nach oben

International Journal of Information Security

Erschienen in:

03.09.2019 | Special Issue Paper

Chaintegrity: blockchain-enabled large-scale e-voting system with robustness and universal verifiability

verfasst von: Shufan Zhang, Lili Wang, Hu Xiong

Erschienen in: International Journal of Information Security | Ausgabe 3/2020

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Blockchain-enabled voting (BEV) systems have emerged as the next generation of modern electronic voting (e-voting) systems, because the immutable property of the blockchain has made itself a perfect distributed ballot box. Further, recent investigations have utilized the smart contract to build a decentralized autonomous voting application over blockchain. We identify nine critical desiderata, such as scalability, verifiability, and robustness, that a BEV system can and should achieve. However, we find that existing BEV systems violate at least one of the nine desiderata. In light of this deficiency, we propose a novel BEV system, named Chaintegrity, that fulfills all the specified desiderata. In addition, to make our system more cost-effective, we also propose a hybrid data structure which combines the counting Bloom filter and the Merkle hash tree for fast authentication. To enhance robustness, we as well introduce the code-voting technique as a component in our system. Our empirical results also show that our system achieves high efficiency and enjoys low computational and communication overhead.

Vorheriger Artikel Lockmix: a secure and privacy-preserving mix service for Bitcoin anonymity

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Nur mit Berechtigung zugänglich

It is also known as the double-spend problem, in terms of cryptocurrency and fintech.

So far, the highest transaction fee is up to 55.16 USD, which is reached at the end of 2017: https://bitinfocharts.com/comparison/bitcoin-transactionfees.html.

The smart contract is the script distributedly executed on all validation nodes. Thus, as regards the consistency of the blockchain, it is impossible for every node privately chooses the same random number.

This assumption is mitigated in Sect. 6.3.

Another possible detection on Alice’s registration trail is the transaction which smart contract sends back to Alice (in Step R6). This approach is executed on blockchain.

The partial decryption and combination algorithms refer to Appendix B.2. It is also noteworthy that a zero-knowledge proof \( ( R_{1}, R_{2}, e', z ) \leftarrow PoK_{cor}( C, {C_{i}}) \) generated by each election holder is published to ensure the correctness of the partial decryption.

In practice, the Cuckoo filters can be regarded as the substitutes of the counting Bloom filters. As for the comparison, one may consult [14, 28].

Adida, B.: Helios: web-based open-audit voting. In: USENIX Security Symposium, vol. 17, pp. 335–348 (2008)

Agora: Bringing voting systems into the digital age. https://www.agora.vote/. Accessed 30 March 2019

Alvarez, R.M., Levin, I., Li, Y.: Fraud, convenience, and e-voting: how voting experience shapes opinions about voting technology. J. Inf. Technol. Polit. 15(2), 94–105 (2018)CrossRef

Alves, J., Pinto, A.: On the use of the blockchain technology in electronic voting systems. In: International Symposium on Ambient Intelligence, pp. 323–330. Springer, Berlin (2018)

Androulaki, E., Barger, A., Bortnikov, V., Cachin, C., Christidis, K., De Caro, A., Enyeart, D., Ferris, C., Laventman, G., Manevich, Y., et al.: Hyperledger fabric: a distributed operating system for permissioned blockchains. In: Proceedings of the Thirteenth EuroSys Conference, p. 30. ACM (2018)

Bajak, F.: Apnewsbreak: Georgia election server wiped after suit filed. https://apnews.com/877ee1015f1c43f1965f63538b035d3f. Accessed 30 March 2019

Bartolucci, S., Bernat, P., Joseph, D.: Sharvot: secret share-based voting on the blockchain. In: Proceedings of the 1st International Workshop on Emerging Trends in Software Engineering for Blockchain, pp. 30–34. ACM (2018)

Baudron, O., Fouque, P.A., Pointcheval, D., Stern, J., Poupard, G.: Practical multi-candidate election system. In: Proceedings of the Twentieth Annual ACM Symposium on Principles of Distributed Computing, pp. 274–283. ACM (2001)

Benet, J.: IPFS-content addressed, versioned, P2P file system. arXiv preprint arXiv:1407.3561 (2014)

10.

Bentov, I., Kumaresan, R.: How to use Bitcoin to design fair protocols. In: Annual Cryptology Conference, pp. 421–439. Springer, Berlin (2014)

11.

Bistarelli, S., Mantilacci, M., Santancini, P., Santini, F.: An end-to-end voting-system based on Bitcoin. In: Proceedings of the Symposium on Applied Computing, pp. 1836–1841. ACM, New York (2017)

12.

Boneh, D., Franklin, M.: Efficient generation of shared RSA keys. In: Annual International Cryptology Conference, pp. 425–439. Springer, Berlin (1997)

13.

Bonneau, J., Clark, J., Goldfeder, S.: On Bitcoin as a public randomness source. IACR Cryptology ePrint Archive 2015, p. 1015 (2015)

14.

Breslow, A.D., Jayasena, N.S.: Morton filters: faster, space-efficient cuckoo filters via biasing, compression, and decoupled logical sparsity. Proc. VLDB Endow. 11(9), 1041–1055 (2018)CrossRef

15.

Cachin, C.: Architecture of the hyperledger blockchain fabric. In: Workshop on Distributed Cryptocurrencies and Consensus Ledgers, vol. 310 (2016)

16.

Chaieb, M., Yousfi, S., Lafourcade, P., Robbana, R.: Verify-your-vote: a verifiable blockchain-based online voting protocol. In: European, Mediterranean, and Middle Eastern Conference on Information Systems, pp. 16–30. Springer, Berlin (2018)

17.

Chaum, D.: Blind signatures for untraceable payments. In: Advances in Cryptology, pp. 199–203. Springer, Berlin (1983)

18.

Chaum, D., Essex, A., Carback, R., Clark, J., Popoveniuc, S., Sherman, A., Vora, P.: Scantegrity: end-to-end voter-verifiable optical-scan voting. IEEE Secur. Priv. 6(3), 40–46 (2008)CrossRef

19.

Chen, C.M., Wang, K.H., Yeh, K.H., Xiang, B., Wu, T.Y.: Attacks and solutions on a three-party password-based authenticated key exchange protocol for wireless communications. J. Ambient Intell. Human. Comput. 10(8), 3133–3142 (2018)CrossRef

20.

Chen, C.M., Xiang, B., Liu, Y., Wang, K.H.: A secure authentication protocol for internet of vehicles. IEEE Access 7, 12047–12057 (2019)CrossRef

21.

Chow, S.S., Liu, J.K., Wong, D.S.: Robust receipt-free election system with ballot secrecy and verifiability. In: NDSS, vol. 8, pp. 81–94 (2008)

22.

Croman, K., Decker, C., Eyal, I., Gencer, A.E., Juels, A., Kosba, A., Miller, A., Saxena, P., Shi, E., Sirer, E.G., et al.: On scaling decentralized blockchains. In: International Conference on Financial Cryptography and Data Security, pp. 106–125. Springer, Berlin (2016)

23.

Damgård, I., Koprowski, M.: Practical threshold RSA signatures without a trusted dealer. In: International Conference on the Theory and Applications of Cryptographic Techniques, pp. 152–165. Springer, Berlin (2001)

24.

DeMuro, J.: Here are the 10 sectors that blockchain will disrupt forever. https://www.techradar.com/news/here-are-the-10-sectors-that-blockchain-will-disrupt-forever. Accessed 30 March 2019

25.

Douceur, J.R.: The Sybil attack. In: International Workshop on Peer-to-Peer Systems, pp. 251–260. Springer, Berlin (2002)

26.

EOSIO: EOS.IO technical white paper v2. https://github.com/EOSIO/Documentation/blob/master/TechnicalWhitePaper.md. Accessed 30 March 2019

27.

Ethereum: A next-generation smart contract and decentralized application platform. https://github.com/ethereum/wiki/wiki/White-Paper. Accessed 30 March 2019

28.

Fan, B., Andersen, D.G., Kaminsky, M., Mitzenmacher, M.D.: Cuckoo filter: practically better than bloom. In: Proceedings of the 10th ACM International on Conference on Emerging Networking Experiments and Technologies, pp. 75–88. ACM, New York (2014)

29.

Fan, L., Cao, P., Almeida, J., Broder, A.Z.: Summary cache: a scalable wide-area web cache sharing protocol. IEEE/ACM Trans. Netw. 8(3), 281–293 (2000)CrossRef

30.

FollowMyVote: The online voting platform of the future. https://followmyvote.com/. Accessed 30 March 2019

31.

Fujioka, A., Okamoto, T., Ohta, K.: A practical secret voting scheme for large scale elections. In: International Workshop on the Theory and Application of Cryptographic Techniques, pp. 244–251. Springer, Berlin (1992)

32.

Garay, J., Kiayias, A., Leonardos, N.: The Bitcoin backbone protocol: analysis and applications. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 281–310. Springer, Berlin (2015)

33.

Gibson, J.P., Krimmer, R., Teague, V., Pomares, J.: A review of e-voting: the past, present and future. Ann. Telecommun. 71(7–8), 279–286 (2016)CrossRef

34.

Gramoli, V.: From blockchain consensus back to byzantine consensus. In: Future Generation Computer Systems (2017)

35.

Hao, F., Ryan, P.Y., Zieliński, P.: Anonymous voting by two-round public discussion. IET Inf. Secur. 4(2), 62–67 (2010)CrossRef

36.

Heiberg, S., Kubjas, I., Siim, J., Willemson, J.: On trade-offs of applying block chains for electronic voting bulletin boards. In: E-Vote-ID 2018, p. 259 (2018)

37.

Jiang, Q., Huang, X., Zhang, N., Zhang, K., Ma, X., Ma, J.: Shake to communicate: secure handshake acceleration-based pairing mechanism for wrist worn devices. IEEE Internet Things J. 6(3), 5618–5630 (2019)CrossRef

38.

Kokoris-Kogias, E., Jovanovic, P., Gasser, L., Gailly, N., Syta, E., Ford, B.: Omniledger: a secure, scale-out, decentralized ledger via sharding. In: 2018 IEEE Symposium on Security and Privacy (SP), pp. 583–598. IEEE (2018)

39.

Kshetri, N., Voas, J.: Blockchain-enabled e-voting. IEEE Softw. 35(4), 95–99 (2018)CrossRef

40.

Ltd., O.: Oraclize documentation. https://docs.oraclize.it/. Accessed 30 March 2019

41.

McCorry, P., Shahandashti, S.F., Hao, F.: A smart contract for boardroom voting with maximum voter privacy. In: International Conference on Financial Cryptography and Data Security, pp. 357–375. Springer, Berlin (2017)

42.

Mercuri, R.T.: On auditing audit trails. Commun. ACM 46(1), 17–20 (2003)CrossRef

43.

Merkle, R.C.: Protocols for public key cryptosystems. In: 1980 IEEE Symposium on Security and Privacy, pp. 122–122. IEEE (1980)

44.

Mitzenmacher, M.: Compressed bloom filters. IEEE/ACM Trans. Netw. 10(5), 604–612 (2002)MATHCrossRef

45.

Nishide, T., Sakurai, K.: Distributed Paillier cryptosystem without trusted dealer. In: International Workshop on Information Security Applications. pp. 44–60. Springer, Berlin (2010)

46.

Okamoto, T.: Provably secure and practical identification schemes and corresponding signature schemes. In: Annual International Cryptology Conference, pp. 31–53. Springer, Berlin (1992)

47.

Okamoto, T.: Receipt-free electronic voting schemes for large scale elections. In: International Workshop on Security Protocols, pp. 25–35. Springer, Berlin (1997)

48.

Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: International Conference on the Theory and Applications of Cryptographic Techniques, pp. 223–238. Springer, Berlin (1999)

49.

Park, S., Rivest, R.L.: Towards secure quadratic voting. Public Choice 172(1–2), 151–175 (2017)CrossRef

50.

Pawlak, M., Guziur, J., Poniszewska-Marańda, A.: Voting process with blockchain technology: auditable blockchain voting system. In: International Conference on Intelligent Networking and Collaborative Systems, pp. 233–244. Springer, Berlin (2018)

51.

Qin, Z., Sun, J., Wahaballa, A., Zheng, W., Xiong, H., Qin, Z.: A secure and privacy-preserving mobile wallet with outsourced verification in cloud computing. Comput. Stand. Interfaces 54, 55–60 (2017)CrossRef

52.

RANDAO: RANDAO: a DAO working as RNG of Ethereum. https://github.com/randao/randao/blob/master/README.md. Accessed 30 March 2019

53.

Ryan, P.Y., Bismark, D., Heather, J., Schneider, S., Xia, Z.: Prêt à voter: a voter-verifiable voting system. IEEE Trans. Inf. Forensics Secur. 4(4), 662–673 (2009)CrossRef

54.

Schnorr, C.P.: Efficient signature generation by smart cards. J. Cryptol. 4(3), 161–174 (1991)MATHCrossRef

55.

Scott, D.: North Carolina elections board orders new house election after ballot tampering scandal. https://www.vox.com/policy-and-politics/2019/2/21/18231981/north-carolina-election-fraud-new-nc-9-election. Accessed 30 March 2019

56.

Takabatake, Y., Kotani, D., Okabe, Y.: An anonymous distributed electronic voting system using Zerocoin (2016)

57.

Tian, H., Fu, L., He, J.: A simpler Bitcoin voting protocol. In: International Conference on Information Security and Cryptology, pp. 81–98. Springer, Berlin (2017)

58.

TIVI: TIVI powered by smartmatic and cybernetica—tivi.io. https://tivi.io/. Accessed 30 March 2019

59.

Wang, K.H., Mondal, S.K., Chan, K., Xie, X.: A review of contemporary e-voting: requirements, technology, systems and usability. Data Sci. Pattern Recogn. 1(1), 31–47 (2017)

60.

Xiong, H.: Cost-effective scalable and anonymous certificateless remote authentication protocol. IEEE Trans. Inf. Forensics Secur. 9(12), 2327–2339 (2014)CrossRef

61.

Xiong, H., Qin, Z.: Revocable and scalable certificateless remote authentication protocol with anonymity for wireless body area networks. IEEE Trans. Inf. Forensics Secur. 10(7), 1442–1455 (2015)CrossRef

62.

Xiong, H., Mei, Q., Zhao, Y.: Efficient and provably secure certificateless parallel key-insulated signature without pairing for IIoT environments. IEEE Syst. J. (2018). https://doi.org/10.1109/JSYST.2018.2890126 CrossRef

63.

Xiong, H., Zhang, H., Sun, J.: Attribute-based privacy-preserving data sharing for dynamic groups in cloud computing. IEEE Syst. J. (2018). https://doi.org/10.1109/JSYST.2018.2865221 CrossRef

64.

Xiong, H., Zhao, Y., Peng, L., Zhang, H., Yeh, K.H.: Partially policy-hidden attribute-based broadcast encryption with secure delegation in edge computing. Future Gener. Comput. Syst. 97, 453–461 (2019)CrossRef

65.

Yaga, D., Mell, P., Roby, N., Scarfone, K.: Blockchain Technology Overview. Technical report, National Institute of Standards and Technology (2018)

66.

Yang, X., Yi, X., Nepal, S., Han, F.: Decentralized voting: a self-tallying voting system using a smart contract on the Ethereum blockchain. In: International Conference on Web Information Systems Engineering, pp. 18–35. Springer, Berlin (2018)

67.

Yu, B., Liu, J.K., Sakzad, A., Nepal, S., Steinfeld, R., Rimba, P., Au, M.H.: Platform-independent secure blockchain-based voting system. In: International Conference on Information Security, pp. 369–386. Springer, Berlin (2018)

68.

Zagórski, F., Carback, R.T., Chaum, D., Clark, J., Essex, A., Vora, P.L.: Remotegrity: design and use of an end-to-end verifiable remote voting system. In: International Conference on Applied Cryptography and Network Security, pp. 441–457. Springer, Berlin (2013)

69.

Zhang, H., Deng, E., Zhu, H., Cao, Z.: Smart contract for secure billing in ride-hailing service via blockchain. Peer-to-Peer Netw. Appl. 12(5), 1346–1357 (2019)CrossRef

70.

Zhang, B., Zhou, H.S.: Statement voting. In: Financial Cryptography and Data Security 2019 (2018)

71.

Zhao, Z., Chan, T.H.H.: How to vote privately using Bitcoin. In: International Conference on Information and Communications Security, pp. 82–96. Springer, Berlin (2015)

72.

Zheng, H., Xue, M., Lu, H., Hao, S., Zhu, H., Liang, X., Ross, K.W.: Smoke Screener or Straight Shooter: Detecting Elite Sybil Attacks in User-Review Social Networks, NDSS (2018)

Titel: Chaintegrity: blockchain-enabled large-scale e-voting system with robustness and universal verifiability
verfasst von: Shufan Zhang
Lili Wang
Hu Xiong
Publikationsdatum: 03.09.2019
Verlag: Springer Berlin Heidelberg
Erschienen in: International Journal of Information Security / Ausgabe 3/2020
Print ISSN: 1615-5262
Elektronische ISSN: 1615-5270
DOI: https://doi.org/10.1007/s10207-019-00465-8

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 3/2020

Special issue on security and privacy of blockchain technologies

FOTB: a secure blockchain-based firmware update framework for IoT environment

On the insecurity of quantum Bitcoin mining

Lockmix: a secure and privacy-preserving mix service for Bitcoin anonymity

Secure hierarchical Bitcoin wallet scheme against privilege escalation attacks

An improved FOO voting scheme using blockchain