An Implementation of a Universally Verifiable Electronic Voting Scheme Based on Shuffling

Furukawa, Yoshihiro; Miyauchi, Hiroshi; Obana, Satoshi; Sako, Kazue

doi:10.1007/3-540-36504-4_2

Cited by 31 publications

(37 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In the scheme of Furukawa et al [13], each mix-server not only re-encrypts and permutes its input, but also partially decrypts it. As a result, the final list L k essentially contains the plaintexts and no joint decryption step is needed.…”

Section: Mix-nets Based On Homomorphic Cryptosystemsmentioning

confidence: 99%

See 1 more Smart Citation

A Commitment-Consistent Proof of a Shuffle

Wikström

2009

Lecture Notes in Computer Science

View full text Add to dashboard Cite

We introduce a pre-computation technique that drastically reduces the online computational complexity of mix-nets based on homomorphic cryptosystems. More precisely, we show that there is a permutation commitment scheme that allows a mix-server to: (1) commit to a permutation and efficiently prove knowledge of doing so correctly in the offline phase, and (2) shuffle its input and give an extremely efficient commitment-consistent proof of a shuffle in the online phase.We prove our result for a general class of shuffle maps that generalize all known types of shuffles, and even allows shuffling ciphertexts of different cryptosystems in parallel.

show abstract

Section: Mix-nets Based On Homomorphic Cryptosystemsmentioning

confidence: 99%

“…Thus, most previous work on reducing the complexity, e.g. [21,14,18,13,30], focus on reducing the complexity of a particular proof of a shuffle. Some parts of these proofs can easily be pre-computed as well.…”

Section: Previous Work On Improving Efficiencymentioning

confidence: 99%

A Commitment-Consistent Proof of a Shuffle

Wikström

2009

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…There are two known approaches to proving a correct shuffle efficiently. These are introduced by Furukawa et al [19,20,21], and Neff [37,38] respectively. Groth [27] generalizes Neff's protocol to form an abstract protocol for any homomorphic cryptosystem.…”

Section: Previous Workmentioning

confidence: 99%

“…[38,20,49], the mix-servers form a chain, and each mix-server randomly permutes, partially decrypts, and re-encrypts the output of the previous mix-server. In older constructions decryption is instead carried out jointly at the end of the chain.…”

Section: A Sender Verifiable El Gamal Based Mix-netmentioning

confidence: 99%

A Sender Verifiable Mix-Net and a New Proof of a Shuffle

Wikström

2005

Lecture Notes in Computer Science

164

View full text Add to dashboard Cite

Abstract. We introduce the first El Gamal based mix-net in which each mix-server partially decrypts and permutes its input, i.e., no reencryption is necessary. An interesting property of the construction is that a sender can verify non-interactively that its message is processed correctly. We call this sender verifiability. The mix-net is provably UC-secure against static adversaries corrupting any minority of the mix-servers. The result holds under the decision Diffie-Hellman assumption, and assuming an ideal bulletin board and an ideal zero-knowledge proof of knowledge of a correct shuffle. Then we construct the first proof of a decryption-permutation shuffle, and show how this can be transformed into a zero-knowledge proof of knowledge in the UC-framework. The protocol is sound under the strong RSA-assumption and the discrete logarithm assumption. Our proof of a shuffle is not a variation of existing methods. It is based on a novel idea of independent interest, and we argue that it is at least as efficient as previous constructions.

show abstract

“…Secondly, some details of the proof (for example, the efficiency optimisation mechanism in [8]) are too complex to be easily understood or strictly analysed. Thirdly, the proofs in [6], [13] and [15] are not honest-verifier zero knowledge as pointed out in [10], [15] and [14]. So their privacy cannot be strictly and formally guaranteed.…”

Section: Introductionmentioning

confidence: 99%

Simple and Efficient Shuffling with Provable Correctness and ZK Privacy

Peng

Boyd

Dawson

2005

Advances in Cryptology – CRYPTO 2005

View full text Add to dashboard Cite

Abstract. A simple and efficient shuffling scheme containing two protocols is proposed. Firstly, a prototype, Protocol-1 is designed, which is based on the assumption that the shuffling party cannot find a linear relation of the shuffled messages in polynomial time. As application of Protocol-1 is limited, it is then optimised to Protocol-2, which does not need the assumption. Both protocols are simpler and more efficient than any other shuffling scheme with unlimited permutation. Moreover, they achieve provable correctness and ZK privacy.

show abstract

An Implementation of a Universally Verifiable Electronic Voting Scheme Based on Shuffling

Cited by 31 publications

References 14 publications

A Commitment-Consistent Proof of a Shuffle

A Commitment-Consistent Proof of a Shuffle

A Sender Verifiable Mix-Net and a New Proof of a Shuffle

Simple and Efficient Shuffling with Provable Correctness and ZK Privacy

Contact Info

Product

Resources

About