Auditing for privacy in threshold PKE e-voting

Research output: Contribution to journalArticlepeer-review


Purpose – This paper aims to investigate the importance of auditing for election privacy via issues that appear in the state-of-the-art implementations of e-voting systems that apply threshold public key encryption (TPKE) in the client such as Helios and use a bulletin board (BB).

Design/methodology/approach – Argumentation builds upon a formal description of a typical TPKE-based e-voting system where the election authority (EA) is the central node in a star network topology. The paper points out the weaknesses of the said topology with respect to privacy and analyzes how these
weaknesses affect the security of several instances of TPKE-based e-voting systems. Overall, it studies the importance of auditing from a privacy aspect.

Findings – The paper shows that without public key infrastructure (PKI) support or – more generally – authenticated BB “append” operations, TPKE-based e-voting systems are vulnerable to attacks where the malicious EA can act as a man-in-the-middle between the election trustees and the voters; hence, it can learn how the voters have voted. As a countermeasure for such attacks, this work suggests compulsory trustee auditing. Furthermore, it analyzes how lack of cryptographic proof verification affects the level of privacy that can be provably guaranteed in a typical TPKE e-voting system.

Originality/value – As opposed to the extensively studied importance of auditing to ensure election integrity, the necessity of auditing to protect privacy in an e-voting system has been mostly overlooked. This paper reveals design weaknesses present in noticeable TPKE-based e-voting systems that can lead to a total breach of voters’ privacy and shows how auditing can be applied for providing strong provable privacy guarantees.
Original languageEnglish
Pages (from-to)100-116
Number of pages17
JournalInformation and Computer Security
Issue number1
Publication statusPublished - 13 Mar 2017


  • Privacy
  • auditing procedures
  • E-Voting
  • Helios
  • Man-in-the-middle


Dive into the research topics of 'Auditing for privacy in threshold PKE e-voting'. Together they form a unique fingerprint.

Cite this