Paper 2018/017

Verifiability of Helios Mixnet

Ben Smyth


We study game-based definitions of individual and universal verifiability by Smyth, Frink & Clarkson. We prove that building voting systems from El Gamal coupled with proofs of correct key generation suffices for individual verifiability. We also prove that it suffices for an aspect of universal verifiability. Thereby eliminating the expense of individual-verifiability proofs and simplifying universal-verifiability proofs for a class of encryption-based voting systems. We use the definitions of individual and universal verifiability to analyse the mixnet variant of Helios. Our analysis reveals that universal verifiability is not satisfied by implementations using the weak Fiat-Shamir transformation. Moreover, we prove that individual and universal verifiability are satisfied when statements are included in hashes (i.e., when using the Fiat-Shamir transformation, rather than the weak Fiat-Shamir transformation).

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Major revision. Voting'18: 3rd Workshop on Advances in Secure Electronic Voting
election schemesverifiability
Contact author(s)
research @ bensmyth com
2018-08-31: last of 4 revisions
2018-01-04: received
See all versions
Short URL
Creative Commons Attribution


      author = {Ben Smyth},
      title = {Verifiability of Helios Mixnet},
      howpublished = {Cryptology ePrint Archive, Paper 2018/017},
      year = {2018},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.