Cryptology ePrint Archive: Report 2015/942

Secrecy and independence for election schemes

Ben Smyth

Abstract: We study ballot secrecy and ballot independence for election schemes. First, we propose a definition of ballot secrecy as an indistinguishability game in the computational model of cryptography. Our definition builds upon and strengthens earlier definitions to ensure that ballot secrecy is preserved in the presence of an adversary that controls the bulletin board and communication channel. Secondly, we propose a definition of ballot independence as an adaptation of a non-malleability definition for asymmetric encryption. We also provide a simpler, equivalent definition as an indistinguishability game. Thirdly, we prove relations between our definitions. In particular, we prove that ballot independence is necessary in election schemes satisfying ballot secrecy. And that ballot independence is sufficient for ballot secrecy in election schemes with zero-knowledge tallying proofs. Fourthly, we demonstrate the applicability of our results by analysing Helios. Our analysis identifies a new attack against Helios, which enables an adversary to determine if a voter did not vote for a candidate chosen by the adversary. The attack requires the adversary to control the bulletin board or communication channel, thus, it could not have been detected by earlier definitions of ballot secrecy. Finally, we prove that ballot secrecy is satisfied by a variant of Helios that uses non-malleable ballots.

Category / Keywords: foundations / anonymity, election schemes, foundations, Helios, independence, non-malleability, privacy, public-key cryptography, secrecy, voting

Date: received 26 Sep 2015, last revised 15 Sep 2017

Contact author: research at bensmyth com

Available format(s): PDF | BibTeX Citation

Version: 20170915:140446 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]