Auditing for privacy in threshold PKE e-voting

Purpose This paper aims to investigate the importance of auditing for election privacy via issues that appear in the state-of-the-art implementations of e-voting systems that apply threshold public key encryption (TPKE) in the client such as Helios and use a bulletin board (BB). Design/methodology/approach Argumentation builds upon a formal description of a typical TPKE-based e-voting system where the election authority (EA) is the central node in a star network topology. The paper points out the weaknesses of the said topology with respect to privacy and analyzes how these weaknesses affect the security of several instances of TPKE-based e-voting systems. Overall, it studies the importance of auditing from a privacy aspect. Findings The paper shows that without public key infrastructure (PKI) support or – more generally – authenticated BB “append” operations, TPKE-based e-voting systems are vulnerable to attacks where the malicious EA can act as a man-in-the-middle between the election trustees and the voters; hence, it can learn how the voters have voted. As a countermeasure for such attacks, this work suggests compulsory trustee auditing. Furthermore, it analyzes how lack of cryptographic proof verification affects the level of privacy that can be provably guaranteed in a typical TPKE e-voting system. Originality/value As opposed to the extensively studied importance of auditing to ensure election integrity, the necessity of auditing to protect privacy in an e-voting system has been mostly overlooked. This paper reveals design weaknesses present in noticeable TPKE-based e-voting systems that can lead to a total breach of voters’ privacy and shows how auditing can be applied for providing strong provable privacy guarantees.

New Construction of PVPKE Scheme and Its Application in Information Systems and Mobile Communication

In SCN12, Nieto et al. discussed an interesting property of public key encryption with chosen ciphertext security, that is, ciphertexts with public verifiability. Independently, we introduced a new cryptographic primitive, CCA-secure publicly verifiable public key encryption without pairings in the standard model (PVPKE), and discussed its application in proxy reencryption (PRE) and threshold public key encryption (TPKE). In Crypto’09, Hofheiz and Kiltz introduced the group of signed quadratic residues and discussed its application; the most interesting feature of this group is its “gap” property, while the computational problem is as hard as factoring, and the corresponding decisional problem is easy. In this paper, we give new constructions ofPVPKEscheme based on signed quadratic residues and analyze their security. We also discussPVPKE’s important application in modern information systems, such as achieving ciphertext checkable in the cloud setting for the mobile laptop, reducing workload by the gateway between the open internet and the trusted private network, and dropping invalid ciphertext by the routers for helping the network to preserve its communication bandwidth.