VSPReP: Verifiable, Secure and Privacy-Preserving Remote Polling with Untrusted Computing Devices

Qureshi, Amna; Megías, David; Rifà-Pous, Helena

doi:10.1007/978-3-319-94421-0_5

VSPReP: Verifiable, Secure and Privacy-Preserving Remote Polling with Untrusted Computing Devices

Amna Qureshi¹¹,
David Megías¹¹ &
Helena Rifà-Pous¹¹

Conference paper
First Online: 16 June 2018

911 Accesses
2 Citations

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 878))

Abstract

Internet-based polling systems allow voters to cast their votes at any time during the polling period, from any Internet-connected computing device anywhere in the world. Security is an important feature of such systems that should address inherent concerns, such as secrecy of vote, anonymity and unlinkability of voter, voter coercion, secrecy of intermediate results, verifiability, auditability, and poll integrity. Another major concern is that an infected voting device with a malicious program (e.g., virus, malware) could take control over the vote casting process and make unauthorized and potentially undetected modifications to the voter’s voting choices, and, hence, should not be trusted. In this paper we present VSPReP, a verifiable, secure and privacy-preserving remote polling (e-poll) system, which provides vote’s privacy and poll integrity, prevents double voting, enables multiple voting (within the allowed polling period), and achieves verifiability (cast-as-intended and tallied-as-recorded) and uncoercibility in the presence of an untrusted voting device. This paper presents a general design of VSPReP and describes its workflow during three polling phases: pre-polling, polling and post-polling. It also analyzes the security properties of VSPReP and evaluates its performance in terms of computational and cryptographic costs. The experimental results show that the average time a voter takes to cast his/her vote is less than 45 secs, thus demonstrating the practicality of VSPReP.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

Adida, B.: Helios: web-based open-audit voting. In: SS 2008, pp. 335–348 (2008)
Google Scholar
Allepuz, J.P., Castelló, S.G.: Cast-as intended verification in Norway. In: EVOTE 2012, pp. 49–63 (2012)
Google Scholar
Allepuz, J.P., Castelló, S.G.: Internet voting system with cast as intended verification. In: Kiayias, A., Lipmaa, H. (eds.) Vote-ID 2011. LNCS, vol. 7187, pp. 36–52. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32747-6_3
Chapter Google Scholar
B\(\ddot{o}\)ck, J.: RSA-PSS provable secure RSA signatures and their implementation (2011). https://rsapss.hboeck.de/rsapss.pdf
Benaloh, J., Rivest, R., Ryan, P.Y.A., Stark, P., Teague, V., Vora, P.: End-to-end verifiability (2013). https://www.microsoft.com/en-us/research/publication/end-end-verifiablity/
Brelle, A., Truderung, T.: Cast-as-intended mechanism with return codes based on PETs. In: Krimmer, R., Volkamer, M., Braun Binder, N., Kersting, N., Pereira, O., Schürmann, C. (eds.) E-Vote-ID 2017. LNCS, vol. 10615, pp. 264–279. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-68687-5_16
Chapter Google Scholar
Chaum, D., Pedersen, T.P.: Wallet databases with observers. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 89–105. Springer, Heidelberg (1993). https://doi.org/10.1007/3-540-48071-4_7
Chapter Google Scholar
Fiat, A., Shamir, A.: How to prove yourself: practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987). https://doi.org/10.1007/3-540-47721-7_12
Chapter Google Scholar
Galindo, D., Guasch, S., Puiggalí, J.: 2015 Neuchâtel’s cast-as-intended verification mechanism. In: Haenni, R., Koenig, R.E., Wikström, D. (eds.) VOTELID 2015. LNCS, vol. 9269, pp. 3–18. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-22270-7_1
Chapter Google Scholar
Gennaro, R., Jarecki, S., Krawczyk, H., Rabin, T.: Secure distributed key generation for discrete-log based cryptosystems. J. Cryptol. 20(1), 51–83 (2007)
Article MathSciNet Google Scholar
Gjøsteen, K.: The Norwegian internet voting protocol. In: Kiayias, A., Lipmaa, H. (eds.) Vote-ID 2011. LNCS, vol. 7187, pp. 1–18. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32747-6_1
Chapter Google Scholar
Joaquim, R., Ribeiro, C., Ferreira, P.: VeryVote: a voter verifiable code voting system. In: Ryan, P.Y.A., Schoenmakers, B. (eds.) Vote-ID 2009. LNCS, vol. 5767, pp. 106–121. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04135-8_7
Chapter Google Scholar
Krawczyk, H., Bellare, M., Canetti, R.: HMAC: keyed-hashing for message authentication (1997). https://tools.ietf.org/html/rfc2104
Mulligan, G.: Has the time now come for internet voting? (2017). http://www.bbc.com/news/business-39955468
Naor, M., Pinkas, B., Reingold, O.: Distributed pseudo-random functions and KDCs. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 327–346. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48910-X_23
Chapter Google Scholar
Qureshi, A., Megías, D., Rifà, H.: Framework for preserving security and privacy in P2P content distribution systems. ESWA 42(3), 1391–1408 (2015)
Google Scholar
Ryan, P.Y.A., Bismark, D., Heather, J., Schneider, S., Xia, Z.: Prêt à voter: a voter-verifiable voting system. IEEE Trans. Inf. Forensic Secur. 4(4), 662–673 (2009)
Article Google Scholar
Schneider, A., Meter, C., Hagemeister, P.: Survey on remote electronic voting. CoRR (2017). http://arxiv.org/abs/1702.02798
Schnor, C.P.: Efficient signature generation by smart cards. J. Cryptol. 4(3), 161–174 (1991)
MATH Google Scholar
Terelius, B., Wikström, D.: Proofs of restricted shuffles. In: Bernstein, D.J., Lange, T. (eds.) AFRICACRYPT 2010. LNCS, vol. 6055, pp. 100–113. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-12678-9_7
Chapter Google Scholar

Download references

Acknowledgment

This work was partly funded by the INCIBEC-2015-02491 “Ayudas para la excelencia de los equipos de investigacin avanzada en ciberseguridad” and TIN2014-57364-C2-2-R “SMARTGLACIS”.

Author information

Authors and Affiliations

Internet Interdisciplinary Institute (IN3), Universitat Oberta de Catalunya (UOC), Barcelona, Spain
Amna Qureshi, David Megías & Helena Rifà-Pous

Authors

Amna Qureshi
View author publications
You can also search for this author in PubMed Google Scholar
David Megías
View author publications
You can also search for this author in PubMed Google Scholar
Helena Rifà-Pous
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Amna Qureshi .

Editor information

Editors and Affiliations

Deakin University, Burwood, Victoria, Australia
Robin Doss
Information Systems and Operations Management, University of Florida, Gainesville, Florida, USA
Selwyn Piramuthu
Information and Operations Management, ESCP Europe, Paris, France
Wei Zhou

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Qureshi, A., Megías, D., Rifà-Pous, H. (2018). VSPReP: Verifiable, Secure and Privacy-Preserving Remote Polling with Untrusted Computing Devices. In: Doss, R., Piramuthu, S., Zhou, W. (eds) Future Network Systems and Security. FNSS 2018. Communications in Computer and Information Science, vol 878. Springer, Cham. https://doi.org/10.1007/978-3-319-94421-0_5

Download citation

DOI: https://doi.org/10.1007/978-3-319-94421-0_5
Published: 16 June 2018
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-94420-3
Online ISBN: 978-3-319-94421-0
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics