Paper 2007/287

The Effectiveness of Receipt-Based Attacks on ThreeBallot

Kevin Henry, Douglas R. Stinson, and Jiayuan Sui

Abstract

The ThreeBallot voting system is an end-to-end (E2E) voter-verifiable voting system. Each voter fills out three ballots according to a few simple rules and takes a copy of one of them home as a receipt for verification purposes. All ballots are posted on a public bulletin board so that any voter may verify the result. In this paper we investigate the effectiveness of attacks using the voter's receipt and the bulletin board. Focusing on two-candidate races, we determine thresholds for when the voter's vote can be reconstructed from a receipt, and when a coercer can effectively verify if a voter followed instructions by looking for pre-specified patterns on the bulletin board. Combining these two results allows us to determine safe ballot sizes that resist known attacks. We also generalize a previous observation that an individual receipt can leak information about a voter's choices.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Published elsewhere. Unknown where it was published
Keywords
votingreceipt-basedattack
Contact author(s)
k2henry @ cs uwaterloo ca
History
2008-02-04: last of 2 revisions
2007-08-07: received
See all versions
Short URL
https://ia.cr/2007/287
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2007/287,
      author = {Kevin Henry and Douglas R.  Stinson and Jiayuan Sui},
      title = {The Effectiveness of Receipt-Based Attacks on {ThreeBallot}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2007/287},
      year = {2007},
      url = {https://eprint.iacr.org/2007/287}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.