Scaling Privacy Guarantees in Code-Verification Elections

  • Aggelos Kiayias
  • Anthi Orfanou
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7985)


Preventing the corruption of the voting platform is a major issue for any e-voting scheme. To address this, a number of recent protocols enable voters to validate the operation of their platform by utilizing a platform independent feedback: the voting system reaches out to the voter to convince her that the vote was cast as intended. This poses two major problems: first, the system should not learn the actual vote; second, the voter should be able to validate the system’s response without performing a mathematically complex protocol (we call this property “human verifiability”). Current solutions with convincing privacy guarantees suffer from trust scalability problems: either a small coalition of servers can entirely break privacy or the platform has a secret key which prevents the privacy from being breached. In this work we demonstrate how it is possible to provide better trust distribution without platform side secrets by increasing the number of feedback messages back to the voter. The main challenge of our approach is to maintain human verifiability: to solve this we provide new techniques that are based on either simple mathematical calculations or a novel visual cryptography technique that we call visual sharing of shape descriptions, which may be of independent interest.


Electronic voting elections integrity visual cryptography 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Bayer, S., Groth, J.: Efficient zero-knowledge argument for correctness of a shuffle. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 263–280. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  2. 2.
    Boneh, D., Golle, P.: Almost entirely correct mixing with applications to voting. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, CCS 2002, pp. 68–77. ACM, New York (2002)Google Scholar
  3. 3.
    Chaabouni, R., Lipmaa, H., Shelat, A.: Additive combinatorics and discrete logarithm based range protocols. In: Steinfeld, R., Hawkes, P. (eds.) ACISP 2010. LNCS, vol. 6168, pp. 336–351. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  4. 4.
    Chaum, D.: Surevote. International patent WO 01/55940 A1 (2001)Google Scholar
  5. 5.
    Chaum, D.: Secret-ballot receipts: True voter-verifiable elections. IEEE Security & Privacy 2(1), 38–47 (2004)CrossRefGoogle Scholar
  6. 6.
    Cramer, R., Damgård, I., Schoenmakers, B.: Proofs of partial knowledge and simplified design of witness hiding protocols. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 174–187. Springer, Heidelberg (1994)Google Scholar
  7. 7.
    Cramer, R., Gennaro, R., Schoenmakers, B.: A secure and optimally efficient multi-authority election scheme. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 103–118. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  8. 8.
    Fiat, A., Shamir, A.: How to prove yourself: Practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987)Google Scholar
  9. 9.
    Gjøsteen, K.: Analysis internet voting protocol. Technical Report (2010),
  10. 10.
    Gjøsteen, K.: Analysis of an internet voting protocol. IACR Cryptology ePrint Archive 2010:380 (2010)Google Scholar
  11. 11.
    Gjøsteen, K.: The norwegian internet voting protocol. In: Kiayias, A., Lipmaa, H. (eds.) VoteID 2011. LNCS, vol. 7187, pp. 1–18. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  12. 12.
    Groth, J.: A verifiable secret shuffle of homomorphic encryptions. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 145–160. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  13. 13.
    Heather, J., Ryan, P.Y.A., Teague, V.: Pretty good democracy for more expressive voting schemes. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 405–423. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  14. 14.
    Heiberg, S., Lipmaa, H., van Laenen, F.: On E-vote integrity in the case of malicious voter computers. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 373–388. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  15. 15.
    Jakobsson, M., Juels, A., Rivest, R.L.: Making mix nets robust for electronic voting by randomized partial checking. In: Proceedings of the 11th USENIX Security Symposium, pp. 339–353. USENIX Association, Berkeley (2002)Google Scholar
  16. 16.
    Lipmaa, H.: Two simple code-verification voting protocols. IACR Cryptology ePrint Archive, 2011:317 (2011)Google Scholar
  17. 17.
    Lipmaa, H., Asokan, N., Niemi, V.: Secure vickrey auctions without threshold trust. In: Blaze, M. (ed.) FC 2002. LNCS, vol. 2357, pp. 87–101. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  18. 18.
    Mao, W.: Guaranteed correct sharing of integer factorization with off-line shareholders. In: Imai, H., Zheng, Y. (eds.) PKC 1998. LNCS, vol. 1431, pp. 60–71. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  19. 19.
    Naor, M., Shamir, A.: Visual cryptography. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 1–12. Springer, Heidelberg (1995)CrossRefGoogle Scholar
  20. 20.
    Andrew Neff, C.: A verifiable secret shuffle and its application to e-voting. In: Proceedings of the 8th ACM Conference on Computer and Communications Security, CCS 2001, pp. 116–125. ACM, New York (2001)Google Scholar
  21. 21.
    Pedersen, T.P.: Non-interactive and information-theoretic secure verifiable secret sharing. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 129–140. Springer, Heidelberg (1992)Google Scholar
  22. 22.
    Ryan, P.Y.A.: A variant of the chaum voter-verifiable scheme. In: WITS, pp. 81–88 (2005)Google Scholar
  23. 23.
    Ryan, P.Y.A., Teague, V.: Pretty good democracy. In: Christianson, B., Malcolm, J.A., Matyáš, V., Roe, M. (eds.) Security Protocols 2009. LNCS, vol. 7028, pp. 111–130. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  24. 24.
    Schnorr, C.-P.: Efficient identification and signatures for smart cards. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 239–252. Springer, Heidelberg (1990)Google Scholar
  25. 25.
    Verheul, E.R., Van Tilborg, H.C.A.: Constructions and properties of k out of nvisual secret sharing schemes. Des. Codes Cryptography 11(2), 179–196 (1997)zbMATHCrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Aggelos Kiayias
    • 1
  • Anthi Orfanou
    • 2
  1. 1.National and Kapodistrian University of AthensAthensGreece
  2. 2.Columbia UniversityNew YorkUSA

Personalised recommendations