Abstract
In most verifiable electronic voting schemes, one key step is the tally phase, where the election result is computed from the encrypted ballots. A generic technique consists in first applying (verifiable) mixnets to the ballots and then revealing all the votes in the clear. This however discloses much more information than the result of the election itself (that is, the winners, plus possibly some information required by law) and may offer the possibility to coerce voters.
In this paper, we present a collection of building blocks for designing tally-hiding schemes based on multi-party computations. From these building blocks, we design a fully tally-hiding scheme for Condorcet elections. Our implementation shows that the approach is practical, at least for medium-size elections. Similarly, we provide the first tally-hiding schemes with no leakage for three important counting functions: D’Hondt, STV, and Majority Judgment. We prove that they can be used to design a private and verifiable voting scheme. We also unveil unknown flaws or leakage in some previously proposed tally-hiding schemes.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Condorcet Internet Voting Service (CIVS). https://civs.cs.cornell.edu/
The Guardian, 30 January. https://www.theguardian.com/world/2022/jan/30/peoples-primary-backs-as-taubira-as-unity-candidate-of-french-left
NSWEC - Election results. NSW Electoral Commision. https://pastvtr.elections.nsw.gov.au/SG1901/LC/State/preferences
Source code of prototype implementation of Section 3. https://gitlab.inria.fr/gaudry/THproto
Ubuntu IRC council position. https://lists.ubuntu.com/archives/ubuntu-irc/2012-May/001538.html
Adida, B.: Helios: Web-based Open-Audit Voting. In: USENIX (2008)
Balinski, M., Laraki, R.: Majority Judgment: Measuring Ranking and Electing. MIT Press (2010)
Bar-Ilan, J., Beaver, D.: Non-cryptographic fault-tolerant computing in constant number of rounds of interaction. In: PODC. ACM (1989)
Benaloh, J., Moran, T., Naish, L., Ramchen, K., Teague, V.: Shuffle-Sum: coercion-resistant verifiable tallying for STV voting. IEEE Trans. Inf. Forensics Secur. 4, 685–698 (2010)
Brent, R., Kung, H.: A regular layout for parallel adders. IEEE Trans. Comput. C-31(3), 260–264 (1982)
Bünz, B., Bootle, J., Boneh, D., Poelstra, A., Wuille, P., Maxwell, G.: Bulletproofs: Short Proofs for Confidential Transactions and More. In: S &P 2018 (2018)
Canard, S., Pointcheval, D., Santos, Q., Traoré, J.: Practical strategy-resistant privacy-preserving elections. In: Lopez, J., Zhou, J., Soriano, M. (eds.) ESORICS 2018. LNCS, vol. 11099, pp. 331–349. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-98989-1_17
Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. In: FOCS (2001)
Canetti, R., Cohen, A., Lindell, Y.: A simpler variant of universally composable security for standard multiparty computation. In: CRYPTO (2015)
Clarkson, M.R., Chong, S., Myers, A.C.: Civitas: toward a Secure Voting System. In: S &P (2008)
Cortier, V., Galindo, D., Glondu, S., Izabachene, M.: Distributed ElGamal à la Pedersen - application to helios. In: WPES (2013)
Cortier, V., Galindo, D., Glondu, S., Izabachène, M.: Election verifiability for Helios under weaker trust assumptions. In: Kutyłowski, M., Vaidya, J. (eds.) ESORICS 2014. LNCS, vol. 8713, pp. 327–344. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-11212-1_19
Cortier, V., Gaudry, P., Yang, Q.: A toolbox for verifiable tally-hiding e-voting systems. Cryptology ePrint Archive, Report 2021/491 (2021)
Cramer, R., Damgård, I., Nielsen, J.B.: Multiparty computation from threshold homomorphic encryption. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 280–300. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44987-6_18
Floyd, R.W.: Algorithm 97: shortest path. Commun. ACM 5, 345 (1962)
Haenni, R., Koenig, R.E., Locher, P., Dubuis, E.: CHVote System Specification. Cryptology ePrint Archive, Report 2017/325 (2017)
Haines, T., Pattinson, D., Tiwari, M.: Verifiable homomorphic tallying for the Schulze vote counting scheme. In: Chakraborty, S., Navas, J.A. (eds.) VSTTE 2019. LNCS, vol. 12031, pp. 36–53. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-41600-3_4
Hazay, C., Mikkelsen, G.L., Rabin, T., Toft, T., Nicolosi, A.A.: Efficient RSA Key generation and threshold Paillier in the two-party setting. J. Cryptol. 32(2), 265–323 (2018). https://doi.org/10.1007/s00145-017-9275-7
Hertel, F., Huber, N., Kittelberger, J., Kuesters, R., Liedtke, J., Rausch, D.: Extending the tally-hiding ordinos system: implementations for Borda, Hare-Niemeyer, Condorcet, and instant-runoff voting. In: Proceedings E-Vote-ID 2021. University of Tartu Press (2021)
Kuesters, R., Liedtke, J., Mueller, J., Rausch, D., Vogt, A.: Ordinos: a verifiable tally-hiding e-voting system. In: EuroS &P (2020)
Küsters, R., Truderung, T., Vogt, A.: Verifiability, privacy, and coercion-resistance: new insights from a case study. In: S &P (2011)
Lipmaa, H.: On Diophantine complexity and statistical zero-knowledge arguments. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 398–415. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-40061-5_26
Lipmaa, H., Toft, T.: Secure equality and greater-than tests with sublinear online complexity. In: Fomin, F.V., Freivalds, R., Kwiatkowska, M., Peleg, D. (eds.) ICALP 2013. LNCS, vol. 7966, pp. 645–656. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39212-2_56
Nishide, T., Sakurai, K.: Distributed Paillier cryptosystem without trusted dealer. In: Chung, Y., Yung, M. (eds.) WISA 2010. LNCS, vol. 6513, pp. 44–60. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-17955-6_4
Poupard, G., Stern, J.: Security analysis of a practical “on the fly’’ authentication and signature generation. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 422–436. Springer, Heidelberg (1998). https://doi.org/10.1007/BFb0054143
Ramchen, K., Culnane, C., Pereira, O., Teague, V.: Universally verifiable MPC and IRV ballot counting. In: Goldberg, I., Moore, T. (eds.) FC 2019. LNCS, vol. 11598, pp. 301–319. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-32101-7_19
Schoenmakers, B., Tuyls, P.: Practical two-party computation based on the conditional gate. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 119–136. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-30539-2_10
Schoenmakers, B., Tuyls, P.: Efficient binary conversion for Paillier encrypted values. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 522–537. Springer, Heidelberg (2006). https://doi.org/10.1007/11761679_31
Schoenmakers, B., Veeningen, M.: Universally verifiable multiparty computation from threshold homomorphic cryptosystems. In: Malkin, T., Kolesnikov, V., Lewko, A.B., Polychronakis, M. (eds.) ACNS 2015. LNCS, vol. 9092, pp. 3–22. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-28166-7_1
Schulze, M.: A new monotonic, clone-independent, reversal symmetric, and condorcet-consistent single-winner election method. Soc. Choice Welf. 36, 267–303 (2011). https://doi.org/10.1007/s00355-010-0475-4
Warshall, S.: A theorem on Boolean matrices. J. ACM 9, 11–12 (1962)
Wen, R., Buckland, R.: Mix and Test Counting in Preferential Electoral Systems. University of New South Wales, Technical report (2008)
Wikström, D.: Universally composable DKG with linear number of exponentiations. In: Blundo, C., Cimato, S. (eds.) SCN 2004. LNCS, vol. 3352, pp. 263–277. Springer, Heidelberg (2005). https://doi.org/10.1007/978-3-540-30598-9_19
Wikström, D.: A sender verifiable mix-net and a new proof of a shuffle. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 273–292. Springer, Heidelberg (2005). https://doi.org/10.1007/11593447_15
Wikström, D.: A commitment-consistent proof of a shuffle. In: Boyd, C., González Nieto, J. (eds.) ACISP 2009. LNCS, vol. 5594, pp. 407–421. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-02620-1_28
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Appendix
Appendix
Cost of various MPC primitives: basic functionalities for logic, integer arithmetic, and a few advanced functions. The Option column includes whether this is available in Paillier (P) or ElGamal (EG). The notations are a for the number of authorities, m for the bit-length of the operands, n for the number of operands, r for the precision (in the division). All logarithms are in base 2. The communication costs are expressed in terms of broadcast (denoted B) and full-rounds (denoted R). The unit of the transcript size is the key length. This corresponds to half the size of a ciphertext in both Paillier (typically 3072 bits) and ElGamal (typically 256 bits) settings.
Leading terms of the cost of tally-hiding for single choice systems. s: # seats, k: # lists, a: # authorities, n: # voters, \(m=\lceil {\log (n+1)}\rceil \), \(m_1=m+\log k\), \(m_2=m+\log (sk)\), \(m_3=m_1+\log (\textrm{lcm} (2,\cdots ,s))\), \(s'=\log (\textrm{lcm} (2,\cdots ,s))\), R: round of comm., B: broadcasts.
Leading terms of the cost of tally-hiding for MJ. n: # voters, \(m=\lceil {\log (n+1)}\rceil \), k: # candidates, \(d \): # grades, a: # authorities.
Leading terms of the cost of tally-hiding for STV. n: # voters, k: # candidates, \(m=\lceil {\log (n+1)}\rceil \), a: # authorities, r: precision in power of 2, \(m'=m+r\), \(k'=k+r\).
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Cortier, V., Gaudry, P., Yang, Q. (2022). A Toolbox for Verifiable Tally-Hiding E-Voting Systems. In: Atluri, V., Di Pietro, R., Jensen, C.D., Meng, W. (eds) Computer Security – ESORICS 2022. ESORICS 2022. Lecture Notes in Computer Science, vol 13555. Springer, Cham. https://doi.org/10.1007/978-3-031-17146-8_31
Download citation
DOI: https://doi.org/10.1007/978-3-031-17146-8_31
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-17145-1
Online ISBN: 978-3-031-17146-8
eBook Packages: Computer ScienceComputer Science (R0)