When are three voters enough for privacy properties?
When are three voters enough for privacy properties?. Myrto Arapinis, Véronique Cortier, and Steve Kremer. In Proceedings of the 21st European Symposium on Research in Computer Security (ESORICS'16), pp. 241–260, Lecture Notes in Computer Science, Springer, Heraklion, Crete, September 2016.
Download
Abstract
Protocols for secure electronic voting are of
increasing societal importance. Proving rigorously
their security is more challenging than many other
protocols, which aim at authentication or key
exchange. One of the reasons is that they need to be
secure for an arbitrary number of malicious voters.
In this paper we identify a class of voting
protocols for which only a small number of agents
needs to be considered: if there is an attack on
vote privacy then there is also an attack that
involves at most 3 voters (2 honest voters and 1
dishonest voter).
In the case where the protocol
allows a voter to cast several votes and counts,
e.g., only the last one, we also reduce the number
of ballots required for an attack to 10, and under
some additional hypotheses, 7 ballots. Our results
are formalised and proven in a symbolic model based
on the applied pi calculus. We illustrate the
applicability of our results on several case
studies, including different versions of Helios and
Prêt-à-Voter, as well as the JCJ protocol. For some
of these protocols we can use the ProVerif tool to
provide the first formal proofs of privacy for an
unbounded number of voters.
BibTeX
@inproceedings{ACK-esorics16,
abstract = {Protocols for secure electronic voting are of
increasing societal importance. Proving rigorously
their security is more challenging than many other
protocols, which aim at authentication or key
exchange. One of the reasons is that they need to be
secure for an arbitrary number of malicious voters.
In this paper we identify a class of voting
protocols for which only a small number of agents
needs to be considered: if there is an attack on
vote privacy then there is also an attack that
involves at most 3 voters (2 honest voters and~1
dishonest voter).\par In the case where the protocol
allows a voter to cast several votes and counts,
e.g., only the last one, we also reduce the number
of ballots required for an attack to 10, and under
some additional hypotheses, 7 ballots. Our results
are formalised and proven in a symbolic model based
on the applied pi calculus. We illustrate the
applicability of our results on several case
studies, including different versions of Helios and
Pr\^et-\`a-Voter, as well as the JCJ protocol. For some
of these protocols we can use the ProVerif tool to
provide the first formal proofs of privacy for an
unbounded number of voters.},
address = {Heraklion, Crete},
author = {Arapinis, Myrto and Cortier, V\'eronique and Kremer, Steve},
booktitle = {{P}roceedings of the 21st {E}uropean {S}ymposium on {R}esearch in {C}omputer {S}ecurity (ESORICS'16)},
editor = {Askoxylakis, Ioannis and Ioannidis, Sotiris and
Katsikas, Sokratis and Meadows, Catherine},
month = sep,
publisher = {Springer},
series = {Lecture Notes in Computer Science},
title = {When are three voters enough for privacy properties?},
year = {2016},
acronym = {{ESORICS}'16},
nmonth = {9},
pages = {241--260},
doi = {10.1007/978-3-319-45741-3_13},
}