1. No category

vote n

Evaluating Security of
Voting Schemes in the
Universal Composability
Framework
Jens Groth
BRICS, University of Aarhus
Cryptomathic
Ideal Voting Functionality
vote
vote
V1
…
F
A1
result
Vm
S
voting
…
An
result
Real Life
vote
vote
V1
…
Vm
A

voting
A1
result
…
An
result
Universal Composability
Real
vote
V1
vote
Z
… Vm
… An
result result
vote
V1
A
A1
Ideal
F
A1
vote
Z
… Vm
voting
… An
result result
S
Security Requirements
 Privacy
 Availability
 Authentication
 Verifiability
 Accuracy
 Incoercibility
 Robustness
 Hacker
protection
 Fairness





Homomorphic Threshold Encryption
Each voter: Epk(vote) + ZK proof + signature
Homomorphic property:
Epk(result)= Epk(vote1) *…* Epk(voten)
Threshold decryption:
Epk(result)
Authority 1
.
.
Authority n
result
Example
ElGamal-encryption:
pk = (q,p,g,h), q|p-1, g,h order q in Zp*
sk = x, h=gx mod p
yes-vote = 1, no-vote = 0
Each voter: (gr mod p, hrgv mod p) + ZK proof
Homomorphic property:
(gr1+…+rm mod p, hr1+…+rmgv1+…+vm mod p)
=
(gri mod p, hrigvi mod p)
Threshold decryption: Lagrange interpolation
 gv1+…+vm mod p, discrete log  v1+…+vm
Key Generation Functionality
public key
V1
F
A1
public key
…
Vm
key generation
…
public key
secret share
An
public key
secret share
A
Message Board Functionality
message
V1
…
F
A1
message
Vm
message board
…
Voters’ messages
Authority’s message
An
Voters’ messages
Authority’s message
A
Universal Composability
Hybrid
vote
V1
vote
… Vm
FKM
A1
Z
… An
result result
Ideal
vote
V1
A
vote
… Vm
Fvoting
A1
Z
… An
result result
S
The Simulator
S simulates A,V1,…,Vm,A1,…,An,
FKM and random oracle
vote
vote
V1
… Vm
FKM
A1
V1
… An
result
A
vote
… Vm
Fvoting
A1
Z
… An
result result
S
Results
Homomorphic threshold encryption voting
securely realizes Fvoting in the FKM-hybrid
model against non-adaptive adversaries
Homomorphic threshold encryption voting
does NOT securely realize Fvoting in the FKMhybrid model against adaptive adversaries
Modified homomorphic threshold encryption
voting securely realizes Fvoting in the FKMhybrid model against adaptive adversaries
Modified Voting Scheme
Each voter: Epk(vote) + ZK proof + signature
Delete vote and coins
Threshold decryption:
Epk(result) -> Epk(result)’ -> result
Delete coins
Thanks
Questions?

 Download  Report

Paperzz.com

Your Paperzz

© Copyright 2026 Paperzz