Paper 2015/942

Ballot secrecy: Security definition, sufficient conditions, and analysis of Helios

Ben Smyth
Abstract

We propose a definition of ballot secrecy as an indistinguishability game in the computational model of cryptography. Our definition improves upon earlier definitions to ensure ballot secrecy is preserved in the presence of an adversary that controls ballot collection. We also propose a definition of ballot independence as an adaptation of an indistinguishability game for asymmetric encryption. We prove relations between our definitions. In particular, we prove ballot independence is sufficient for ballot secrecy in voting systems with zero-knowledge tallying proofs. Moreover, we prove that building systems from non-malleable asymmetric encryption schemes suffices for ballot secrecy, thereby eliminating the expense of ballot-secrecy proofs for a class of encryption-based voting systems. We demonstrate applicability of our results by analysing the Helios voting system and its mixnet variant. Our analysis reveals that Helios does not satisfy ballot secrecy in the presence of an adversary that controls ballot collection. The vulnerability cannot be detected by earlier definitions of ballot secrecy, because they do not consider such adversaries. We adopt non-malleable ballots as a fix and prove that the fixed system satisfies ballot secrecy.

Metadata
Available format(s)
PDF
Category
Foundations
Publication info
Published elsewhere. Minor revision. Journal of Computer Security
Keywords
anonymityelection schemesfoundationsHeliosindependencenon-malleabilityprivacypublic-key cryptographysecrecyvoting
Contact author(s)
www @ bensmyth com
History
2024-12-07: last of 15 revisions
2015-09-28: received
See all versions
Short URL
https://ia.cr/2015/942
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/942,
      author = {Ben Smyth},
      title = {Ballot secrecy: Security definition, sufficient conditions, and analysis of Helios},
      howpublished = {Cryptology {ePrint} Archive, Paper 2015/942},
      year = {2015},
      url = {https://eprint.iacr.org/2015/942}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.