Non-interactive zero-knowledge and its applications
STOC '88 Proceedings of the twentieth annual ACM symposium on Theory of computing
The knowledge complexity of interactive proof systems
SIAM Journal on Computing
Public-key cryptosystems provably secure against chosen ciphertext attacks
STOC '90 Proceedings of the twenty-second annual ACM symposium on Theory of computing
STOC '91 Proceedings of the twenty-third annual ACM symposium on Theory of computing
How to break the direct RSA-implementation of mixes
EUROCRYPT '89 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
The random oracle methodology, revisited (preliminary version)
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
A verifiable secret shuffle and its application to e-voting
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
An Efficient Scheme for Proving a Shuffle
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Non-Interactive Zero-Knowledge Proof of Knowledge and Chosen Ciphertext Attack
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Non-interactive Distributed-Verifier Proofs and Proving Relations among Commitments
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Adaptive Security in the Threshold Setting: From Cryptosystems to Signature Schemes
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Non-Malleable Non-Interactive Zero Knowledge and Adaptive Chosen-Ciphertext Security
FOCS '99 Proceedings of the 40th Annual Symposium on Foundations of Computer Science
Universally Composable Security: A New Paradigm for Cryptographic Protocols
FOCS '01 Proceedings of the 42nd IEEE symposium on Foundations of Computer Science
A practical scheme for non-interactive verifiable secret sharing
SFCS '87 Proceedings of the 28th Annual Symposium on Foundations of Computer Science
A secure and optimally efficient multi-authority election scheme
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Receipt-free mix-type voting scheme: a practical solution to the implementation of a voting booth
EUROCRYPT'95 Proceedings of the 14th annual international conference on Theory and application of cryptographic techniques
An efficient threshold public key cryptosystem secure against adaptive chosen ciphertext attack
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Public-key cryptosystems based on composite degree residuosity classes
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Rerandomizable RCCA encryption
CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
An adaptively secure mix-net without erasures
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
A sender verifiable mix-net and a new proof of a shuffle
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
Chosen ciphertext secure public key threshold encryption without random oracles
CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
Share conversion, pseudorandom secret-sharing and applications to secure computation
TCC'05 Proceedings of the Second international conference on Theory of Cryptography
Perfect non-interactive zero knowledge for NP
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Non-interactive zero-knowledge from homomorphic encryption
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Running mixnet-based elections with Helios
EVT/WOTE'11 Proceedings of the 2011 conference on Electronic voting technology/workshop on trustworthy elections
Adapting helios for provable ballot privacy
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
How not to prove yourself: pitfalls of the fiat-shamir heuristic and applications to helios
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
A robust and plaintext-aware variant of signed elgamal encryption
CT-RSA'13 Proceedings of the 13th international conference on Topics in Cryptology
Publicly verifiable ciphertexts
Journal of Computer Security - Advances in Security for Communication Networks
Attacking and fixing Helios: An analysis of ballot secrecy
Journal of Computer Security
| Hi-index | 0.00 |
Consider an electronic election scheme implemented using a mix-net; a large number of voters submit their votes and then a smaller number of servers compute the result. The mix-net accepts an encrypted vote from each voter and outputs the set of votes in sorted order without revealing the permutation used. To ensure a fair election, the votes of corrupt voters should be independent of the votes of honest voters, i.e., some type of non-malleability or plaintext awareness is needed. However, for efficiency reasons the servers typically expect inputs from some homomorphic cryptosystem, which is inherently malleable.In this paper we consider the problem of how non-malleability can be guaranteed in the submission phase and still allow the servers to start their computation with ciphertexts of the homomorphic cryptosystem. This can clearly be achieved using general techniques, but we would like a solution which is: (i) provably secure under standard assumptions, (ii) non-interactive for submittors (iii) very efficient for all parties in terms of computation and communication.We give the first solution to this problem which has all these properties. Our solution is surprisingly simple and can be based on various Cramer-Shoup cryptosystems. To capture its security properties we introduce a variation of CCA2-security.