Cryptology ePrint Archive: Report 2015/233
Election Verifiability: Cryptographic Definitions and an Analysis of Helios, Helios-C, and JCJ
Ben Smyth and Steven Frink and Michael R. Clarkson
Abstract: Election verifiability is defined in the computational
model of cryptography. The definition formalizes
notions of voters verifying their own votes, auditors
verifying the tally of votes, and auditors verifying that
only eligible voters vote.
The Helios (Adida et al., 2009), Helios-C (Cortier et al., 2014) and
JCJ (Juels et al., 2010) election schemes are analyzed using the definition.
Neither Helios nor Helios-C satisfy the definition
because they do not ensure that recorded ballots are
tallied in certain cases when the adversary posts malicious material on the bulletin board.
A variant of Helios is proposed and shown to satisfy the definition.
JCJ similarly does not ensure that recorded ballots are tallied in certain cases.
Moreover, JCJ does not ensure that only eligible voters vote, due to a trust assumption it makes.
A variant of JCJ is proposed and shown to satisfy a weakened definition
that incorporates the trust assumption.
Two previous definitions of verifiability (Juels et al., 2010; Cortier et al., 2014)
are shown to permit election schemes vulnerable to attacks, whereas the new definition
prohibits those schemes.
And a relationship between the new definition and global verifiability (Küsters et al., 2010) is shown.
Category / Keywords: foundations / election schemes; individual verifiability; universal verifiability; eligibility verifiability; Helios; Helios-C; JCJ; collusion attack; authentication; applied cryptography
Date: received 11 Mar 2015, last revised 13 Feb 2017
Contact author: huawei at bensmyth com
Available format(s): PDF | BibTeX Citation
Version: 20170213:132559 (All versions of this report)
Short URL: ia.cr/2015/233
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]