Home > Research > Publications & Outputs > Auditing for privacy in threshold PKE e-voting

Electronic data

  • main_journal_mitm_helios

    Rights statement: This article is (c)2017 Emerald Group Publishing and permission has been granted for this version to appear here. Emerald does not grant permission for this article to be further copied/distributed or hosted elsewhere without the express permission from Emerald Group Publishing Limited.

    Accepted author manuscript, 421 KB, PDF-document

    Available under license: CC BY-NC: Creative Commons Attribution-NonCommercial 4.0 International License

Links

Text available via DOI:

View graph of relations

Auditing for privacy in threshold PKE e-voting

Research output: Contribution to journalJournal article

Published
Close
<mark>Journal publication date</mark>1/03/2017
<mark>Journal</mark>Information and Computer Security
Issue number1
Volume25
Number of pages17
Pages (from-to)100-116
Publication statusPublished
Original languageEnglish

Abstract

Purpose This paper aims to investigate the importance of auditing for election privacy via issues that appear in the state-of-the-art implementations of e-voting systems that apply threshold public key encryption (TPKE) in the client such as Helios and use a bulletin board (BB). Design/methodology/approach Argumentation builds upon a formal description of a typical TPKE-based e-voting system where the election authority (EA) is the central node in a star network topology. The paper points out the weaknesses of the said topology with respect to privacy and analyzes how these weaknesses affect the security of several instances of TPKE-based e-voting systems. Overall, it studies the importance of auditing from a privacy aspect. Findings The paper shows that without public key infrastructure (PKI) support or ? more generally ? authenticated BB ?append? operations, TPKE-based e-voting systems are vulnerable to attacks where the malicious EA can act as a man-in-the-middle between the election trustees and the voters; hence, it can learn how the voters have voted. As a countermeasure for such attacks, this work suggests compulsory trustee auditing. Furthermore, it analyzes how lack of cryptographic proof verification affects the level of privacy that can be provably guaranteed in a typical TPKE e-voting system. Originality/value As opposed to the extensively studied importance of auditing to ensure election integrity, the necessity of auditing to protect privacy in an e-voting system has been mostly overlooked. This paper reveals design weaknesses present in noticeable TPKE-based e-voting systems that can lead to a total breach of voters? privacy and shows how auditing can be applied for providing strong provable privacy guarantees.

Bibliographic note

This article is (c)2017 Emerald Group Publishing and permission has been granted for this version to appear here. Emerald does not grant permission for this article to be further copied/distributed or hosted elsewhere without the express permission from Emerald Group Publishing Limited.