Cryptology ePrint Archive: Report 2007/287

The Effectiveness of Receipt-Based Attacks on ThreeBallot

Kevin Henry and Douglas R. Stinson and Jiayuan Sui

Abstract: The ThreeBallot voting system is an end-to-end (E2E) voter-verifiable voting system. Each voter fills out three ballots according to a few simple rules and takes a copy of one of them home as a receipt for verification purposes. All ballots are posted on a public bulletin board so that any voter may verify the result. In this paper we investigate the effectiveness of attacks using the voter's receipt and the bulletin board. Focusing on two-candidate races, we determine thresholds for when the voter's vote can be reconstructed from a receipt, and when a coercer can effectively verify if a voter followed instructions by looking for pre-specified patterns on the bulletin board. Combining these two results allows us to determine safe ballot sizes that resist known attacks. We also generalize a previous observation that an individual receipt can leak information about a voter's choices.

Category / Keywords: applications / voting, receipt-based, attack

Date: received 26 Jul 2007, last revised 3 Feb 2008

Contact author: k2henry at cs uwaterloo ca

Available format(s): PDF | BibTeX Citation

Version: 20080204:055543 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]