Is your vote truly secret? Ballot Secrecy iff Ballot Independence: Proving necessary conditions and analysing case studies
- URL: http://arxiv.org/abs/2311.12977v1
- Date: Tue, 21 Nov 2023 20:25:32 GMT
- Title: Is your vote truly secret? Ballot Secrecy iff Ballot Independence: Proving necessary conditions and analysing case studies
- Authors: Aida Manzano Kharman, Ben Smyth, Freddie Page,
- Abstract summary: We formalise definitions of ballot secrecy and ballot independence by Smyth, JCS'21 as indistinguishability games in the computational model of security.
Both Smyth, JCS'21 and Smyth, draft '21 improve on earlier works by considering a more realistic adversary model wherein they have access to the ballot collection.
- Score: 0.19116784879310028
- License: http://creativecommons.org/licenses/by-sa/4.0/
- Abstract: We formalise definitions of ballot secrecy and ballot independence by Smyth, JCS'21 as indistinguishability games in the computational model of security. These definitions improve upon Smyth, draft '21 to consider a wider class of voting systems. Both Smyth, JCS'21 and Smyth, draft '21 improve on earlier works by considering a more realistic adversary model wherein they have access to the ballot collection. We prove that ballot secrecy implies ballot independence. We say ballot independence holds if a system has non-malleable ballots. We construct games for ballot secrecy and non-malleability and show that voting schemes with malleable ballots do not preserve ballot secrecy. We demonstrate that Helios does not satisfy our definition of ballot secrecy. Furthermore, the Python framework we constructed for our case study shows that if an attack exists against non-malleability, this attack can be used to break ballot secrecy.
Related papers
- Improving the Computational Efficiency of Adaptive Audits of IRV Elections [54.427049258408424]
AWAIRE can audit IRV contests with any number of candidates, but the original implementation incurred memory and computation costs that grew superexponentially with the number of candidates.
This paper improves the algorithmic implementation of AWAIRE in three ways that make it practical to audit IRV contests with 55 candidates, compared to the previous 6 candidates.
arXiv Detail & Related papers (2024-07-23T13:28:00Z) - Publicly auditable privacy-preserving electoral rolls [0.32498796510544625]
We study the problem of designing publicly auditable yet privacy-preserving electoral rolls.
The audit can detect polling-day ballot stuffing and denials to eligible voters by malicious polling officers.
The entire electoral roll is never revealed, which prevents any large-scale systematic voter targeting and manipulation.
arXiv Detail & Related papers (2024-02-18T13:11:48Z) - The Decisive Power of Indecision: Low-Variance Risk-Limiting Audits and Election Contestation via Marginal Mark Recording [51.82772358241505]
Risk-limiting audits (RLAs) are techniques for verifying the outcomes of large elections.
We define new families of audits that improve efficiency and offer advances in statistical power.
New audits are enabled by revisiting the standard notion of a cast-vote record so that it can declare multiple possible mark interpretations.
arXiv Detail & Related papers (2024-02-09T16:23:54Z) - Learning to Manipulate under Limited Information [44.99833362998488]
We trained over 70,000 neural networks of 26 sizes to manipulate against 8 different voting methods.
We find that some voting methods, such as Borda, are highly manipulable by networks with limited information, while others, such as Instant Runoff, are not.
arXiv Detail & Related papers (2024-01-29T18:49:50Z) - The Still Secret Ballot: The Limited Privacy Cost of Transparent Election Results [0.0]
We show how an analyst unravels the secret ballot by uniquely linking votes on an anonymous ballot to the voter's name and address in the public voter file.
We conclude the ballot can be both public and still as secret as it is under typical reporting practices.
arXiv Detail & Related papers (2023-08-08T07:27:41Z) - Adaptively Weighted Audits of Instant-Runoff Voting Elections: AWAIRE [61.872917066847855]
Methods for auditing instant-runoff voting (IRV) elections are either not risk-limiting or require cast vote records (CVRs), the voting system's electronic record of the votes on each ballot.
We develop an RLA method that uses adaptively weighted averages of test supermartingales to efficiently audit IRV elections when CVRs are not available.
arXiv Detail & Related papers (2023-07-20T15:55:34Z) - Towards Secure Virtual Elections: Multiparty Computation of Order Based Voting Rules [5.156484100374059]
One of the main challenges in e-voting systems is to certify that the computed results are consistent with the cast ballots.
We propose a secure voting protocol for elections governed by order-based voting rules.
Our protocol offers perfect ballot secrecy, in the sense that it issues only the required output, while no other information on the cast ballots is revealed.
arXiv Detail & Related papers (2022-05-21T12:17:21Z) - Expected Frequency Matrices of Elections: Computation, Geometry, and
Preference Learning [58.23459346724491]
We use the "map of elections" approach of Szufa et al. (AAMAS 2020) to analyze several well-known vote distributions.
We draw the "skeleton map" of distributions, evaluate its robustness, and analyze its properties.
arXiv Detail & Related papers (2022-05-16T17:40:22Z) - Obvious Manipulability of Voting Rules [105.35249497503527]
The Gibbard-Satterthwaite theorem states that no unanimous and non-dictatorial voting rule is strategyproof.
We revisit voting rules and consider a weaker notion of strategyproofness called not obvious manipulability.
arXiv Detail & Related papers (2021-11-03T02:41:48Z) - Security Survey and Analysis of Vote-by-Mail Systems [0.0]
We examine the security of electronic systems used in the process of voting by mail, including online voter registration and online ballot tracking systems.
We find that online voter registration systems in some states have vulnerabilities that allow adversaries to alter or effectively prevent a voter's registration.
We additionally find that ballot tracking systems raise serious privacy questions surrounding ease of access to voter data.
arXiv Detail & Related papers (2020-05-18T02:18:15Z) - OpenVoting: Recoverability from Failures in Dual Voting [0.3903025330856987]
We consider the setting of emphdual voting protocols, where the cryptographic guarantees of end-to-end verifiable voting are combined with the simplicity of audit using voter-verified paper records (VVPR)
We first consider the design requirements of such a system and then suggest a protocol called emphOpenVoting, which identifies a verifiable subset of error-free votes consistent with the VVPRs, and the polling booths corresponding to the votes that fail to verify with possible reasons for the failures.
arXiv Detail & Related papers (2019-08-26T09:32:54Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.