Abstract. We propose a new mix network that is optimized to produce a correct output very fast when all mix servers execute the mixing protocol correctly (the usual case). Our mix network only produces an output if no server cheats. However, in the rare case when one or several mix servers cheat, we convert the inputs to a format that allows “back-up” mixing. This back-up mixing can be implemented using any one of a wide array of already proposed (but slower) mix networks. When all goes well, our mix net is the fastest, both in real terms and asymptotically, of all those that offer standard guarantees of privacy and correctness. In practice, this benefit far outweighs the drawback of a comparatively complex procedure to recover from cheating. Our new mix is ideally suited to compute almost instantly the output of electronic elections, whence the name “exit-poll ” mixing. 1
|
897
|
Random oracles are practical: A paradigm for designing efficient protocols
– Bellare, Rogaway
- 1993
|
|
742
|
Untraceable electronic mail, return addresses, and digital pseudonyms
– Chaum
- 1981
|
|
552
|
How to prove yourself: Practical solutions to identification and signature problems
– Fiat, Shamir
- 1986
|
|
491
|
The MD5 Message-Digest Algorithm
– Rivest
- 1992
|
|
413
|
Efficient signature generation for smart cards
– Schnorr
- 1991
|
|
264
|
Public-Key Cryptosystems Based on Composite Degree Residuosity Classes. Eurocrypt ’99
– Paillier
|
|
215
|
Wallet Databases with Observers
– Chaum, Perderson
- 1992
|
|
196
|
Threshold cryptosystem
– Desmedt, Frankel
- 1989
|
|
152
|
A practical scheme for non-interactive verifiable secret sharing
– Feldman
- 1987
|
|
133
|
The Decision Diffie-Hellman Problem
– Boneh
- 1998
|
|
126
|
A Threshold Cryptosystem Without a Trusted Party. Eurocrypt ’91
– Pedersen
|
|
102
|
Efficient generation of shared RSA keys
– Boneh, Franklin
- 1997
|
|
83
|
A verifiable secret shuffle and its application to e-voting
– Neff
- 2001
|
|
82
|
Secure Distributed Key Generation for Discrete-Log-Based Cryptosystems. Eurocrypt ’99
– Gennaro, Jarecki, et al.
|
|
66
|
Making mix nets robust for electronic voting by randomized partial checking
– Jakobsson, Juels, et al.
- 2002
|
|
65
|
K.Sako: Efficient Receipt-Free Voting based on Homomorphic Encryption
– Hirt
|
|
60
|
How to make personalized web browsing simple, secure and anonymous
– Gabber, Gibbons, et al.
- 1997
|
|
59
|
A practical mix
– Jakobsson
- 1998
|
|
54
|
Simplified VSS and fast-track multiparty computations with applications to threshold cryptography
– Gennaro, Rabin, et al.
- 1998
|
|
54
|
Efficient anonymous channel and all/nothing election scheme
– Itoh, Kurosawa, et al.
- 1993
|
|
50
|
Flash Mixing
– Jakobsson
- 1999
|
|
48
|
An efficient scheme for proving a shuffle
– Furukawa, Sako
- 2001
|
|
44
|
Mix-networks on permutation networks
– Abe
- 1999
|
|
34
|
How to break the direct RSAimplementation of MIXes
– Pfitzmann, Pfitzmann
- 1989
|
|
32
|
How to break a practical mix and design a new one
– Desmedt, Kurosawa
- 2000
|
|
32
|
On the security of elgamal based encryption
– Tsiounis, Yung
- 1998
|
|
31
|
Receipt-Free Mix-Type Voting Scheme
– Sako, Kilian
- 1995
|
|
28
|
Millimix: Mixing in small batches
– JAKOBSSON, JUELS
- 1999
|
|
26
|
Fault tolerant anonymous channel
– Ogata, Kurosawa, et al.
- 1997
|
|
23
|
Remarks on mix-network based on permutation networks
– Abe, Hoshino
- 1992
|
|
23
|
An optimally robust hybrid mix network
– Jakobsson, Juels
- 2001
|
|
22
|
Attack for flash mix
– Mitomo, Kurosawa
- 1976
|
|
19
|
Mix-based electronic payments
– Jakobsson, M'Raihi
- 1998
|
|
16
|
Specifications for the Secure Hash Standard
– NIST
- 2002
|
|
11
|
Self-tallying elections and perfect ballot secrecy
– Kiayias, Yung
- 2000
|
|
8
|
An implementation of a universally verifiable electronic voting scheme based on shuffling
– Furukawa, Miyauchi, et al.
- 2002
|
|
3
|
Breaking an efficient anonymous channel
– Pfizmann
|
