AI helps you reading Science

AI generates interpretation videos

AI extracts and analyses the key points of the paper to generate videos automatically


pub
Go Generating

AI Traceability

AI parses the academic lineage of this thesis


Master Reading Tree
Generate MRT

AI Insight

AI extracts a summary of this paper


Weibo:
Our protocol requires that most voters audit their cast ballot, otherwise the Helios server could impersonate voters and change the election outcome

Helios: web-based open-audit voting

USENIX Security Symposium, pp.335-348, (2008)

Cited by: 704|Views431
EI
Full Text
Bibtex
Weibo

Abstract

Voting with cryptographic auditing, sometimes called open-audit voting, has remained, for the most part, a theoretical endeavor. In spite of dozens of fascinating protocols and recent ground-breaking advances in the field, there exist only a handful of specialized implementations that few people have experienced directly. As a result, the...More

Code:

Data:

0
Introduction
  • Over the last 25 years, cryptographers have developed election protocols that promise a radical paradigm shift: election results can be verified entirely by public observers, all the while preserving voter secrecy
  • These protocols are said to provide two properties: ballot casting assurance, where each voter gains personal assurance that their vote was correctly captured, and universal verifiability, where any observer can verify that all captured votes were properly tallied.
  • The few implementations of open-audit elections that do exist [3, 2] have not had as much of an impact as hoped, in large part because they require special equipment and an in-person experience, limiting their reach
Highlights
  • Over the last 25 years, cryptographers have developed election protocols that promise a radical paradigm shift: election results can be verified entirely by public observers, all the while preserving voter secrecy. These protocols are said to provide two properties: ballot casting assurance, where each voter gains personal assurance that their vote was correctly captured, and universal verifiability, where any observer can verify that all captured votes were properly tallied
  • XML is one possibility, but we found that JavaScript Object Notation (JSON) is easier to handle with far less parsing code
  • Helios is simpler than most cryptographic voting protocols because it focuses on proving integrity
  • We provide the Ballot Encryption Verification program, again in source form for auditors to verify
  • Our protocol requires that most voters audit their cast ballot, otherwise the Helios server could impersonate voters and change the election outcome
Results
  • The authors note that improved performance could likely be gained from optimizing the first-pass implementation.
Conclusion
  • Helios is simpler than most cryptographic voting protocols because it focuses on proving integrity.
  • Given the overwhelming probability of catching these types of attacks via cryptographic verification, it takes only one auditor to detect this kind of tampering.Helios is the first publicly available implementation of a web-based open-audit voting system.
  • It fills an interesting niche: elections for small clubs, online communities, and student governments need trustworthy elections without the significant overhead of coercion-freeness.
  • If feasible with browser-based cryptography, Helios should use digital signatures to authenticate each ballot in a publicly verifiable manner
Related work
  • There is a plethora of theoretical cryptographic voting work reviewed and cited in [11, 4]. We do not attempt to re-document this significant body of work here.

    Open-audit voting implementations. There are only a small handful of notable open-audit voting implementations. VoteHere’s advanced protocols for mixnets and coercion-free ballot casting [3] have been implemented and deployed in test environments. The Punchscan voting system [2] has also been implemented and used in a handful of real student government elections, with video evidence available for all to see.
Reference
  • Clipperz. http://clipperz.org, last viewed on January 30th, 2008.
    Findings
  • PunchScan. http://punchscan.org, last viewed on January 30th, 2008.
    Findings
  • VoteHere. http://votehere.com, last viewed on January 30th, 2008.
    Findings
  • Ben Adida. Advances in Cryptographic Voting Systems. PhD thesis, August 2006. http://ben.adida.net/research/phd-thesis.pdf.
    Findings
  • Josh Benaloh. Simple Verifiable Elections. In EVT ’06, Proceedings of the First Usenix/ACCURATE Electronic Voting Technology Workshop, August 1st 2006, Vancouver, BC,Canada., 2006. Available online at http://www.usenix.org/events/evt06/tech/.
    Locate open access versionFindings
  • Josh Benaloh. Ballot Casting Assurance via VoterInitiated Poll Station Auditing. In EVT ’07, Proceedings of the Second Usenix/ACCURATE Electronic Voting Technology Workshop, August 6th 2007, Boston, MA, USA., 2007. Available online at http://www.usenix.org/events/evt07/tech/.
    Locate open access versionFindings
  • C. Andrew Neff. http://www.votehere.com/papers/
    Findings
  • January 30th, 2008.
    Google ScholarFindings
  • [8] David Chaum and Torben P. Pedersen. Wallet databases with observers. In Ernest F. Brickell, editor, CRYPTO, volume 740 of Lecture Notes in Computer Science, pages 89–105.
    Google ScholarLocate open access versionFindings
  • [9] Amos Fiat and Adi Shamir. How to prove yourself: Practical solutions to identification and signature problems. In Andrew M. Odlyzko, editor, CRYPTO, volume 263 of Lecture Notes in Computer Science, pages 186–194.
    Google ScholarLocate open access versionFindings
  • [10] Google. Gmail. http://gmail.com.
    Findings
  • [11] Dimitris Gritzalis, editor. Secure Electronic Voting. Kluwer Academic Publishers, 2002.
    Google ScholarFindings
  • [12] Mark Herschberg. Secure electronic voting over the world wide web. Master’s thesis, May 1997. http://groups.csail.mit.edu/cis/voting/herschberg-thesis/.
    Findings
  • [13] Ari Juels, Dario Catalano, and Markus Jakobsson. Coercion-resistant electronic elections. In Vijay Atluri, Sabrina De Capitani di Vimercati, and Roger Dingledine, editors, WPES, pages 61–70. ACM, 2005.
    Google ScholarFindings
  • [14] L. Masinter. The Data URL Scheme. http://tools.ietf.org/html/rfc2397, last viewed on January 30th, 2008.
    Locate open access versionFindings
  • [15] C. Andrew Neff. A verifiable secret shuffle and its application to e-voting. In CCS 2001, Proceedings of the 8th ACM Conference on Computer and Communications Security. November 6-8, 2001, Philadelphia, Pennsylvania, USA., pages 116–125. ACM, 2001.
    Google ScholarLocate open access versionFindings
  • [16] Kazue Sako and Joe Kilian. Receipt-free mix-type voting scheme - a practical solution to the implementation of a voting booth. In EUROCRYPT, pages 393–403, 1995.
    Google ScholarLocate open access versionFindings
  • [17] Guido van Rossum. The Python Programming Language. http://python.org, last viewed on January 30th, 2008.
    Findings
  • [18] Thomas D. Wu. The secure remote password protocol. In NDSS. The Internet Society, 1998. http://srp.stanford.edu/, last visited on January 30th, 2008.
    Locate open access versionFindings
Author
Your rating :
0

 

Tags
Comments
数据免责声明
页面数据均来自互联网公开来源、合作出版商和通过AI技术自动分析结果,我们不对页面数据的有效性、准确性、正确性、可靠性、完整性和及时性做出任何承诺和保证。若有疑问,可以通过电子邮件方式联系我们:report@aminer.cn
小科