On privacy and anonymity in electronic and non electronic voting: the ballot-as-signature attack.

Abstract : A wealth of protocols for electronic voting have been proposed in the literature over the past years. What makes these protocols difficult to conceive and verify is one fundamental property, anonymity, which is of paramount importance in the real world, in particular when performing actual political elections. Historically, certain techniques have been used in actual elections to nullify anonymity and effectively coerce voters, by exploiting an evident weakness in many voting protocols; these techniques were used in traditional elections well before the notion of electronic voting was even proposed, yet, they still seem to be little known: as a consequence, we find recent proposals of voting protocols that can easily be attacked this way, like Rivest's ThreeBallot scheme, or clever attempts at formal definitions of privacy and anonymity properties that would not rule out such flawed protocols. In this paper, we describe one old technique, effectively used in Italy over twenty years ago, and show how the flaws or incompleteness in current protocols and formalization can be clearly exposed just through that simple idea. We also show how this very same simple attack can be effectively used today on US-style elections, regardless of the presence of a VVPB or VVPT. We hope that a wide circulation of this simple ideas will help design better protocols and formalization in the near future.
Type de document :
Pré-publication, Document de travail
Liste complète des métadonnées

Littérature citée [14 références]  Voir  Masquer  Télécharger

Contributeur : Roberto Di Cosmo <>
Soumis le : vendredi 29 juin 2007 - 14:07:47
Dernière modification le : jeudi 11 janvier 2018 - 06:17:48
Document(s) archivé(s) le : vendredi 25 novembre 2016 - 15:26:00


Fichiers produits par l'(les) auteur(s)


  • HAL Id : hal-00142440, version 2




Roberto Di Cosmo. On privacy and anonymity in electronic and non electronic voting: the ballot-as-signature attack.. 2007. 〈hal-00142440v2〉



Consultations de la notice


Téléchargements de fichiers