Receipt-free secret-ballot elections (extended abstract)
STOC '94 Proceedings of the twenty-sixth annual ACM symposium on Theory of computing
Mobile values, new names, and secure communication
POPL '01 Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A Practical Secret Voting Scheme for Large Scale Elections
ASIACRYPT '92 Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Security analysis of the diebold AccuVote-TS voting machine
EVT'07 Proceedings of the USENIX Workshop on Accurate Electronic Voting Technology
Civitas: Toward a Secure Voting System
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
Helios: web-based open-audit voting
SS'08 Proceedings of the 17th conference on Security symposium
Verifying privacy-type properties of electronic voting protocols
Journal of Computer Security
Security analysis of India's electronic voting machines
Proceedings of the 17th ACM conference on Computer and communications security
Election verifiability in electronic voting protocols
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Verifiability, Privacy, and Coercion-Resistance: New Insights from a Case Study
SP '11 Proceedings of the 2011 IEEE Symposium on Security and Privacy
Attacking and Fixing Helios: An Analysis of Ballot Secrecy
CSF '11 Proceedings of the 2011 IEEE 24th Computer Security Foundations Symposium
Coercion-resistant electronic elections
Towards Trustworthy Elections
A formal analysis of the norwegian e-voting protocol
POST'12 Proceedings of the First international conference on Principles of Security and Trust
Clash Attacks on the Verifiability of E-Voting Systems
SP '12 Proceedings of the 2012 IEEE Symposium on Security and Privacy
Measuring vote privacy, revisited
Proceedings of the 2012 ACM conference on Computer and communications security
Hi-index | 0.00 |
We study a simple electronic boardroom voting system. While most existing systems rely on opaque electronic devices, a scientific committee of a research institute (the CNRS Section 07) has recently proposed an alternative system. Despite its simplicity (in particular, no use of cryptography), each voter can check that the outcome of the election corresponds to the votes, without having to trust the devices. In this paper, we present three versions of this system, exhibiting potential attacks. We then formally model the system in the applied pi-calculus, and prove that two versions ensure both vote correctness (even if the devices are corrupted) and ballot secrecy (assuming the devices are honest).