Paper 2018/246

Universally Verifiable MPC with Applications to IRV Ballot Counting

Chris Culnane, Olivier Pereira, Kim Ramchen, and Vanessa Teague


We present a very simple universally verifiable MPC protocol. The first component is a threshold somewhat homomorphic cryptosystem that permits an arbitrary number of additions (in the source group), followed by a single multiplication, followed by an arbitrary number of additions in the target group. The second component is a black-box construction of universally verifiable distributed encryption switching between any public key encryption schemes supporting shared setup and key generation phases, as long as the schemes satisfy some natural additive-homomorphic properties. This allows us to switch back from the target group to the source group, and hence perform an arbitrary number of multiplications. The key generation algorithm of our prototypical cryptosystem, which is based upon concurrent verifiable secret sharing, permits robust re-construction of powers of a shared secret. We demonstrate the scalability of distribution switching as a viable approach to secure vote tallying by implementing a private verifiable form of Instant Runoff Voting on real Australian election data comprising 40,000 votes.

Available format(s)
Publication info
Preprint. MINOR revision.
Contact author(s)
kim ramchen @ unimelb edu au
2018-03-07: received
Short URL
Creative Commons Attribution


      author = {Chris Culnane and Olivier Pereira and Kim Ramchen and Vanessa Teague},
      title = {Universally Verifiable MPC with Applications to IRV Ballot Counting},
      howpublished = {Cryptology ePrint Archive, Paper 2018/246},
      year = {2018},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.