Paper 2012/236

On Necessary and Sufficient Conditions for Private Ballot Submission

D. Bernhard, O. Pereira, and B. Warinschi


We exhibit the precise security guarantees that a public key encryption scheme needs to satisfy to guarantee ballot privacy when used in a large class of voting systems. We also identify new security notions for public key encryption that characterize the number of times that a public key can be used in different elections, and show that the most common ballot preparation approach that consists in encrypting the vote and adding a NIZK proof of its validity is sound, even without hardwiring the voter identity in the proof. Our results provide important steps towards proving the privacy of the ballot submission procedure in the widely deployed Helios voting system.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Unknown where it was published
Contact author(s)
olivier pereira @ uclouvain be
2012-04-30: received
Short URL
Creative Commons Attribution


      author = {D.  Bernhard and O.  Pereira and B.  Warinschi},
      title = {On Necessary and Sufficient Conditions for Private Ballot Submission},
      howpublished = {Cryptology ePrint Archive, Paper 2012/236},
      year = {2012},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.