Home > Research > Publications & Outputs > Ceremonies for end-to-end verifiable elections

Electronic data

Links

Text available via DOI:

View graph of relations

Ceremonies for end-to-end verifiable elections

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paperpeer-review

Published

Standard

Ceremonies for end-to-end verifiable elections. / Kiayias, Aggelos ; Zacharias, Thomas ; Zhang, Bingsheng.

PKC 2017: Public-Key Cryptography – PKC 2017 : 20th IACR International Conference on Practice and Theory in Public-Key Cryptography, Amsterdam, The Netherlands, March 28-31, 2017, Proceedings, Part II Editors (view affiliations). Springer, 2017. p. 305-334 (Lecture Notes in Computer Science; Vol. 10175).

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paperpeer-review

Harvard

Kiayias, A, Zacharias, T & Zhang, B 2017, Ceremonies for end-to-end verifiable elections. in PKC 2017: Public-Key Cryptography – PKC 2017 : 20th IACR International Conference on Practice and Theory in Public-Key Cryptography, Amsterdam, The Netherlands, March 28-31, 2017, Proceedings, Part II Editors (view affiliations). Lecture Notes in Computer Science, vol. 10175, Springer, pp. 305-334. https://doi.org/10.1007/978-3-662-54388-7_11

APA

Kiayias, A., Zacharias, T., & Zhang, B. (2017). Ceremonies for end-to-end verifiable elections. In PKC 2017: Public-Key Cryptography – PKC 2017 : 20th IACR International Conference on Practice and Theory in Public-Key Cryptography, Amsterdam, The Netherlands, March 28-31, 2017, Proceedings, Part II Editors (view affiliations) (pp. 305-334). (Lecture Notes in Computer Science; Vol. 10175). Springer. https://doi.org/10.1007/978-3-662-54388-7_11

Vancouver

Kiayias A, Zacharias T, Zhang B. Ceremonies for end-to-end verifiable elections. In PKC 2017: Public-Key Cryptography – PKC 2017 : 20th IACR International Conference on Practice and Theory in Public-Key Cryptography, Amsterdam, The Netherlands, March 28-31, 2017, Proceedings, Part II Editors (view affiliations). Springer. 2017. p. 305-334. (Lecture Notes in Computer Science). https://doi.org/10.1007/978-3-662-54388-7_11

Author

Kiayias, Aggelos ; Zacharias, Thomas ; Zhang, Bingsheng. / Ceremonies for end-to-end verifiable elections. PKC 2017: Public-Key Cryptography – PKC 2017 : 20th IACR International Conference on Practice and Theory in Public-Key Cryptography, Amsterdam, The Netherlands, March 28-31, 2017, Proceedings, Part II Editors (view affiliations). Springer, 2017. pp. 305-334 (Lecture Notes in Computer Science).

Bibtex

@inproceedings{36df4b0eec8945f887981b42e746b845,
title = "Ceremonies for end-to-end verifiable elections",
abstract = "State-of-the-art e-voting systems rely on voters to perform certain actions to ensure that the election authorities are not manipulating the election result. This so-called “end-to-end (E2E) verifiability” is the hallmark of current e-voting protocols; nevertheless, thorough analysis of current systems is still far from being complete.In this work, we initiate the study of e-voting protocols as ceremonies. A ceremony, as introduced by Ellison [23], is an extension of the notion of a protocol that includes human participants as separate nodes of the system that should be taken into account when performing the security analysis. that centers on the two properties of end-to-end verifiability and voter privacy and allows the consideration of arbitrary behavioural distributions for the human participants.We then analyse the Helios system as an e-voting ceremony. Security in the e-voting ceremony model requires the specification of a class of human behaviours with respect to which the security properties can be preserved. We show how end-to-end verifiability and voter privacy are sensitive to human behaviour in the protocol by characterizing the set of behaviours under which the security can be preserved and also showing explicit scenarios where it fails.We then provide experimental evaluation with human subjects from two different sources where people used Helios: the elections of the International Association for Cryptologic Research (IACR) and a poll of senior year computer science students. We report on the auditing behaviour of the participants as we measured it and we discuss the effects on the level of certainty that can be given by each of the two electorates.The outcome of our analysis is a negative one: the auditing behaviour of people (including cryptographers) is not sufficient to ensure the correctness of the tally with good probability in either case studied. The same holds true even for simulated data that capture the case of relatively well trained participants while, finally, the security of the ceremony can be shown but under the assumption of essentially ideally behaving human subjects. We note that while our results are stated for Helios, they automatically transfer to various other e-voting systems that, as Helios, rely on client-side encryption to encode the voter{\textquoteright}s choice.",
author = "Aggelos Kiayias and Thomas Zacharias and Bingsheng Zhang",
year = "2017",
month = mar,
doi = "10.1007/978-3-662-54388-7_11",
language = "English",
isbn = "9783662543870",
series = "Lecture Notes in Computer Science",
publisher = "Springer",
pages = "305--334",
booktitle = "PKC 2017: Public-Key Cryptography – PKC 2017",

}

RIS

TY - GEN

T1 - Ceremonies for end-to-end verifiable elections

AU - Kiayias, Aggelos

AU - Zacharias, Thomas

AU - Zhang, Bingsheng

PY - 2017/3

Y1 - 2017/3

N2 - State-of-the-art e-voting systems rely on voters to perform certain actions to ensure that the election authorities are not manipulating the election result. This so-called “end-to-end (E2E) verifiability” is the hallmark of current e-voting protocols; nevertheless, thorough analysis of current systems is still far from being complete.In this work, we initiate the study of e-voting protocols as ceremonies. A ceremony, as introduced by Ellison [23], is an extension of the notion of a protocol that includes human participants as separate nodes of the system that should be taken into account when performing the security analysis. that centers on the two properties of end-to-end verifiability and voter privacy and allows the consideration of arbitrary behavioural distributions for the human participants.We then analyse the Helios system as an e-voting ceremony. Security in the e-voting ceremony model requires the specification of a class of human behaviours with respect to which the security properties can be preserved. We show how end-to-end verifiability and voter privacy are sensitive to human behaviour in the protocol by characterizing the set of behaviours under which the security can be preserved and also showing explicit scenarios where it fails.We then provide experimental evaluation with human subjects from two different sources where people used Helios: the elections of the International Association for Cryptologic Research (IACR) and a poll of senior year computer science students. We report on the auditing behaviour of the participants as we measured it and we discuss the effects on the level of certainty that can be given by each of the two electorates.The outcome of our analysis is a negative one: the auditing behaviour of people (including cryptographers) is not sufficient to ensure the correctness of the tally with good probability in either case studied. The same holds true even for simulated data that capture the case of relatively well trained participants while, finally, the security of the ceremony can be shown but under the assumption of essentially ideally behaving human subjects. We note that while our results are stated for Helios, they automatically transfer to various other e-voting systems that, as Helios, rely on client-side encryption to encode the voter’s choice.

AB - State-of-the-art e-voting systems rely on voters to perform certain actions to ensure that the election authorities are not manipulating the election result. This so-called “end-to-end (E2E) verifiability” is the hallmark of current e-voting protocols; nevertheless, thorough analysis of current systems is still far from being complete.In this work, we initiate the study of e-voting protocols as ceremonies. A ceremony, as introduced by Ellison [23], is an extension of the notion of a protocol that includes human participants as separate nodes of the system that should be taken into account when performing the security analysis. that centers on the two properties of end-to-end verifiability and voter privacy and allows the consideration of arbitrary behavioural distributions for the human participants.We then analyse the Helios system as an e-voting ceremony. Security in the e-voting ceremony model requires the specification of a class of human behaviours with respect to which the security properties can be preserved. We show how end-to-end verifiability and voter privacy are sensitive to human behaviour in the protocol by characterizing the set of behaviours under which the security can be preserved and also showing explicit scenarios where it fails.We then provide experimental evaluation with human subjects from two different sources where people used Helios: the elections of the International Association for Cryptologic Research (IACR) and a poll of senior year computer science students. We report on the auditing behaviour of the participants as we measured it and we discuss the effects on the level of certainty that can be given by each of the two electorates.The outcome of our analysis is a negative one: the auditing behaviour of people (including cryptographers) is not sufficient to ensure the correctness of the tally with good probability in either case studied. The same holds true even for simulated data that capture the case of relatively well trained participants while, finally, the security of the ceremony can be shown but under the assumption of essentially ideally behaving human subjects. We note that while our results are stated for Helios, they automatically transfer to various other e-voting systems that, as Helios, rely on client-side encryption to encode the voter’s choice.

U2 - 10.1007/978-3-662-54388-7_11

DO - 10.1007/978-3-662-54388-7_11

M3 - Conference contribution/Paper

SN - 9783662543870

T3 - Lecture Notes in Computer Science

SP - 305

EP - 334

BT - PKC 2017: Public-Key Cryptography – PKC 2017

PB - Springer

ER -