Cryptology ePrint Archive: Report 2013/276

Towards a Practical Cryptographic Voting Scheme Based on Malleable Proofs

David Bernhard and Stephan Neumann and Melanie Volkamer

Abstract: Mixnets are one of the main approaches to deploy secret and verifiable electronic elections. General-purpose verifiable mixnets however suffer from the drawback that the amount of data to be verified by observers increases linearly with the number of involved mix nodes, the number of decryptors, and the number of voters. Chase et al. proposed a verifiable mixnet at Eurocrypt 2012 based on so-called \emph{malleable proofs} - proofs that do not increase with the number of mix nodes. In work published at PKC 2013, the same authors adapted malleable proofs to verifiable distributed decryption, resulting in a cryptographic voting scheme. As a result, the amount of data to be verified only increases linearly with the number of voters. However, their scheme leaves several questions open which we address in this paper: As a first contribution, we adapt a multi-party computation protocol to build a distributed key generation protocol for the encryption scheme underlying their voting scheme. As a second contribution, we decompress their abstract scheme description, identify elementary operations, and count the number of such operations required for mixing and verification. Based on timings for elementary operations, we extrapolate the running times of the mixing and verification processes, allowing us to assess the feasibility of their scheme. For the German case, we conclude that the replacement of postal voting by cryptographic voting based on malleable proofs is feasible on an electoral district level.

Category / Keywords: implementation / Malleable Proofs, Distributed Key Generation, Performance

Publication Info: Vote-ID 2013

Date: received 13 May 2013

Contact author: bernhard at cs bris ac uk

Available format(s): PDF | BibTeX Citation

Note: Full version of the paper to be published; includes appendices.

Version: 20130516:130618 (All versions of this report)

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]