Abstract
Electronic online voting has been piloted in various countries in the recent past. These experiments show that further research is required, to improve the security guarantees of such systems, in terms of vote confidentiality and integrity and validity verification. In this paper we argue that blockchain technology, combined with modern cryptography can provide the transparency, integrity and confidentiality required from reliable online voting. Furthermore, we present a decentralized online voting system implemented as a smart contract on the Ethereum blockchain. The system has no hardwired restrictions on possible vote assignments to candidates, protects voter confidentiality by using a homomorphic encryption system and stores proofs for each element of a vote. To the best of our knowledge, our proposed system is the first decentralized ranked choice online voting system in existence. The underlying Ethereum platform enforces the correct execution of the voting protocol. We also present a security and performance analysis, showing the feasibility of our proposed protocol for real-world voting applications at large scale.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Adida, B.: Helios: web-based open-audit voting. In: USENIX Security Symposium, vol. 17, pp. 335–348 (2008)
Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (2008)
ElGamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. In: Advances in Cryptology, pp. 10–18 (1984)
Lamport, L., Shostak, R., Pease, M.: The Byzantine generals. ACM Trans. Program. Lang. Syst. 4(3), 382–401 (1982)
Buterin, V.: A next-generation smart contract and decentralized application platform (2015). https://github.com/ethereum/wiki/wiki/White-Paper
Szabo, N.: Smart contracts: building blocks for digital markets. EXTROPY J. Transhumanist Thought 16 (1996)
Followmyvote.com. Introducing a secure and transparent online voting solution for the modern age: Follow My Vote (2016). https://followmyvote.com/
Hao, F., Ryan, P.Y., Zieliński, P.: Anonymous voting by two-round public discussion. IET Inf. Secur. 4(2), 62–67 (2010)
Groth, J.: Efficient maximal privacy in boardroom voting and anonymous broadcast. In: International Conference on Financial Cryptography, pp. 90–104 (2004)
Kiayias, A., Yung, M.: Self-tallying elections and perfect ballot secrecy. In: International Workshop on Public Key Cryptography, pp. 141–158 (2002)
Li, M., Sun, X., Wang, H., Zhang, Y., Zhang, J.: Privacy-aware access control with trust management in web service. World Wide Web 14(4), 407–430 (2011)
Kabir, M.E., Wang, H.: Conditional purpose based access control model for privacy protection. In: Proceedings of the Twentieth Australasian Conference on Australasian Database, vol. 92, pp. 135–142 (2009)
Kabir, M.E., Wang, H., Bertino, E.: A role-involved purpose-based access control model. Inf. Syst. Front. 14(3), 809–822 (2012)
McCorry, P., Shahandashti, S.F., Hao, F.: A smart contract for boardroom voting with maximum voter privacy. In: International Conference on Financial Cryptography and Data Security, pp. 357–375 (2017)
Schnorr, C.P.: Efficient signature generation by smart cards. J. Cryptol. 4(3), 161–174 (1991)
Sun, X., Li, M., Wang, H.: A family of enhanced (L, \(\alpha \))-diversity models for privacy preserving data publishing. Future Gener. Comput. Syst. 27(3), 348–356 (2011)
Sun, X., Wang, H.: Satisfying privacy requirements before data anonymization. Comput. J. 55(4), 422–437 (2012)
Sun, X., Wang, H., Li, J., Truta, T.M.: Enhanced p-sensitive k-anonymity models for privacy preserving data publishing. Trans. Data Priv. 1(2), 53–66 (2008)
Wang, H., Cao, J., Zhang, Y.: A flexible payment scheme and its role-based access control. IEEE Trans. Knowl. Data Eng. 17(3), 425–436 (2005)
Wang, H., Zhang, Y., Cao, J.: Effective collaboration with information sharing in virtual universities. IEEE Trans. Knowl. Data Eng. 21(6), 840–853 (2009)
Business Wire. Now you can vote online with a selfie. Business Wire (2016). http://www.businesswire.com/news/home/20161017005354/en/Vote-Online-Selfie
Yang, X., et al.: A verifiable ranked choice internet voting system. In: Bouguettaya, A., et al. (eds.) WISE 2017. LNCS, vol. 10570, pp. 490–501. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-68786-5_39
Yang, X., Yi, X., Nepal, S., Kelarev, A., Han, F.: A secure verifiable ranked choice online voting system based on homomorphic encryption. IEEE Access (2018)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Appendix
Appendix
In order to protect the privacy of the voters, each assigned point is encrypted (refer to Eq. 2) before submission. However, voters have to generate corresponding proofs to prove their votes are cast correctly by observing the following: 1. each encrypted score is computed correctly using the voter’s private key \(x^{c_j}_{v_i}\); 2. sum of all encrypted points are equaled to pre-defined total available point P.
Each Encrypted Value is Computed Correctly: We present the proofs generation and verification for an encrypted score in \(\text {Vote}_{v_1}\), where we assume \(v_1\) assigned 5 points to \(c_1\), and the encrypted value should be \(E(5, pk,y^{c_1}_{v_1}, x_{v_1}) = (c_1, c_2)\), where \(c_1 = (y^{c_1}_{v_1})^{x^{c_1}_{v_1}}\cdot g^{r}\), \(c_2 = g^{5}\cdot {pk}^{r}\):
Prover: generates a random number \(k_1,k_2 \in \mathbb {Z}_q\), computes \(K_1 = (y^{c_1}_{v_1})^{k_1}\cdot g^{k_2}\), computes \(K_2 = g^{k_1}\), \(c = Hash(K_1\Vert K_2)\), \(Z_1 = x^{c_1}_{v_1}c+k_1\), \(Z_2 = rc+k_2\). And ZKP(\(x^{c_1}_{v_i}\)) = \(\{K_1,K_2, Z_1, Z_2\}\)
Verifier: compute \(c= Hash(K_1\Vert K_2)\), verify if \((y^{c_1}_{v_1})^{Z_1}g^{Z_2} = K_1 \times (c_1)^{c}\), verify if \(g^{Z_1} = K_2 \times (g^{x^{c_1}_{v_i}})^{c}\), where \(y^{c_1}_{v_i}\) and \(g^{x^{c_1}_{v_i}}\) are public values, and the verifier(s) will never know the value is encrypted from 5.
Sum of All Encrypted Values is Equavelent to Encrypted from P: We present the proofs generation and verification for the sum of all encrypted points in \(\text {Vote}_{v_1}\), where we assume \(P=10\), and there are 3 candidates \(c_1, c_2\) and \(c_3\). Voter \(v_1\) cast a vote as:
Prover: multiply them as
We use \(c_1\) and \(c_2\) to denote \((y^{c_1}_{v_1})^{x^{c_1}_{v_1}} \cdot (y^{c_2}_{v_1})^{x^{c_2}_{v_1}} \cdot (y^{c_3}_{v_1})^{x^{c_3}_{v_1}}\cdot g^{r_4}\) and \(g^{10}\cdot {pk}^{r_4}\), respectively.
And then, compute \(z = \prod ^{n_c}_{j=1} (y^{c_j}_{v_1})^{x^{c_j}_{v_1}}\). In this case, \(z= (y^{c_1}_{v_1})^{x^{c_1}_{v_1}} \cdot (y^{c_2}_{v_1})^{x^{c_2}_{v_1}} \cdot (y^{c_3}_{v_1})^{x^{c_3}_{v_1}}\). Selects random numbers \(k_1,k_2,k_3 \in \mathbb {Z}_q\), computes \(K_1 = (y^{c_1}_{v_1})^{k_1}\cdot (y^{c_2}_{v_1})^{k_2} \cdot (y^{c_3}_{v_1})^{k_3}\), \(K_2 = g^{k_1}\), \(K_3 = g^{k_2}\), \(K_4 = g^{k_3}\), \(c = Hash(K_1\Vert K_2\Vert K_3\Vert K_4)\), \(Z_1 = x^{c_1}_{v_1}c+k_1\), \(Z_2 = x^{c_2}_{v_1}c+k_2\), \(Z_3 = x^{c_3}_{v_1}c+k_3\). And ZKP(z) = \(\{K_1,K_2,K_3,K_4, Z_1, Z_2, Z_3\}\).
Prove \(\dfrac{c_1}{z} (=g^{r_4})\) and \(\dfrac{c_2}{g^{10}} (=pk^{r_4})\) has the same exponentiation (refer to Sect. 3), select \(t\in Z\), compute \(T_1 = (g)^t\), compute \(T_2 = {pk}^t\), compute \(c = Hash(T_1||T_2)\), compute \(s = r_4 \cdot c + t\) (\(r_4\) in this case). ZKP(P) = \(\{T_1, T_2, s, z, \text {ZKP}(z)\}\).
Verifier: firstly verify z using \(\text {ZKP}(z)\), compute \(c = Hash(K_1\Vert K_2\Vert K_3)\), verify if \((y^{c_1}_{v_1})^{Z_1}(y^{c_2}_{v_1})^{Z_2}(y^{c_3}_{v_1})^{Z_3} = K_1 \times (z)^{c}\), verify if \((y^{c_1}_{v_1})^{Z_1} = K_1 \times (g^{x^{c_1}_{v_1}})^{c}\), verify if \((y^{c_2}_{v_1})^{Z_2} = K_2 \times (g^{x^{c_3}_{v_1}})^{c}\), verify if \((y^{c_3}_{v_1})^{Z_3} = K_3 \times (g^{x^{c_3}_{v_1}})^{c}\).
Secondly verify P using \(T_1, T_2, s\) and z, multiply \(E(5, \cdots ), E(2, \cdots )\) and \(E(3, \cdots )\) as \((c_1, c_2)\), compute \(c = Hash(T_1||T_2)\), verify if \(g^s = (\dfrac{c_1}{z})^c \cdot T_1\), verify if \({pk}^{s} = (\dfrac{c_2}{g^{10}})^c \cdot T_2\). Same as to verify \(\dfrac{c_1}{z}\) and \(\dfrac{c_2}{g^{10}}\) has the same exponentiation \(r_4\).
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Yang, X., Yi, X., Nepal, S., Han, F. (2018). Decentralized Voting: A Self-tallying Voting System Using a Smart Contract on the Ethereum Blockchain. In: Hacid, H., Cellary, W., Wang, H., Paik, HY., Zhou, R. (eds) Web Information Systems Engineering – WISE 2018. WISE 2018. Lecture Notes in Computer Science(), vol 11233. Springer, Cham. https://doi.org/10.1007/978-3-030-02922-7_2
Download citation
DOI: https://doi.org/10.1007/978-3-030-02922-7_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-02921-0
Online ISBN: 978-3-030-02922-7
eBook Packages: Computer ScienceComputer Science (R0)