Provable Security by Ron Steinfeld & Tsz Hon Yuen

Author:Ron Steinfeld & Tsz Hon Yuen
Language: eng
Format: epub
ISBN: 9783030319199
Publisher: Springer International Publishing

3.3 Further Discussion

models attack scenarios in which a voter provides evidence of their vote (including their private credential) to the attacker only after voting, thereby assuming that honest voters do not reveal their private credentials until they have voted. We illustrate that , an e-voting scheme that satisfies [23, Theorem 5], is no longer receipt-free if an attacker can compel a voter to reveal their credentials before voting, that is, when the assumption does not hold.

provides each eligible voter with a voting card (which is a private credential in our terminology). This voting card consists of two parts: the first part contains a list of candidates and a unique vote code associated with each candidate. This is repeated on the second part of the voting card, although the vote codes associated with each candidate are different. To cast a ballot, each voter selects a part of their voting card (part ‘0’ or part ‘1’, which we call the coins, using our terminology) and inputs the selected part and the vote code listed next to their chosen candidate to the voting client. The part of the voting card and the vote code constitute the voter’s ballot. The ballot box is updated with the ballot, i.e., algorithm outputs . Intuitively, satisfies because voters can swap vote codes on the voting card, and can make the vote code on their ballot correspond to any candidate they wish. Therefore, the voter can convince the attacker that the submitted vote code corresponds to the attacker’s choice of candidate.

However, consider the following scenario: an attacker wants a voter to vote for candidate A but the voter wants to vote for candidate B. The attacker requests to see the voter’s voting card before voting. Only after seeing the voting card, the attacker requests that the voter cast a ballot for A. In this scenario, the voter may not have switched vote codes for A and B. Thus, the voter cannot vote for A and convince the attacker that they voted for B. In contrast, if an attacker does not see the voting card until after voting, the voter can switch the vote codes for A and B. Therefore, provides a guarantee of receipt-freeness only if the voting card is revealed after voting.

The scenario above describes an attacker who interacts with a voter before voting, which is outside the scope of . The question is: should this attack scenario be captured by receipt-freeness, or does it fall under the remit of coercion-resistance? We do not address this in our informal definition of receipt-freeness (Sect. 1) because this is a grey area in the literature. For instance, Delaune et al. define receipt-freeness as the property that “a voter does not gain any information (a receipt) which can be used to prove to a coercer that she voted in a certain way” and coercion-resistance as “a voter cannot cooperate with a coercer to prove to him that she voted in a certain way” [14]. This suggests that providing information to an attacker before voting is captured by coercion-resistance, not receipt-freeness.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.