Cryptology ePrint Archive: Report 2016/690

When Are Three Voters Enough for Privacy Properties?

Myrto Arapinis and Véronique Cortier and Steve Kremer

Abstract: Protocols for secure electronic voting are of increasing societal importance. Proving rigorously their security is more challenging than many other protocols, which aim at authentication or key exchange. One of the reasons is that they need to be secure for an arbitrary number of malicious voters. In this paper we identify a class of voting protocols for which only a small number of agents needs to be considered: if there is an attack on vote privacy then there is also an attack that involves at most 3 voters (2 honest voters and 1 dishonest voter). In the case where the protocol allows a voter to cast several votes and counts, e.g., only the last one, we also reduce the number of ballots required for an attack to 10, and under some additional hypotheses, 7 ballots. Our results are formalised and proven in a symbolic model based on the applied pi calculus. We illustrate the applicability of our results on several case studies, including different versions of Helios and Prêt-à-Voter, as well as the JCJ protocol. For some of these protocols we can use the ProVerif tool to provide the first formal proofs of privacy for an unbounded number of voters

Category / Keywords: cryptographic protocols / secure electronic voting, security verification, vote privacy, formal security methods

Original Publication (with major differences): ESORICS 2016

Date: received 11 Jul 2016

Contact author: marapini at inf ed ac uk

Available format(s): PDF | BibTeX Citation

Version: 20160713:134141 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]