STOC '87 Proceedings of the nineteenth annual ACM symposium on Theory of computing
An impossibility theorem for electoral systems
Discrete Mathematics
Elections with unconditionally-secret ballots and disruption equivalent to breaking RSA
Lecture Notes in Computer Science on Advances in Cryptology-EUROCRYPT'88
Receipt-free secret-ballot elections (extended abstract)
STOC '94 Proceedings of the twenty-sixth annual ACM symposium on Theory of computing
Untraceable electronic mail, return addresses, and digital pseudonyms
Communications of the ACM
Using a High-Performance, Programmable Secure Coprocessor
FC '98 Proceedings of the Second International Conference on Financial Cryptography
A robust and verifiable cryptographically secure election scheme
SFCS '85 Proceedings of the 26th Annual Symposium on Foundations of Computer Science
Multi-authority secret-ballot elections with linear work
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
A secure and optimally efficient multi-authority election scheme
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Efficient receipt-free voting based on homomorphic encryption
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
| Hi-index | 0.00 |
If nobody can prove (even in an all-against-one cooperation) that one did not vote with a particular cast, then one can claim anything about his cast even under oath, and has no fear of being caught. We consider the question of constructing a voting scheme that provides all participants with this "absolute" privacy.We assume that half of the problem is already solved: The votes are evaluated so that only the result is revealed. Latest achievements of secure coprocessors are supposedly a justification for such a presumption. We prove that even under the presumption that the voting reveals nothing but a result, the privacy of an individual input can withstand an "all-against-one" attack under certain conditions only.First condition: The function that maps a set of casts to the result of voting must be non-deterministic. Second condition (paradoxically): for any set of casts any result must be possible.