A first contribution of this paper is to describe and characterize a new and strengthened adversary for coercion in elections. (In doing so, we additionally present what we believe to be the first formal security definitions for electronic elections of _any_ type.) A second contribution is to demonstrate a protocol that is secure against this adversary. While it is clear that a strengthening of attack models is of theoretical relevance, it is important to note that our results lie close to practicality. This is true both in that we model real-life threats (such as vote-buying and vote-cancelling), and in that our proposed protocol combines a fair degree of efficiency with an unusual lack of structural complexity. Furthermore, while previous schemes have required use of an untappable channel, ours only carries the much more practical requirement of an anonymous channel.
Category / Keywords: coercion-resistance, electronic voting, mix networks, receipt-free Date: received 5 Nov 2002, last revised 4 Nov 2004 Contact author: ajuels at rsasecurity com Available format(s): PDF | BibTeX Citation Version: 20041105:030639 (All versions of this report) Short URL: ia.cr/2002/165 Discussion forum: Show discussion | Start new discussion