Paper 2024/926

Verifiable and Private Vote-by-Mail

Henri Devillez, UCLouvain
Olivier Pereira, UCLouvain, Microsoft Research (Redmond)
Thomas Peters, UCLouvain
Abstract

Vote-by-mail is increasingly used in Europe and worldwide for government elections. Nevertheless, very few attempts have been made towards the design of verifiable vote-by-mail, and none of them come with a rigorous security analysis. Furthermore, the ballot privacy of the currently deployed (non-verifiable) vote-by-mail systems relies on procedural means that a single malicious operator can bypass. We propose a verifiable vote-by-mail system that can accommodate the constraints of many of the large ballots that are common in Europe. Verifiability and privacy hold unless multiple system components collude to cheat on top of the postal channel. These security notions are expressed and analyzed in the simplified UC security framework. Our vote-by-mail system only makes limited requirements on the voters: voters can verify their vote by copying and comparing short strings and verifying the computation of a single hash on a short input, and they can vote normally if they want to ignore the verification steps completely. Our system also relies on common cryptographic components, all available in the ElectionGuard verifiable voting SDK for instance, which limits the risks of errors in the implementation of the cryptographic aspects of the system.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint.
Keywords
vote-by-mailpostal votingvotinguniversal composability
Contact author(s)
henri devillez @ uclouvain be
olivier pereira @ uclouvain be
thomas peters @ uclouvain be
History
2024-06-12: approved
2024-06-10: received
See all versions
Short URL
https://ia.cr/2024/926
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2024/926,
      author = {Henri Devillez and Olivier Pereira and Thomas Peters},
      title = {Verifiable and Private Vote-by-Mail},
      howpublished = {Cryptology ePrint Archive, Paper 2024/926},
      year = {2024},
      note = {\url{https://eprint.iacr.org/2024/926}},
      url = {https://eprint.iacr.org/2024/926}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.