Paper 2006/259

Simplified Submission of Inputs to Protocols

Douglas Wikstrom

Abstract

Consider an electronic election scheme implemented using a mix-net; a large number of voters submit their votes and then a smaller number of servers compute the result. The mix-net accepts an encrypted vote from each voter and outputs the set of votes in sorted order without revealing the permutation used. To ensure a fair election, the votes of corrupt voters should be independent of the votes of honest voters, i.e., some type of non-malleability or plaintext awareness is needed. However, for efficiency reasons the servers typically expect inputs from some homomorphic cryptosystem, which is inherently malleable. In this paper we consider the problem of how non-malleability can be guaranteed in the submission phase and still allow the servers to start their computation with ciphertexts of the appropriate homomorphic cryptosystem. This can clearly be achieved using general techniques, but we would like a solution which is: (1) provably secure under standard assumptions, (2) non-interactive for the submitting parties, (3) very efficient for all parties in terms of computation and communication. We give the first solution to this problem which has all these properties. Our solution is surprisingly simple and can be based on various Cramer-Shoup cryptosystems. To capture its security properties we introduce a variation of CCA2-security.

Note: We prove somewhat stronger results and illustrate the use of submission secure augmented cryptosystem explicitly.

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. Unknown where it was published
Keywords
protocolsCCA2-securitymix-net
Contact author(s)
dog @ csc kth se
History
2007-10-01: last of 4 revisions
2006-08-02: received
See all versions
Short URL
https://ia.cr/2006/259
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2006/259,
      author = {Douglas Wikstrom},
      title = {Simplified Submission of Inputs to Protocols},
      howpublished = {Cryptology {ePrint} Archive, Paper 2006/259},
      year = {2006},
      url = {https://eprint.iacr.org/2006/259}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.