for equality, comparison, bits and exponentiation. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 285–304. Springer, Heidelberg (2006). Scholar
  7. [DK05]
    Desmedt, Y., Kurosawa, K.: Electronic voting: starting over? In: Zhou, J., Lopez, J., Deng, R.H., Bao, F. (eds.) ISC 2005. LNCS, vol. 3650, pp. 329–343. Springer, Heidelberg (2005). Scholar
  8. [FS87]
    Fiat, A., Shamir, A.: How to prove yourself: practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987). Scholar
  9. [Gir91]
    Girault, M.: An identity-based identification scheme based on discrete logarithms modulo a composite number. In: Damgård, I.B. (ed.) EUROCRYPT 1990. LNCS, vol. 473, pp. 481–486. Springer, Heidelberg (1991). Scholar
  10. [GPS06]
    Girault, M., Poupard, G., Stern, J.: On the fly authentication and signature schemes based on groups of unknown order. J. Cryptol. 19(4), 463–487 (2006)MathSciNetCrossRefGoogle Scholar
  11. [Pai99]
    Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999). Scholar
  12. [PS96]
    Pointcheval, D., Stern, J.: Security proofs for signature schemes. In: Maurer, U. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 387–398. Springer, Heidelberg (1996). Scholar
  13. [PS98]
    Poupard, G., Stern, J.: Security analysis of a practical “on the fly” authentication and signature generation. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 422–436. Springer, Heidelberg (1998). Scholar
  14. [PS99]
    Poupard, G., Stern, J.: On the fly signatures based on factoring. In: ACM CCS 1999, pp. 37–45. ACM Press, November 1999Google Scholar
  15. [Sho00]
    Shoup, V.: Practical threshold signatures. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 207–220. Springer, Heidelberg (2000). Scholar
  16. [ST04]
    Schoenmakers, B., Tuyls, P.: Practical two-party computation based on the conditional gate. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 119–136. Springer, Heidelberg (2004). Scholar
  17. [ST06]
    Schoenmakers, B., Tuyls, P.: Efficient binary conversion for paillier encrypted values. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 522–537. Springer, Heidelberg (2006). Scholar
  18. [TRN08]
    Teague, V., Ramchen, K., Naish, L.: Coercion-resistant tallying for STV voting. In: 2008 USENIX/ACCURATE Electronic Voting Workshop, EVT 2008, 28–29 July 2008, San Jose, CA, USA, Proceedings (2008)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  • Sébastien Canard
    • 1
  • David Pointcheval
    • 2
    • 3
  • Quentin Santos
    • 1
    • 2
    • 3
    Email author
  • Jacques Traoré
    • 1
  1. 1.Orange LabsCaenFrance
  2. 2.DIENS, École normale supérieure, CNRS, PSL UniversityParisFrance
  3. 3.INRIAParisFrance

Personalised recommendations