Security

On Necessary and Sufficient Conditions for Private Ballot Submission

Free registration required

Executive Summary

The authors exhibit the precise security guarantees that a public key encryption scheme needs to satisfy to guarantee ballot privacy when used in a large class of voting systems. They also identify new security notions for public key encryption that characterize the number of times that a public key can be used in different elections, and show that the most common ballot preparation approach that consists in encrypting the vote and adding a NIZK proof of its validity is sound, even without hardwiring the voter identity in the proof. Their results provide important steps towards proving the privacy of the ballot submission procedure in the widely deployed Helios voting system.

  • Format: PDF
  • Size: 342.4 KB