Paper 2020/1406

How not to VoteAgain: Pitfalls of Scalable Coercion-Resistant E-Voting

Johannes Mueller

Abstract

Designing secure e-voting systems is notoriously hard, and this is even more the case when coercion-resistance comes into play. Recently, Lueks, Querejeta-Azurmendi, and Troncoso proposed VoteAgain (Usenix Security 2020) which aims to provide coercion-resistance for real practical elections where usability and efficiency are particularly important. To this end, VoteAgain is based on the re-voting paradigm to protect voters against coercion, and it employs a novel tallying mechanism with quasilinear complexity to achieve high efficiency. In this paper, we revisit VoteAgain from a security perspective. We show that for each security property, i.e., ballot privacy, verifiability, and coercion-resistance, there exists (at least) one attack which breaks the respective property under the trust assumptions for which the property was claimed to hold true. But our results are even more disillusioning: first, there exists a voting authority in VoteAgain which needs to be trusted for all security properties; second, all voting authorities in VoteAgain need to be trusted for coercion-resistance. It will be interesting and challenging future work to mitigate, or even remove, these undesirably strong trust assumptions without affecting the usability and superior efficiency of VoteAgain.