Topic
ThreeBallot
About: ThreeBallot is a research topic. Over the lifetime, 29 publications have been published within this topic receiving 614 citations.
Papers
Proceedings Article•
6 Aug 2007TL;DR: Three new paper-based voting methods with interesting security properties are presented, including Floating Receipts, which is well-tuned to the security requirements of ThreeBallot-like schemes, and protocols for achieving them are examined.
Abstract: We present three new paper-based voting methods with interesting security properties. Our goal is to achieve the same security properties as recently proposed cryptographic voting protocols, but using only paper ballots and no cryptography. From a security viewpoint we get reasonably close, particularly for short ballots. However, our proposals should probably be considered as more "academic" than "practical."
In these proposals, not only can each voter verify that her vote is recorded as intended, but she gets a "receipt" she can take home that can be used later to verify that her vote is actually included in the final tally. But her receipt does not allow her to prove to anyone else how she voted. All ballots cast are scanned and published in plaintext on a "public bulletin board" (web site), so anyone may correctly compute the election result.
In ThreeBallot, each voter casts three paper ballots, with certain restrictions on how they may be filled out. These paper ballots are of course "voter-verifiable."
A voter receives a copy of one of her ballots as her "receipt", which she may take home. Only the voter knows which ballot she copied for her receipt. The voter is unable to use her receipt to prove how she voted or to sell her vote, as the receipt doesn't reveal how she voted.
A voter can check that the web site contains a ballot matching her receipt. Deletion or modification of ballots is thus detectable; so the integrity of the election is verifiable.
VAV is like ThreeBallot, except that the ballot-marking rules are different: one ballot may "cancel" another (VAV = Vote/Anti-Vote/Vote). VAV is better suited to - i.e. yields better security properties for - Plurality and preference (Borda, Condorcet, IRV) voting, while ThreeBallot is better suited for Approval and Range voting.
Finally, we introduce "Floating Receipts," wherein voters may take home a copy of another voter's ballot. (She doesn't know whose ballot, though.) Floating Receipts are well-tuned to the security requirements of ThreeBallot-like schemes, and we examine protocols for achieving them.
Our final voting system, Twin, is based almost entirely on Floating Receipts. Each voter casts a single ballot and takes home a single receipt. Twin is quite simple and close to being practical.
178 citations
1 Oct 2006
TL;DR: The attempt here is to see if one can achieve the same security properties of recently proposed cryptographic voting protocols, but without using any cryptography, using only paper ballots, and partially succeed.
Abstract: We present a new paper-based voting method with interesting security properties. The attempt here is to see if one can achieve the same security properties of recently proposed cryptographic voting protocols, but without using any cryptography, using only paper ballots. We partially succeed. (Initially, I thought the proposal accomplished this goal, but several readers discovered a vote-buying attack (see Section 4.4) that appears to be rather difficult to fix without making the resulting system much less usable in practice. Currently, this paper should thus be viewed more as an academic proposal than a practical proposal. Perhaps some variation on these ideas in this paper might still turn out to be of practical use. The “OneBallot with Exchanged Receipts” system sketched at the end of Section 5.3.1, looks particularly promising at the moment. . . ) The principles of ThreeBallot are simple and easy to understand. In this proposal, not only can each voter verify that her vote is recorded as she intended, but she gets a “receipt” that she can take home that can be used later to verify that her vote is actually included in the final tally. Her receipt, however, does not allow her to prove to anyone else how she voted. In this “ThreeBallot” voting system, each voter casts three paper ballots, with certain restrictions on how they may be filled out, so the tallying works. These paper ballots are of course “voter-verifiable.” All ballots cast are scanned and published on a web site, so anyone may correctly compute the election result. A voter receives a copy of one of her ballots as her “receipt”, which she may take home. Only the voter knows which ballot she copied for her receipt. The voter is unable to use her receipt to prove how she voted or to sell her vote, as the receipt doesn’t reveal how she voted. A voter can check that the web site contains a ballot ∗The latest version of this paper can always be found at http://theory.csail.mit.edu/~rivest/ Rivest-TheThreeBallotVotingSystem.pdf matching her receipt. Deletion or modification of ballots is thus detectable; so the integrity of the election is verifiable.
109 citations
TL;DR: This paper presents a simple and intuitive, yet widely applicable cryptographic definition of coercionresistance, in the style of game-based definitions, that allows to precisely measure the level of coercion-resistance a protocol provides.
Abstract: Coercion resistance is one of the most important and intricate security requirements for voting protocols. Several definitions of coercion resistance have been proposed in the literature, both in cryptographic settings and more abstract, symbolic models. However, unlike symbolic approaches, only very few voting protocols have been rigorously analyzed within the cryptographic setting. A major obstacle is that existing cryptographic definitions of coercion resistance tend to be complex and limited in scope: they are often tailored to specific classes of protocols or are too demanding.In this paper, we therefore present a simple and intuitive cryptographic definition of coercion resistance, in the style of game-based definitions. This definition allows us to precisely measure the level of coercion resistance a protocol provides. As the main technical contribution of this paper, we apply our definition to two voting systems, namely, the Bingo voting system and ThreeBallot. The results we obtain are out of the scope of existing approaches. We show that the Bingo voting system provides the same level of coercion resistance as an ideal voting system. We also precisely measure the degradation of the level of coercion resistance of the ThreeBallot voting system when the so-called short ballot assumption is not met and show that the level of coercion resistance this system provides is significantly lower than that of an ideal system even in the case of short ballots.
87 citations
Posted Content•
TL;DR: This paper raises awareness of a simple attack, which it is shown that, under reasonable trust assumptions, it applies to several e-voting systems that have been designed to provide verifiability, including the prominent Three Ballot and VAV voting systems and a variant of the Helios voting system.
Abstract: Verifiability is a central property of modern e-voting systems. Intuitively, verifiability means that voters can check that their votes were actually counted and that the published result of the election is correct, even if the voting machine/authorities are (partially) untrusted. In this paper, we raise awareness of a simple attack, which we call a clash attack, on the verifiability of e-voting systems. The main idea behind this attack is that voting machines manage to provide different voters with the same receipt. As a result, the voting authorities can safely replace ballots by new ballots, and by this, manipulate the election without being detected. This attack does not seem to have attracted much attention in the literature. Even though the attack is quite simple, we show that, under reasonable trust assumptions, it applies to several e-voting systems that have been designed to provide verifiability. In particular, we show that it applies to the prominent ThreeBallot and VAV voting systems as well as to two e-voting systems that have been deployed in real elections: the Wombat Voting system and a variant of the Helios voting system. We discuss countermeasures for each of these systems and for (various variants of) Helios provide a formal analysis based on a rigorous definition of verifiability. More precisely, our analysis of Helios is with respect to the more general and in the area of e-voting often overlooked notion of accountability.
72 citations
17 Jul 2010
TL;DR: This paper presents a simple and intuitive, yet widely applicable cryptographic definition of coercionresistance, in the style of game-based definitions, that allows to precisely measure the level of coercion-resistance a protocol provides.
Abstract: Coercion-resistance is one of the most important and intricate security requirements for voting protocols. Several definitions of coercion-resistance have been proposed in the literature, both in cryptographic settings and more abstract, symbolic models. However, unlike symbolic approaches, only very few voting protocols have been rigorously analyzed within the cryptographic setting. A major obstacle is that existing cryptographic definitions of coercion-resistance tend to be complex and limited in scope: They are often tailored to specific classes of protocols or are too demanding. In this paper, we therefore present a simple and intuitive, yet widely applicable cryptographic definition of coercionresistance, in the style of game-based definitions. This definition allows to precisely measure the level of coercion-resistance a protocol provides. As a proof of concept, we apply our definition to two voting systems, namely, the Bingo voting system and ThreeBallot. The results we obtain are out of the scope of existing approaches. We show that the Bingo voting system provides the same level of coercion-resistance as an ideal voting system. We also precisely measure the degradation of coercion-resistance of ThreeBallot in case the so-called short ballot assumption does not hold and show that the level of coercion-resistance ThreeBallot provides is significantly lower than that of an ideal system, even in case of short ballots.
59 citations
Related Topics (5)
Performance Metrics
| Year | Papers |
|---|---|
| 2021 | 1 |
| 2017 | 4 |
| 2016 | 1 |
| 2013 | 1 |
| 2012 | 2 |
| 2010 | 4 |