Researches On The Security Techniques Of Electronic Election

The 2000 U.S. presidential election opened the eyes of people all over the world to the flaws and failures of the election machinery. Electronic election is put into the public limelight for it can speed up the counting of votes and provide greater accuracy. Electronic election refers to any voting process where the electronic means is used for votes casting or results counting. Cryptographic voting can successfully achieve both verifiability and ballot secrecy, a combination that cannot be achieved by traditional voting systems.This dissertation explores cryptographic techniques for electronic elections. We focus on voting protocols based on homomorphic threshold encryption. In such schemes, voters cast the encrypted votes. A group of tallying authorities computes an encryption of the result by using the homomorphic property of the cryptosystem, and makes a threshold decryption of this ciphertext to get the result. To prevent a voter from casting an invalid encryption, she is required to make a non-interactive zero-knowledge proof of correctness of the encrypted vote. A voter can prove to an adversary how she voted by revealing the randomness in the encryption, so the election is under threat of voting-buying or coercion. Receipt-freeness is a security property to defend against such threats. This property essentially means that voters should not be able to prove to an adversary that she chooses a particular candidate. The main contribution of this thesis is concentrated on the design of receipt-free voting schemes. The results are as follows:1. For a K-out-of-L election, Byoungcheon Lee and Kwangjo Kim present a receipt-free voting scheme. Unfortunately, the zero-knowledge proofs designed by them leak information about the ballot. In this thesis a receipt-free vector ballot voting scheme is presented. The vector ballot denotes that the ballot is represented as a vector with L elements. The i-th entry of the ballot corresponds to the choice of the voter on the i-th candidate. The tallying authorities sum up components in respective locations of all votes to reveal the votes that are won by each candidate. By means of vector ballot encoding the problem of information leakage is remedied. In this scheme a voter submits an encrypted vector ballot as her first ballot. A randomizer is employed to re-encrypt the first ballot cast by the voter. It gives the voter a designated-verifier re-encryption proof through the untappable channel. The voter and the randomizer jointly generate the proof of correctness of the final ballot. We design the proofs and analyze the protocol.2. By using integer commitments, Jens Groth suggests the most efficient proofs for correctness of the encrypted vote. He investigates proofs for four types of voting protocols: limited vote, approval vote, divisible vote and Borda vote. Nevertheless, voting protocols implemented by using his techniques do not satisfy receipt-freeness. We propose a receipt-free limited voting protocol, which is the first receipt-free variant constructed on the basis of Groth's proofs. A voter submits a commitment and an encryption as her first ballot. A randomizer is employed to mask the commitment and re-encrypt the encryption. We present the designated-verifier commitment masking proof based on the OR combination of honest verifier zero-knowledge proofs, and the joint proof of correctness of the final ballot.3. Tal Moran and Moni Naor present a receipt-free universally verifiable voting protocol with everlasting privacy. The voting machine is employed to generate encrypted ballot for the voter. The voter only needs to perform simple operation to verify the computation of the machine. We present a new voting protocol, which combines the advantages of Moran-Naor voting protocol and voting protocols based on homomorphic encryption. Compared with their voting protocol, the new protocol has three advantages: The ballots can be recovered when the voting machine breaks down, the costly cut-and-choose zero-knowledge proofs of shuffling commitments made by the voting machine are removed, and the tally result in each voting machine is not revealed. So far there have been only two variants of Moran-Naor voting scheme: Split Ballot Voting designed by the same authors and our voting scheme. 4. The voting machine based on cryptography is vulnerable to attacks through covert channels. An adversary may inject malicious codes into the voting machine and make it leak vote content unnoticeably by exploiting the randomness used in encryptions and zero-knowledge proofs. We present a voting protocol secure against covert channels. It has the following properties: Firstly, the voting machine used is tamper-evident. The randomness used by the voting machine is generated by the election authority. The inconsistent use of the randomness can be detected by the voter from examining a destroyable verification code. Even if malicious codes are run in the voting machine attacks through subliminal channels are thwarted. Next, it is voter-verifiable. The voter has the ability to verify if the encrypted ballot generated by the voting machine is consistent with her intent without doing complicated cryptographic computation. Finally, the voting protocol is receipt-free. Vote-buying and coercion are prevented. To the best of our knowledge, there are only three voting schemes resistant to covert channels: Choi-Golle-Jakobsson scheme, Adida-Neff scheme and our scheme.