Skip to main content
SpringerLink
Log in

Making Code Voting Secure Against Insider Threats Using Unconditionally Secure MIX Schemes and Human PSMT Protocols

  • Conference paper
  • First Online:
E-Voting and Identity (Vote-ID 2015)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9269))

Included in the following conference series:

Abstract

It is clear to the public that when it comes to privacy, computers and “secure” communication over the Internet cannot fully be trusted. Chaum introduced code voting as a solution for using a possibly infected-by-malware device to cast a vote in an electronic voting application. He trusted the mail system. However, a conspiracy between the mail system and the recipient of the cast ballots breaks privacy. Considering a t-bounded passive adversary, we remove the trust in the mail. We propose both single and multi-seat elections, using PSMT protocols (SCN 2012) where with the help of visual aids, humans can carry out mod10 addition correctly with a 99 % degree of accuracy. We introduce an unconditionally secure MIX based on the combinatorics of set systems.

A part of this work was done while being, part time, at RCIS/AIST, Japan.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    A returning officer oversees elections in one or more constituencies [34].

  2. 2.

    The work of [5] is independent and their MIX servers are different. For a further comparison, see [14].

  3. 3.

    See also [18, Sect. 2.3] for an extensive description of set systems and how these relate to covering designs.

  4. 4.

    The dual problem is that instead of having v senders, we have v receivers and one sender. Obviously a solution for the first provides a similar solution for the second.

  5. 5.

    As shown in [13], to securely compute \(\pi \) and \(\omega \) where \(\pi \) is chosen by one party and \(\omega \) by another, we need \(2t+1\) parties with t curious parties. To mimic as closely as possible the working of [13], the leader of \(B_2\) chooses \(\omega ^2_{i,j}\) and not the leader of \(B_1\).

  6. 6.

    Note that the MIX servers in \(B_1 \cup B_2\) can also be a in \(X'_{1,2}\) where \(|X'_{1,2}| \ge 2t+1\). Additionally, the efficiency of black box non-Abelian multiparty computation protocols is better when \(|X'_{1,2}| >> 2t+1\).

  7. 7.

    Note that [13] allows to organize the computation such that the output, i.e. shares of \(\pi ^{2}_{i}\), are received by parties in \(B_2\).

References

  1. E-voting. https://www.ch.ch/en/online-voting/

  2. Four Grand Challenges in Trustworthy Computing. In: CRA Conference on Grand Research Challenges in Information Security and Assurance, Warrenton, Virginia, 16–19 November 2003

    Google Scholar 

  3. Abe, M.: Universally verifiable mix-net with verification work independent of the number of mix-servers. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 437–447. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  4. Blocki, J., Blum, M., Datta, A.: Human computable passwords. CoRR (2014)

    Google Scholar 

  5. Buchmann, J., Demirel, D., van de Graaf, J.: Towards a publicly-verifiable mix-net providing everlasting privacy. In: Sadeghi, A.-R. (ed.) FC 2013. LNCS, vol. 7859, pp. 197–204. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  6. Chaum, D.: SureVote: technical overview. In: Proceedings of the Workshop on Trustworthy Elections, Tomales Bay, CA, USA, 26–29 August 2001

    Google Scholar 

  7. Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Commun. ACM 24(2), 84–88 (1981)

    Article  Google Scholar 

  8. Chaum, D., Essex, A., Carback, R., Clark, J., Popoveniuc, S., Sherman, A.T., Vora, P.L.: Scantegrity: end-to-end voter-verifiable optical-scan voting. IEEE Secur. Priv. 6(3), 40–46 (2008)

    Article  Google Scholar 

  9. Cohen, G., Damgård, I.B., Ishai, Y., Kölker, J., Miltersen, P.B., Raz, R., Rothblum, R.D.: Efficient multiparty protocols via log-depth threshold formulae. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part II. LNCS, vol. 8043, pp. 185–202. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  10. Colbourn, C.J., Dinitz, J.H.: Handbook of Combinatorial Designs. Discrete Mathematics and Its Applications, 2nd edn. Chapman & Hall/CRC, Boca Raton (2006)

    Book  Google Scholar 

  11. Cramer, R., Franklin, M.K., Schoenmakers, B., Yung, M.: Multi-authority secret-ballot elections with linear work. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 72–83. Springer, Heidelberg (1996)

    Chapter  Google Scholar 

  12. Desmedt, Y., Jajodia, S.: Redistributing secret shares to new access structures and its applications. Technical Report ISSE-TR-97-01, George Mason University

    Google Scholar 

  13. Desmedt, Y., Pieprzyk, J., Steinfeld, R., Sun, X., Tartary, C., Wang, H., Yao, A.C.-C.: Graph coloring applied to secure computation in non-abelian groups. J. Cryptol. 25(4), 557–600 (2012)

    Article  MathSciNet  Google Scholar 

  14. Desmedta, Y., Erotokritou, S.: Making Code Voting Secure against Insider Threats using Unconditionally Secure MIX Schemes and Human PSMT Protocols. https://www.cyi.ac.cy/images/ResearchProjects/SteliosE/voteID2015Final Short.pdf

  15. Desmedt, Y.G., Kurosawa, K.: How to break a practical MIX and design a new one. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 557–572. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  16. Desmedt, Y.G., Wang, Y., Burmester, M.: A complete characterization of tolerable adversary structures for secure point-to-point transmissions without feedback. In: Deng, X., Du, D.-Z. (eds.) ISAAC 2005. LNCS, vol. 3827, pp. 277–287. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  17. Dolev, D., Dwork, C., Waarts, O., Yung, M.: Perfectly secure message transmission. J. ACM 40(1), 17–47 (1993)

    Article  MathSciNet  MATH  Google Scholar 

  18. Erotokritou, S., Desmedt, Y.: Human perfectly secure message transmission protocols and their applications. In: Visconti, I., De Prisco, R. (eds.) SCN 2012. LNCS, vol. 7485, pp. 540–558. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  19. Estehghari, S., Desmedt, Y.: Exploiting the client vulnerabilities in internet e-voting systems: Hacking Helios 2.0 as an example. In: EVT/WOTE 2010 (2010)

    Google Scholar 

  20. Franklin, M.K., Yung, M.: Secure hypergraphs: privacy from partial broadcast. SIAM J. Discrete Math. 18(3), 437–450 (2004)

    Article  MathSciNet  Google Scholar 

  21. Furukawa, J.: Efficient and verifiable shuffling and shuffle-decryption. IEICE Trans. 88–A(1), 172–188 (2005)

    Article  Google Scholar 

  22. Gerck, E., Neff, C.A., Rivest, R.L., Rubin, A.D., Yung, M.: The business of electronic voting. In: Syverson, P.F. (ed.) FC 2001. LNCS, vol. 2339, p. 234. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  23. Groth, J., Ishai, Y.: Sub-linear zero-knowledge argument for correctness of a shuffle. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 379–396. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  24. Helios. Helios Voting. http://heliosvoting.org/

  25. Katti, S., Cohen, J., Katabi, D.: Information slicing: anonymity using unreliable overlays. In: Proceedings of the 4th USENIX Symposium on NSDI, Cambridge, Massachusetts, U.S.A., 11–13 April 2007, pp. 43–56 (2007)

    Google Scholar 

  26. Khazaei, S., Moran, T., Wikström, D.: A mix-net from any CCA2 secure cryptosystem. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 607–625. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  27. Maaten, E.: Towards remote e-voting: Estonian case. In: Electronic Voting in Europe - Technology, Law, Politics and Society, 7th-9th July 2004. LNI, vol. 47, pp. 83–100. GI, Bregenz (2004)

    Google Scholar 

  28. Malkopoulou, A.: Lost voters: participation in eu elections and the case for compulsory voting. CEPS Working Document No. 317, 24 July 2009

    Google Scholar 

  29. Moran, T., Naor, M.: Split-ballot voting: everlasting privacy with distributed trust. ACM Trans. Inf. Syst. Secur. 13(2), 16:1–16:43 (2010)

    Article  Google Scholar 

  30. Rabin, M.O., Rivest, R.L.: Efficient end to end verifiable electronic voting employing split value representations. In: EVOTE 2014, Bregenz, Austria (to appear)

    Google Scholar 

  31. Sako, K., Kilian, J.: Secure voting using partially compatible homomorphisms. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 411–424. Springer, Heidelberg (1994)

    Google Scholar 

  32. Sampigethaya, K., Poovendran, R.: A survey on mix networks and their secure applications. Proc. IEEE 94, 2142–2181 (2006)

    Article  Google Scholar 

  33. Tran, A., Hopper, N., Kim, Y.: Hashing it out in public: common failure modes of DHT-based anonymity schemes. In: Proceedings of WPES 2009, Chicago, Illinois, USA, 9 November, pp. 71–80 (2009)

    Google Scholar 

  34. Wikipedia. Returning officer. http://en.wikipedia.org/wiki/Returning_officer

  35. Wikström, D.: The security of a mix-center based on a semantically secure cryptosystem. In: Menezes, A., Sarkar, P. (eds.) INDOCRYPT 2002. LNCS, vol. 2551, pp. 368–381. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

Download references

Acknowledgments

The authors would like to thank the anonymous referees for their valuable comments on improving the presentation and clarity of this paper. We thank Rebecca Wright for having co-invented the concept of having anonymous communication allowing a receiver to reply anonymously to the sender. The authors would also like to thank Juan Garay and Amos Beimel for expressing their interests in PSMT in which one cannot trust the equipment used by the receiver.

Author information

Authors and Affiliations

  1. Department of Computer Science, The University of Texas at Dallas, Richardson, USA

    Yvo Desmedt & Stelios Erotokritou

  2. Department of Computer Science, University College London, London, UK

    Yvo Desmedt

  3. CaSToRC, The Cyprus Institute, Nicosia, Cyprus

    Stelios Erotokritou

Authors
  1. Yvo Desmedt
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Stelios Erotokritou
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yvo Desmedt .

Editor information

Editors and Affiliations

  1. Bern University of Applied Sciences, Biel, Switzerland

    Rolf Haenni

  2. Bern University of Applied Sciences, Biel, Switzerland

    Reto E. Koenig

  3. Royal Institute of Technology, Stockholm, Sweden

    Douglas Wikström

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Desmedt, Y., Erotokritou, S. (2015). Making Code Voting Secure Against Insider Threats Using Unconditionally Secure MIX Schemes and Human PSMT Protocols. In: Haenni, R., Koenig, R., Wikström, D. (eds) E-Voting and Identity. Vote-ID 2015. Lecture Notes in Computer Science(), vol 9269. Springer, Cham. https://doi.org/10.1007/978-3-319-22270-7_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-22270-7_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-22269-1

  • Online ISBN: 978-3-319-22270-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation