Paper 2017/081

Estonian Voting Verification Mechanism Revisited Again

Ivo Kubjas, Tiit Pikma, and Jan Willemson

Abstract

Recently, Mus, Kiraz, Cenk and Sertkaya proposed an improvement over the present Estonian Internet voting vote verification. This paper points to the weaknesses and questionable design choices of the new scheme. We show that the scheme does not fix the vote privacy issue it claims to. It also introduces a way for a malicious voting application to manipulate the vote without being detected by the verification mechanism, hence breaking the cast-as-intended property. As a solution, we propose modifying the protocol of Mus et al. slightly and argue for improvement of the security guarantees. However, there is inherent drop in usability in the protocol as proposed by Mus et al., and this issue will also remain in our improved protocol.

Note: An improved version of the proposed verification protocol.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Accepted to E-Vote-ID 2017
Keywords
Electronic votingvote verification
Contact author(s)
jan willemson @ gmail com
History
2017-07-26: last of 4 revisions
2017-02-06: received
See all versions
Short URL
https://ia.cr/2017/081
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2017/081,
      author = {Ivo Kubjas and Tiit Pikma and Jan Willemson},
      title = {Estonian Voting Verification Mechanism Revisited Again},
      howpublished = {Cryptology ePrint Archive, Paper 2017/081},
      year = {2017},
      note = {\url{https://eprint.iacr.org/2017/081}},
      url = {https://eprint.iacr.org/2017/081}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.