Kardaş, Süleyman and Kiraz, Mehmet Sabir and Bingöl, Muhammed Ali and Birinci, Fatih (2016) Norwegian internet voting protocol revisited: ballot box and receipt generator are allowed to collude. Security and Communication Networks, 9 (18). pp. 5051-5063. ISSN 1939-0114 (Print) 1939-0122 (Online)
Full text not available from this repository. (Request a copy)
Official URL: http://dx.doi.org/10.1002/sec.1678
Abstract
Norway experienced internet voting in 2011 and 2013 for municipal and parliamentary elections, respectively. Its security depends on the assumptions that the involving organizations are completely independent, reliable, and the receipt codes are securely sent to the voters. In this paper, we point out the following aspects:
The vote privacy of the Norwegian scheme is violated if Ballot Box and Receipt Generator cooperate because the private key of Decryption Service can be obtained by the two former players. We propose a solution to avoid this issue without adding new players.
To assure the correctness, the receipt codes are sent to the voters over a pre-channel (postal service) and a post-channel (Short Message Service [SMS]). However, by holding both SMS and the postal receipt code, a voter can reveal his vote even after the elections. Albeit revoting is a fairly well solution for coercion or concealment, intentional vote revealing is still a problem. We suggest SMS only for notification of vote submission.
In case the codes are falsely generated or the pre-channel is not secure, a vote can be counted for a different candidate without detection. We propose a solution in which voters verify the integrity of the postal receipt codes.
Item Type: | Article |
---|---|
Uncontrolled Keywords: | internet voting; vote privacy; cryptographic protocols; threshold cryptography; homomorphic encryption |
Subjects: | T Technology > TK Electrical engineering. Electronics Nuclear engineering > TK5101-6720 Telecommunication Q Science > QA Mathematics > QA075 Electronic computers. Computer science T Technology > T Technology (General) > T055.4-60.8 Industrial engineering. Management engineering > T58.6-58.62 Management information systems |
Divisions: | Faculty of Engineering and Natural Sciences > Academic programs > Computer Science & Eng. Faculty of Engineering and Natural Sciences |
Depositing User: | Muhammed Ali Bingöl |
Date Deposited: | 15 May 2017 15:14 |
Last Modified: | 22 May 2019 13:47 |
URI: | https://research.sabanciuniv.edu/id/eprint/31339 |