Voting: You Can’t Have Privacy without Individual Verifiability

Abstract : Electronic voting typically aims at two main security goals: vote privacy and verifiability. These two goals are often seen as antagonistic and some national agencies even impose a hierarchy between them: first privacy, and then verifiability as an additional feature. Verifiability typically includes individual verifiability (a voter can check that her ballot is counted); universal verifiability (anyone can check that the result corresponds to the published ballots); and eligibility verifiability (only legitimate voters may vote). We show that actually, privacy implies individual verifiability. In other words, systems without individual verifiability cannot achieve privacy (under the same trust assumptions). To demonstrate the generality of our result, we show this implication in two different settings, namely cryptographic and symbolic models, for standard notions of privacy and individual verifiability. Our findings also highlight limitations in existing privacy definitions in cryptographic settings.
Document type :
Conference papers
Complete list of metadatas

Cited literature [23 references]  Display  Hide  Download

https://hal.inria.fr/hal-01900086
Contributor : Véronique Cortier <>
Submitted on : Saturday, October 20, 2018 - 9:49:48 PM
Last modification on : Tuesday, December 18, 2018 - 4:38:25 PM

File

CCS2018.pdf
Files produced by the author(s)

Identifiers

Collections

Citation

Véronique Cortier, Joseph Lallemand. Voting: You Can’t Have Privacy without Individual Verifiability. ACM CCS 2018 - 25th ACM Conference on Computer and Communications Security, Oct 2018, Toronto, Canada. ⟨10.1145/3243734.3243762⟩. ⟨hal-01900086⟩

Share

Metrics

Record views

66

Files downloads

35