Cryptology ePrint Archive: Report 2020/1477

Machine-checking the universal verifiability of ElectionGuard

Thomas Haines and Rajeev Gore and Jack Stodart

Abstract: ElectionGuard is an open source set of software components and specifications from Microsoft designed to allow the modification of a number of different e-voting protocols and products to produce public evidence (transcripts) which anyone can verify. The software uses ElGamal, homomorphic tallying and sigma protocols to enable public scrutiny without adversely affecting privacy. Some components have been formally verified (machine-checked) to be free of certain software bugs but there was no formal verification of their cryptographic security. Here, we present a machine-checked proof of the verifiability guarantees of the transcripts produced and verified according to the ElectionGuard specification. We have also extracted an executable version of the verifier specification, which we proved to be secure, and used it to verify election transcripts produced by ElectionGuard. Our results show that our implementation is of similar efficiency to existing implementations.

Category / Keywords: implementation / secure voting, machine checked

Original Publication (in the same form): The 25th Nordic Conference on Secure IT Systems (Nordsec 2020)

Date: received 24 Nov 2020

Contact author: haines3163 at yahoo com au

Available format(s): PDF | BibTeX Citation

Version: 20201124:150655 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]