Stamp-It: A Method for Enhancing the Universal Verifiability of E2E Voting Systems
Existing proposals for end-to-end independently-verifiable (E2E) voting systems require that voters check the presence of a “receipt” on a secure bulletin board. The tally is then computed from all the receipts. Anyone can determine that the computation is correct—that is, the computation of the tally from the receipts is universally-verifiable. The fraud detection probability depends on the number of voters checking their receipts and the number of votes modified. This paper proposes an enhancement, Stamp-It, that does not require voters to check published receipts. It allows anyone to determine whether the tally is correctly computed, with probability independent of the number of voters who checked their receipt, extending the universal verifiability of the process. It does not require any additional computations to be performed during the election, and is hence very well-suited for use with the paper-ballot-based E2E systems. Finally, as an add-on, the enhancement does not degrade the original scheme.
KeywordsHash Function Vote System Random Oracle Bulletin Board Vote Protocol
Unable to display preview. Download preview PDF.
- 1.Adida, B., deMarneffe, O., Pereira, O., Quisquater, J.-J.: Electing a university president using open-audit voting: Analysis of real-world use of helios. In: IAVoSS Workshop On Trustworthy Elections (WOTE 2009), Montreal, Canada (August 2009)Google Scholar
- 2.Benaloh, J.: Simple verifiable elections. In: Proceedings of the USENIX/Accurate Electronic Voting Technology Workshop 2006 on Electronic Voting Technology Workshop, EVT 2006, p. 5. USENIX Association, Berkeley (2006)Google Scholar
- 3.Carback, R., Chaum, D., Clark, J., Conway, J., Essex, A., Herrnson, P.S., Mayberry, T., Popoveniuc, S., Rivest, R.L., Shen, E., Sherman, A.T., Vora, P.L.: Scantegrity II Municipal Election at Takoma Park: The First E2E Binding Governmental Election with Ballot Privacy. In: Proceedings of the 19th USENIX Security Symposium (August 2010)Google Scholar
- 4.Chaum, D.: Secret-ballot receipts: True voter-verifiable elections. IEEE Security and Privacy, 38–47 (January/February 2004)Google Scholar
- 5.Chaum, D., Carback, R., Clark, J., Essex, A., Popoveniuc, S., Rivest, R.L., Ryan, P.Y.A., Shen, E., Sherman, A.T.: Scantegrity II: End-to-end verifiability for optical scan election systems using invisible ink confirmation codes. In: Proceedings of the USENIX/Accurate Electronic Voting Technology Workshop, EVT 2007. USENIX Association (2008)Google Scholar
- 7.Andrew Neff, C.: Practical high certainty intent verification for encrypted votes (2004), http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.134.1006&rep=rep1&type=pdf
- 8.Popoveniuc, S., Hosp, B.: An introduction to PunchScan. In: IAVoSS Workshop On Trustworthy Elections (WOTE 2006), Robinson College, Cambridge UK (June 2006)Google Scholar
- 9.Popoveniuc, S., Vora, P.: A framework for secure electronic voting. In: IAVoSS Workshop On Trustworthy Elections (WOTE 2008), Katholieke Universiteit, Leuven, Belgium (July 2008)Google Scholar
- 10.Sandler, D., Derr, K., Wallach, D.S.: Votebox: a tamper-evident, verifiable electronic voting system. In: Proceedings of the 17th USENIX Security Symposium, SS 2008, pp. 349–364. USENIX Association, Berkeley (2008)Google Scholar