Section: New Results

E-voting

Electronic voting typically aims at two main security goals: vote privacy and verifiability. Verifiability typically includes individual verifiability (a voter can check that his/her ballot is counted); universal verifiability (anyone can check that the result corresponds to the published ballots); and eligibility verifiability (only legitimate voters may vote). Cortier and Lallemand have shown that privacy actually implies individual verifiability. In other words, systems without individual verifiability cannot achieve privacy (under the same trust assumptions). To demonstrate the generality of the result, they show this implication in two different settings, namely cryptographic and symbolic models, for standard notions of privacy and individual verifiability. This also highlights limitations in existing privacy definitions in cryptographic settings. This work has been presented at CCS'18 [24].

Some modern e-voting systems take into account that the platform used for voting may be corrupted, e.g. infected by malware, yet aiming to ensure privacy and integrity of votes even in that case. Bursuc and Kremer, in collaboration with Dragan (Univ of Surrey) propose a new definition of vote privacy, formalized in the cryptographic model as a computational indistinguishability game. The definition captures both known and novel attacks against several voting schemes, and they propose a scheme that is provably secure in this setting. Moreover the proof is formalized and machine-checked in the EasyCrypt theorem prover  [45]. This result is currently under submission for publication.

Belenios is a voting platform designed by our team in collaboration with the Caramba research group at Inria Nancy. Cortier, in collaboration with Warinschi (Univ Bristol), Dragan and Dupressoir (Univ of Surrey), has developed a machine-checked security proof of both privacy and verifiability of Belenios, in the computational model. For this, a novel framework has been developed for proving strong verifiability in EasyCrypt. In the process, several aspects of the pen-and-paper proof of Belenios have been clarified, such as how to deal with revote policies. The framework and the security proofs have been presented at CSF'18 [21].

Turuani and Cortier, in collaboration with Galindo (Univ Birmingham), have analysed the e-voting protocol developed by the Scytl company and planned to be deployed in Switzerland. The formal analysis of both privacy and individual verifiability has been conducted in ProVerif. It required the development of a crafty encoding of the security properties in order to avoid the limitations of ProVerif in the presence of global states (here, no revoting). This first encoding yielded the preliminary ideas for the GSVerif tool mentioned in the previous section. Such a formal analysis is required by the Swiss Chancellerie and has been presented at EuroSP'18 [22].

Most existing voting systems either assume trust in the voting device or in the voting server. Filipiak, Lallemand, and Cortier proposed a novel Internet voting scheme, BeleniosVS, that achieves both privacy and verifiability against a dishonest voting server as well as a dishonest voting device. In particular, a voter does not leak her vote to her voting device and she can check that her ballot on the bulletin board does correspond to her intended vote. Additionally, our scheme guarantees receipt-freeness against an external adversary. A formal proof of privacy, receipt-freeness, and verifiability has been established using the tool ProVerif, covering a hundred cases of threat scenarios. Proving verifiability required the identification of a set of sufficient conditions, that can be handled by ProVerif  [47]. This contribution is of independent interest. This work is part of the PhD thesis [10] of Alicia Filipiak, defended in March 2018. A conference paper is under submission.