Cryptology ePrint Archive: Report 2020/109

Fixing the Achilles Heel of E-Voting: The Bulletin Board

Lucca Hirschi and Lara Schmid and David Basin

Abstract: The results of electronic elections should be verifiable so that any cheating is detected. To support this, many protocols employ an electronic bulletin board (BB) for publishing data that can be read by participants and used for verifiability checks. We demonstrate that the BB is itself a security-critical component that has often been treated too casually in previous designs and analyses. In particular, we present novel attacks on the e-voting protocols Belenios, Civitas, and Helios that violate some of their central security claims under realistic system assumptions. These attacks were outside the scope of prior security analyses as their verifiability notions assume an idealized BB.

To enable the analysis of protocols under realistic assumptions about the BB, we introduce a new verifiability definition applicable to arbitrary BBs. We identify a requirement, called final-agreement, and formally prove that it is sufficient and, in most cases, necessary to achieve verifiability. We then propose a BB protocol that satisfies final-agreement under weak, realistic trust assumptions and provide a machine-checked proof thereof. Our protocol can replace existing BBs, enabling verifiability under much weaker trust assumptions.

Category / Keywords: cryptographic protocols / e-voting, verifiability, formal methods, bulletin board, attacks

Original Publication (with minor differences): IEEE Computer Security Foundations Symposium 2021

Date: received 3 Feb 2020, last revised 2 Feb 2021

Contact author: lucca hirschi at inria fr

Available format(s): PDF | BibTeX Citation

Note: For reproducibility, our machine-checked proofs are available at

Version: 20210202:110530 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]