Looking at current cryptographic-based e-voting protocols, one can distinguish three basic design paradigms (or approaches): (a) Mix-Networks based, (b) Homomorphic Encryption based, and (c) Blind Signatures based. Each of the three possesses di#erent advantages and disadvantages w.r.t. the basic properties of (i) e#cient tallying, (ii) universal verifiability, and (iii) allowing write-in ballot capability (in addition to predetermined candidates). In fact, none of the approaches results in a scheme that simultaneously achieves all three. This is unfortunate, since the three basic properties are crucial for e#ciency, integrity and versatility (flexibility), respectively. Further, one can argue that a serious business o#ering of voting technology should o#er a flexible technology that achieves various election goals with a single user interface. This motivates our goal, which is to suggest a new "vector-ballot" based approach for secret-ballot e-voting that is based on three new notions: Provably Consistent Vector Ballot Encodings, Shrink-and-Mix Networks and Punch-Hole-Vector-Ballots. At the heart of our approach is the combination of mix networks and homomorphic encryption under a single user interface; given this, it is rather surprising that it achieves much more than any of the previous approaches for e-voting achieved in terms of the basic properties. Our approach is presented in two generic designs called "homomorphic vector-ballots with write-in votes" and "multi-candidate punch-hole vector-ballots"; both of our designs can be instantiated over any homomorphic encryption function.

It had been thought that it is di#cult to provide receiptfreeness in mixnet-based electronic voting schemes. Any kind of user chosen randomness can be used to construct a receipt, since a user can prove to a buyer how he had encrypted the ballot. In this paper we propose a simple and e#cient method to incorporate receipt-freeness in mixnetbased electronic voting schemes by using the well known re-encryption technique and designated verifier re-encryption proof (DVRP). In our scheme a voter has to prepare his encrypted ballot through a randomization service provided by a tamper resistant randomizer (TRR), in such a way that he finally loses his knowledge on randomness. This method can be used in most mixnet-based electronic voting scheme to provide receipt-freeness.

Abstract. In this paper, we study the problem of simultaneously achieving several security properties, for voting schemes, without non-standard assumptions. This paper is a work in progress. More specifically, we focus on the universal verifiability of the computation of the tally, on the unconditional privacy/anonymity of the votes, and on the receipt-freeness properties. More precisely, under usual assumptions and efficiency requirements, we show that we cannot achieve: – universal verifiability of the tally (UV) and unconditional privacy of the votes (UP) simultaneously, unless all the registered voters actually vote; – universal verifiability of the tally (UV) and receipt- freeness (RF), unless the voting process involves interactions between several voters (and possibly the voting authority). 1

We present a voting protocol that protects voters ’ privacy and achieves universal verifiability, receipt-freeness, and uncoercibility without ad hoc physical assumptions or procedural constraints (such as untappable channels, voting booths, smart cards, third-party randomizers, and so on). We discuss under which conditions the scheme allows voters to cast write-in ballots, and we show how it can be practically implemented through voter-verified (paper) ballots. The scheme allows voters to combine voting credentials with their chosen votes applying the homomorphic properties of certain probabilistic cryptosystems.

Remote electronic voting over the Internet is a promising concept to afford convenience to voters and to increase election turnouts. However, before employing electronic voting systems in regular elections, problems such as coercion and vote selling have to be solved. Recently, Juels, Catalano and Jakobsson introduced a strong security requirement that deals with theses concerns. Coercion resistance improves on the former security notion of receipt freeness by taking additional real-life threats into account. In this paper, we present a coercion-resistant election scheme with a linear work factor. The scheme is based on the previous proposal of Juels et al., which exhibited a quadratic work factor, and employs Smith’s idea to achieve a speedup to linear work. It, however, overcomes the drawbacks of these preceding solutions. We also present an evaluation of the scheme and identify the drawbacks and the real world aspects related to the scheme. 1

Abstract not found

Abstract. All the currently existing homomorphic e-voting schemes are based on additive homomorphism. In this paper a new e-voting scheme based on multiplicative homomorphism is proposed. In the tallying phase, a decryption is performed to recover the product of the votes, instead of the sum of them (as in the additive homomorphic e-voting schemes). Then, the product is factorized to recover the votes. The new e-voting scheme is more efficient than the additive homomorphic e-voting schemes and more efficient than other voting schemes when the number of candidates is small. Strong vote privacy and public verifiability are obtained in the new e-voting scheme. 1

Abstract. Voting in uncontrolled environments, such as the Internet comes with a price, the price of having to trust in uncontrolled machines the collection of voter’s vote. An uncontrolled machine, e.g. the voter’s PC, may be infected with a virus or other malicious program that may try to change the voter’s vote without her knowledge. Here we present CodeVoting, a technique to create a secure communication channel to a smart card that prevents vote manipulation by the voter’s PC, while at the same time allows the use of any cryptographic voting protocol to cast the vote. Key words: Internet voting, vote manipulation 1

Electronic voting is an important cryptographic application. Groth presented some efficient non-interactive zero-knowledge (NIZK) arguments based on homomorphic integer commitments for voting. He investigated four types of e-voting schemes: limited vote, approval vote, divisible vote and Borda vote. Receipt-freeness means that a voter is unable to construct a receipt to convince others she has voted for a particular candidate. It is a security property to protect the election against vote buying and coercion. Groth’s schemes do not satisfy receipt-freeness for a voter can exploit the randomness she chooses in encryptions or commitments to construct a receipt. In this paper a receipt-free variant of the limited vote election protocol is constructed. A third party called “randomizer” is employed to re-encrypt the votes and to mask the commitments made by the voters while preserving the validity of the votes. The construction is generic and can be easily modified to introduce receipt-freeness into other types of Groth’s e-voting schemes.

Abstract. We present a voter verifiable Internet voting scheme which provides anonymity and eliminates the danger of vote selling even if the computer used by the voter cannot be fully trusted. The ballots cast remain anonymous- even the machine does not know the choice of the voter. It makes no sense to buy votes- the voter can cheat the buyer even if his machine cooperates with the buyer. Nevertheless, the voter can verity that his vote has been counted.