Results 1 - 10
of
28
Civitas: Toward a secure voting system
- In IEEE Symposium on Security and Privacy
, 2008
"... Civitas is the first electronic voting system that is coercion-resistant, universally and voter verifiable, and suitable for remote voting. This paper describes the design and implementation of Civitas. Assurance is established in the design through security proofs, and in the implementation through ..."
Abstract
-
Cited by 92 (9 self)
- Add to MetaCart
(Show Context)
Civitas is the first electronic voting system that is coercion-resistant, universally and voter verifiable, and suitable for remote voting. This paper describes the design and implementation of Civitas. Assurance is established in the design through security proofs, and in the implementation through information-flow security analysis. Experimental results give a quantitative evaluation of the tradeoffs between time, cost, and security. 1.
A Verifiable Secret Shuffle of Homomorphic Encryptions
, 2003
"... We show how to prove in honest verifier zero-knowledge the correctness of a shuffle of homomorphic encryptions (or homomorphic commitments.) A shuffle consists in a rearrangement of the input ciphertexts and a reencryption of them so that the permutation is not revealed. Our scheme ..."
Abstract
-
Cited by 80 (7 self)
- Add to MetaCart
(Show Context)
We show how to prove in honest verifier zero-knowledge the correctness of a shuffle of homomorphic encryptions (or homomorphic commitments.) A shuffle consists in a rearrangement of the input ciphertexts and a reencryption of them so that the permutation is not revealed. Our scheme
A Distributed k-Anonymity Protocol for Location Privacy,” Centre for Applied Cryptographic Research
, 2008
"... Abstract—To benefit from a location-based service, a person must reveal her location to the service. However, knowing the person’s location might allow the service to re-identify the person. Location privacy based on k-anonymity addresses this threat by cloaking the person’s location such that there ..."
Abstract
-
Cited by 20 (2 self)
- Add to MetaCart
Abstract—To benefit from a location-based service, a person must reveal her location to the service. However, knowing the person’s location might allow the service to re-identify the person. Location privacy based on k-anonymity addresses this threat by cloaking the person’s location such that there are at least k − 1 other people within the cloaked area and by revealing only the cloaked area to a location-based service. Previous research has explored two ways of cloaking: First, have a central server that knows everybody’s location determine the cloaked area. However, this server needs to be trusted by all users and is a single point of failure. Second, have users jointly determine the cloaked area. However, this approach requires that all users trust each other, which will likely not hold in practice. We propose a distributed approach that does not have these drawbacks. Our approach assumes that there are multiple servers, each deployed by a different organization. A user’s location is known to only one of the servers (e.g., to her cellphone provider), so there is no single entity that knows everybody’s location. With the help of cryptography, the servers and a user jointly determine whether the k-anonymity property holds for the user’s area, without the servers learning any additional information, not even whether the property holds. A user learns whether the k-anonymity property is satisfied and no other information. The evaluation of our sample implementation shows that our distributed k-anonymity protocol is sufficiently fast to be practical. Moreover, our protocol integrates well with existing infrastructures for location-based services, as opposed to the previous research. I.
A 2-round anonymous veto protocol
- the 14th International Workshop on Security Protocols
, 2006
"... Abstract. The dining cryptographers network (or DC-net) is a seminal technique devised by Chaum to solve the dining cryptographers problem — namely, how to send a boolean-OR bit anonymously from a group of participants. In this paper, we investigate the weaknesses of DC-nets, study alternative metho ..."
Abstract
-
Cited by 18 (5 self)
- Add to MetaCart
(Show Context)
Abstract. The dining cryptographers network (or DC-net) is a seminal technique devised by Chaum to solve the dining cryptographers problem — namely, how to send a boolean-OR bit anonymously from a group of participants. In this paper, we investigate the weaknesses of DC-nets, study alternative methods and propose a new way to tackle this problem. Our protocol, Anonymous Veto Network (or AV-net), overcomes all the major limitations of DC-nets, including the complex key setup, message collisions and susceptibility to disruptions. While DC-nets are unconditionally secure, AV-nets are computationally secure under the Decision Diffie-Hellman (DDH) assumption. An AV-net is more efficient than other techniques based on the same public-key primitives. It requires only two rounds of broadcast and the least computational load and bandwidth usage per participant. Furthermore, it provides the strongest protection against collusion — only full collusion can breach the anonymity of message senders. 1
Practical and secure solutions for integer comparison
- In Public Key Cryptography (PKC’07), volume 4450 of LNCS
, 2007
"... Abstract. Yao’s classical millionaires ’ problem is about securely determining whether x> y, given two input values x, y, which are held as private inputs by two parties, respectively. The output x> y becomes known to both parties. In this paper, we consider a variant of Yao’s problem in which ..."
Abstract
-
Cited by 17 (2 self)
- Add to MetaCart
(Show Context)
Abstract. Yao’s classical millionaires ’ problem is about securely determining whether x> y, given two input values x, y, which are held as private inputs by two parties, respectively. The output x> y becomes known to both parties. In this paper, we consider a variant of Yao’s problem in which the inputs x, y as well as the output bit x> y are encrypted. Referring to the framework of secure n-party computation based on threshold homomorphic cryptosystems as put forth by Cramer, Damg˚ard, and Nielsen at Eurocrypt 2001, we develop solutions for integer comparison, which take as input two lists of encrypted bits representing x and y, respectively, and produce an encrypted bit indicating whether x> y as output. Secure integer comparison is an important building block for applications such as secure auctions. In this paper, our focus is on the two-party case, although most of our results extend to the multi-party case. We propose new logarithmic-round and constant-round protocols for this setting, which achieve simultaneously very low communication and computational complexities. We analyze the protocols in detail and show that our solutions compare favorably to other known solutions. Key words: Millionaires ’ problem; secure multi-party computation; homomorphic encryption. 1
Civitas: A Secure Remote Voting System
- In Proc. of Frontiers of Electronic Voting: Dagstuhl Seminar 07311, David Chaum, Miroslaw
, 2007
"... Civitas is the first implementation of a coercion-resistant, universally verifiable, remote voting scheme. This paper describes the design of Civitas, details the cryptographic protocols used in its construction, and illustrates how language-enforced information-flow security policies yield assuranc ..."
Abstract
-
Cited by 12 (2 self)
- Add to MetaCart
Civitas is the first implementation of a coercion-resistant, universally verifiable, remote voting scheme. This paper describes the design of Civitas, details the cryptographic protocols used in its construction, and illustrates how language-enforced information-flow security policies yield assurance in the implementation. The performance of Civitas scales well in the number of voters and offers reasonable tradeoffs between time, cost, and security. These results suggest that secure electronic voting is achievable. 1
Trivitas: Voters directly verifying votes
"... Abstract. Individual verifiability is the ability of an electronic voting system to convince a voter that his vote has been correctly counted in the tally. Unfortunately, in most electronic voting systems the proofs for individual verifiability are non-intuitive and, moreover, need trusted devices t ..."
Abstract
-
Cited by 11 (7 self)
- Add to MetaCart
(Show Context)
Abstract. Individual verifiability is the ability of an electronic voting system to convince a voter that his vote has been correctly counted in the tally. Unfortunately, in most electronic voting systems the proofs for individual verifiability are non-intuitive and, moreover, need trusted devices to be checked. Based on the remote voting system JCJ/Civitas, we propose Trivitas, a protocol that achieves direct and end-to-end individual verifiability, while at the same time preserving coercion-resistance. Our technical contributions rely on two main ideas, both related to the notion of credentials already present in JCJ/Civitas. Firstly, we propose the use of trial credentials, as a way to track and audit the handling of a ballot from one end of the election system to the other end, without increased complexity on the voter end. Secondly, due to indistinguishability of credentials from random values, we observe that the association between any credential and its corresponding vote can be made public at the end of the election process, without compromising coercion-resistance. The voter has more intuitive and direct evidence that her intended vote has not been changed and will be counted in the final tally.
Louis, Lester and Pierre: Three Protocols for Location Privacy
"... Abstract. Location privacy is of utmost concern for location-based services. It is the property that a person’s location is revealed to other entities, such as a service provider or the person’s friends, only if this release is strictly necessary and authorized by the person. We study how to achieve ..."
Abstract
-
Cited by 9 (0 self)
- Add to MetaCart
(Show Context)
Abstract. Location privacy is of utmost concern for location-based services. It is the property that a person’s location is revealed to other entities, such as a service provider or the person’s friends, only if this release is strictly necessary and authorized by the person. We study how to achieve location privacy for a service that alerts people of nearby friends. Here, location privacy guarantees that users of the service can learn a friend’s location if and only if the friend is actually nearby. We introduce three protocols—Louis, Lester and Pierre—that provide location privacy for such a service. The key advantage of our protocols is that they are distributed and do not require a separate service provider that is aware of people’s locations. The evaluation of our sample implementation demonstrates that the protocols are sufficiently fast to be practical. 1
Caveat Coercitor: coercion-evidence in electronic voting
"... Abstract—The balance between coercion-resistance, election verifiability and usability remains unresolved in remote electronic voting despite significant research over the last few years. We propose a change of perspective, replacing the requirement of coercion-resistance with a new requirement of c ..."
Abstract
-
Cited by 7 (3 self)
- Add to MetaCart
(Show Context)
Abstract—The balance between coercion-resistance, election verifiability and usability remains unresolved in remote electronic voting despite significant research over the last few years. We propose a change of perspective, replacing the requirement of coercion-resistance with a new requirement of coercionevidence: there should be public evidence of the amount of coercion that has taken place during a particular execution of the voting system. We provide a formal definition of coercion-evidence that has two parts. Firstly, there should be a coercion-evidence test that can be performed against the bulletin board to accurately determine the degree of coercion that has taken place in any given run. Secondly, we require coercer independence, that is the ability of the voter to follow the protocol without being detected by the coercer. To show how coercion-evidence can be achieved, we propose a new remote voting scheme, Caveat Coercitor, and we prove that it satisfies coercion-evidence. Moreover, Caveat Coercitor makes weaker trust assumptions than other remote voting systems, such as JCJ/Civitas and Helios, and has better usability properties. Keywords-Coercion resistance; coercion evidence; electronic voting; verifiable elections; security protocols; security models; usability I.
