You are looking at a specific version 20170213:132559 of this paper. See the latest version.

Paper 2015/233

Election Verifiability: Cryptographic Definitions and an Analysis of Helios, Helios-C, and JCJ

Ben Smyth and Steven Frink and Michael R. Clarkson

Abstract

Election verifiability is defined in the computational model of cryptography. The definition formalizes notions of voters verifying their own votes, auditors verifying the tally of votes, and auditors verifying that only eligible voters vote. The Helios (Adida et al., 2009), Helios-C (Cortier et al., 2014) and JCJ (Juels et al., 2010) election schemes are analyzed using the definition. Neither Helios nor Helios-C satisfy the definition because they do not ensure that recorded ballots are tallied in certain cases when the adversary posts malicious material on the bulletin board. A variant of Helios is proposed and shown to satisfy the definition. JCJ similarly does not ensure that recorded ballots are tallied in certain cases. Moreover, JCJ does not ensure that only eligible voters vote, due to a trust assumption it makes. A variant of JCJ is proposed and shown to satisfy a weakened definition that incorporates the trust assumption. Two previous definitions of verifiability (Juels et al., 2010; Cortier et al., 2014) are shown to permit election schemes vulnerable to attacks, whereas the new definition prohibits those schemes. And a relationship between the new definition and global verifiability (Küsters et al., 2010) is shown.

Metadata
Available format(s)
PDF
Category
Foundations
Publication info
Preprint. MINOR revision.
Keywords
election schemesindividual verifiabilityuniversal verifiabilityeligibility verifiabilityHeliosHelios-CJCJcollusion attackauthenticationapplied cryptography
Contact author(s)
huawei @ bensmyth com
History
2021-04-11: last of 10 revisions
2015-03-12: received
See all versions
Short URL
https://ia.cr/2015/233
License
Creative Commons Attribution
CC BY
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.