Design A Novel Mix-Net Scheme In E-Voting

With the rapid development of Internet, electronic voting plays an important role in electronic government. Mix-net is a tool to provide anonymity for voters, which is an important part of the electronic voting.A mix-net is constructed as a cryptographic protocol by invoking a set of mix-servers. Every mix-server chooses a secret permutation to re-order its input ciphertexts and chooses a random number to re-encrypt them. The outputs of the former mix-server are shuffled by the latter mix-server. This is repeated until every ciphertext has been mixed by all mix-servers. Therefore, even if one or more mix-servers are corrupted, mix-net still removes any correspondences between inputs and outputs. However, as the plaintexts are encrypted it is not possible to-verify directly whether the shuffle operation was done correctly or not, an attacker may modify, detect or inject some votes without detection.This paper describes attacks on three mix-nets. The first one is Scytl mix-net, we propose two attacks on it. Only when the modified votes just right divided into the same group, the attacks can be implemented. Although the attack happens with probability, we should take these attacks into account when using mix-net as a part of an e-voting scheme. The second one is Optimistic mix-net, we put forward two attacks which exploit four flaws of Optimistic mix-net. The results of the attacks are identifying votes and inferring the permutation of each mix-server respectively. The third one is everlasting privacy mix-net, and the result of the attack is modifying votes of the specific voters.To achieve the anonymity of mix-net, the paper uses disorderd mix-net and permutation matrix. The advantage of using disordered mix-net is that the sequence of the first mix-server is random, which can prevent the attacks that adversary corrupts the first mix-server. The advantage of using permutation matrix is that the permutation of each mix-server is different in each mix session.In order to make sure that ballots are submitted independently of each other, we use the HTDH2cryptosystem proposed by Philippe Bulens et al. The paper’s innovation point is to add vote filtering stage and remove non independent vote in mixing stage. Though the above two improvements, no matter how many times the attacker and cheating mix-servers encrypt votes, we can delete all the duplicate votes, making the clone votes cannot be counted.The scheme of the mix-net in this paper uses disordered mix-net to enhance the anonymity and adds filtering votes to resist replay attacks. Compared to the original mix-net scheme, our scheme has certain advantages in preventing the attacks caused by the first mix-server, submitting ballots independently and detecting cheating mix-servers. Compared to the HTDH2scheme, our scheme ensures the whole counted votes are valid, lying in the fact that all invalid votes have been deleted in the mixing process. The disadvantage of the paper is that the number of the counted votes is less than the number of voters who votes a ballot if there exists votes that have been modified.