Verifiability of Helios Mixnet

  • Ben SmythEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10958)


We study game-based definitions of individual and universal verifiability by Smyth, Frink and Clarkson. We prove that building voting systems from El Gamal coupled with proofs of correct key generation suffices for individual verifiability. We also prove that it suffices for an aspect of universal verifiability. Thereby eliminating the expense of individual-verifiability proofs and simplifying universal-verifiability proofs for a class of encryption-based voting systems. We use the definitions of individual and universal verifiability to analyse the mixnet variant of Helios. Our analysis reveals that universal verifiability is not satisfied by implementations using the weak Fiat-Shamir transformation. Moreover, we prove that individual and universal verifiability are satisfied when statements are included in hashes (i.e., when using the Fiat-Shamir transformation, rather than the weak Fiat-Shamir transformation).



I am grateful to Steve Kremer and the anonymous reviewers for useful feedback that helped improve this paper. I am also grateful to Yingtong Li (developer of helios-server-mixnet) and to Georgios Tsoukalas and Panos Louridas (developers of Zeus) for discussions about their voting systems.


  1. 1.
    Adida, B.: Helios: web-based open-audit voting. In: USENIX Security 2008: 17th USENIX Security Symposium, pp. 335–348. USENIX Association (2008)Google Scholar
  2. 2.
    Adida, B., Marneffe, O., Pereira, O., Quisquater, J.: Electing a university president using open-audit voting: analysis of real-world use of Helios. In: EVT/WOTE 2009: Electronic Voting Technology Workshop/Workshop on Trustworthy Elections. USENIX Association (2009)Google Scholar
  3. 3.
    Alvarez, R.M., Hall, T.E.: Electronic Elections: The Perils and Promises of Digital Democracy. Princeton University Press, Princeton (2010)CrossRefGoogle Scholar
  4. 4.
    Bernhard, D., Pereira, O., Warinschi, B.: How not to prove yourself: pitfalls of the fiat-shamir heuristic and applications to Helios. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 626–643. Springer, Heidelberg (2012). Scholar
  5. 5.
    Bowen, D.: Secretary of State Debra Bowen Moves to Strengthen Voter Confidence in Election Security Following Top-to-Bottom Review of Voting Systems. California Secretary of State, press release DB07:042, August 2007Google Scholar
  6. 6.
    Bulens, P., Giry, D., Pereira, O.: Running Mixnet-based elections with Helios. In: EVT/WOTE 2011: Electronic Voting Technology Workshop/Workshop on Trustworthy Elections. USENIX Association (2011)Google Scholar
  7. 7.
    Bundesverfassungsgericht: Use of voting computers in 2005 Bundestag election unconstitutional, press release 19 March 2009Google Scholar
  8. 8.
    Chang-Fong, N., Essex, A.: The cloudier side of cryptographic end-to-end verifiable voting: a security analysis of Helios. In: ACSAC 2016: 32nd Annual Conference on Computer Security Applications, pp. 324–335. ACM Press (2016)Google Scholar
  9. 9.
    Cortier, V., Galindo, D., Glondu, S., Izabachène, M.: Election verifiability for Helios under weaker trust assumptions. In: Kutyłowski, M., Vaidya, J. (eds.) ESORICS 2014, Part II. LNCS, vol. 8713, pp. 327–344. Springer, Cham (2014). Scholar
  10. 10.
    Cortier, V., Galindo, D., Küsters, R., Mueller, J., Truderung, T.: SoK: verifiability notions for E-voting protocols. In: S&P 2016: 37th IEEE Symposium on Security and Privacy, pp. 779–798. IEEE Computer Society (2016)Google Scholar
  11. 11.
    Cortier, V., Smyth, B.: Attacking and fixing Helios: an analysis of ballot secrecy. J. Comput. Secur. 21(1), 89–148 (2013)CrossRefGoogle Scholar
  12. 12.
    ElGamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans. Inf. Theory 31(4), 469–472 (1985)MathSciNetCrossRefGoogle Scholar
  13. 13.
    Gumbel, A.: Steal This Vote: Dirty Elections and the Rotten History of Democracy in America. Nation Books, New York (2005)Google Scholar
  14. 14.
    Jones, D.W., Simons, B.: Broken Ballots: Will Your Vote Count?, CSLI Lecture Notes, vol. 204. Center for the Study of Language and Information, Stanford University (2012)Google Scholar
  15. 15.
    Juels, A., Catalano, D., Jakobsson, M.: Coercion-resistant electronic elections. In: Chaum, D., et al. (eds.) Towards Trustworthy Elections. LNCS, vol. 6000, pp. 37–63. Springer, Heidelberg (2010). Scholar
  16. 16.
    Katz, J., Lindell, Y.: Introduction to Modern Cryptography. Chapman & Hall/CRC, Boca Raton (2007)CrossRefGoogle Scholar
  17. 17.
    Kiayias, A., Zacharias, T., Zhang, B.: End-to-end verifiable elections in the standard model. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015, Part II. LNCS, vol. 9057, pp. 468–498. Springer, Heidelberg (2015). Scholar
  18. 18.
    Kohno, T., Stubblefield, A., Rubin, A.D., Wallach, D.S.: Analysis of an electronic voting system. In: S&P 2004: 25th Security and Privacy Symposium, pp. 27–40. IEEE Computer Society (2004)Google Scholar
  19. 19.
    Kremer, S., Ryan, M., Smyth, B.: Election verifiability in electronic voting protocols. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 389–404. Springer, Heidelberg (2010). Scholar
  20. 20.
    Küsters, R., Truderung, T., Vogt, A.: Accountability: definition and relationship to verifiability. In: CCS 2010: 17th ACM Conference on Computer and Communications Security, pp. 526–535. ACM Press (2010)Google Scholar
  21. 21.
    Küsters, R., Truderung, T., Vogt, A.: Verifiability, privacy, and coercion-resistance: new insights from a case study. In: S&P 2011: 32nd IEEE Symposium on Security and Privacy, pp. 538–553. IEEE Computer Society (2011)Google Scholar
  22. 22.
    Küsters, R., Truderung, T., Vogt, A.: Clash attacks on the verifiability of e-voting systems. In: S&P 2012: 33rd IEEE Symposium on Security and Privacy, pp. 395–409. IEEE Computer Society (2012)Google Scholar
  23. 23.
    Küsters, R., Truderung, T., Vogt, A.: Accountability: Definition and relationship to verifiability. Cryptology ePrint Archive, Report 2010/236 (version 20150202:163211) (2015)Google Scholar
  24. 24.
    Lijphart, A., Grofman, B.: Choosing an Electoral System: Issues and Alternatives. Praeger, New York (1984)Google Scholar
  25. 25.
    Meyer, M., Smyth, B.: An attack against the Helios election system that exploits re-voting. arXiv, Report 1612.04099 (2017)Google Scholar
  26. 26.
    Organization for Security and Co-operation in Europe: Document of the Copenhagen Meeting of the Conference on the Human Dimension of the CSCE (1990)Google Scholar
  27. 27.
    Organization of American States: American Convention on Human Rights, “Pact of San Jose, Costa Rica” (1969)Google Scholar
  28. 28.
    Quaglia, E.A., Smyth, B.: A short introduction to secrecy and verifiability for elections. arXiv, Report 1702.03168 (2017)Google Scholar
  29. 29.
    Quaglia, E.A., Smyth, B.: Authentication with weaker trust assumptions for voting systems. In: Joux, A., Nitaj, A., Rachidi, T. (eds.) AFRICACRYPT 2018. LNCS, vol. 10831, pp. 322–343. Springer, Cham (2018). Scholar
  30. 30.
    Quaglia, E.A., Smyth, B.: Secret, verifiable auctions from elections. Theor. Comput. Sci. 730, 44–92 (2018)MathSciNetCrossRefGoogle Scholar
  31. 31.
    Saalfeld, T.: On Dogs and Whips: Recorded Votes. In: Döring, H. (ed.) Parliaments and Majority Rule in Western Europe, chap. 16. St. Martin’s Press (1995)Google Scholar
  32. 32.
    Schweikardt, N.: Arithmetic, first-order logic, and counting quantifiers. ACM Trans. Comput. Logic 6(3), 634–671 (2005)MathSciNetCrossRefGoogle Scholar
  33. 33.
    Smyth, B.: First-past-the-post suffices for ranked voting (2017).
  34. 34.
    Smyth, B.: Ballot secrecy: Security definition, sufficient conditions, and analysis of Helios. Cryptology ePrint Archive, Report 2015/942 (2018)Google Scholar
  35. 35.
    Smyth, B.: A foundation for secret, verifiable elections. Cryptology ePrint Archive, Report 2018/225 (2018)Google Scholar
  36. 36.
    Smyth, B.: Verifiability of Helios Mixnet. Cryptology ePrint Archive, Report 2018/017 (2018)Google Scholar
  37. 37.
    Smyth, B., Frink, S., Clarkson, M.R.: Election Verifiability: Cryptographic Definitions and an Analysis of Helios and JCJ. Cryptology ePrint Archive, Report 2015/233 (version 20170111:122701) (2017)Google Scholar
  38. 38.
    Smyth, B., Ryan, M., Kremer, S., Kourjieh, M.: Towards automatic analysis of election verifiability properties. In: Armando, A., Lowe, G. (eds.) ARSPA-WITS 2010. LNCS, vol. 6186, pp. 146–163. Springer, Heidelberg (2010). Scholar
  39. 39.
  40. 40.
    UK Electoral Commission: Key issues and conclusions: May 2007 electoral pilot schemes, May 2007Google Scholar
  41. 41.
    United Nations: Universal Declaration of Human Rights (1948)Google Scholar

Copyright information

© International Financial Cryptography Association 2019

Authors and Affiliations

  1. 1.Interdisciplinary Centre for Security, Reliability and TrustUniversity of LuxembourgEsch-sur-AlzetteLuxembourg

Personalised recommendations