owned this note changed 2 years ago
Published Linked with GitHub

tags: Reading sessions

2013

https://fc23.ifca.ai/voting/program.html

Private Internet Voting on Untrusted Voting Devices

  • By Rolf Haenni and Reto E. Koenig and Philipp Locher
  • [LH] The paper proposes a new card-based voting protocol whereby a vote is cast by scanning a QR code on the back of the corresponding card. Votes are confirmed using the same procedure with a single confirmation card. This is to avoid having a complex voting client and rely on what voters are familiar with (QR codes). The paper also aims to "achieve privacy on untrusted voting clients", although it is not very clear how this is achieved. The actual protocol uses ElGamal ciphertexts, verifiable mixing and also BLS signatures (the latter to prevent ballot stuffing). At least one election authority must be honest. Security is discussed informally under the model of covert security: corrupt parties are only cheating as long as the cheating remains undetectable and therefore has no consequences. A formal security proof is not included.
tags:

Coercion-Resistant Cast-as-Intended Verifiability for Computationally Limited Voters

  • By Tamara Finogina and Javier Herranz
  • [LH] The paper aims to propose new definitions to capture coercion-resistance and cast-as-intended without requiring voters to perform expensive cryptographic operations. The voters are assumed to only be able to generate, remember and compare strings of numbers. The idea is to employ a trusted external device OED for string generation that participates in the protocol honestly and only when the voter wants it to. When the voter casts their vote, the voting device VD generates an ElGamal ciphertext and an OR ZKP to prove it encrypts a correct voting option. The ZKP is generated in stages the VD shows the voter some hashes to be memorised, then the voter must press a button on the OED to generate a token. The token is used as input for another hash function. Anyone can verify the OR ZKP, but only the voter can ensure it is consistent with the memorized values.
  • The paper argues the protocol achieves cast-as-intended and coercion resistance, although the definition of coercion resistance seems quite restrictive, e.g. the coercer cannot prevent a voter from pressing the button on the OED in their definition. Their protocol also only covers casting a vote, and not tallying the votes.
  • The authors also consider removing the trusted OED. The voter could generate a random token on their own, but the authors argue it would allow for coercion (the token could be computed deterministically from the first hash in the protocol). Interestingly, the authors claim that a trusted device is necessary for coercion-resistance and cast-as-intended for voters who are computationally limited. They give an informal argument but no formal proof.
tags:
Select a repo