@inproceedings{e9ae2b9be59146a79d7435ae655addd1,
title = "On the Necessity of Auditing for Election Privacy in e-Voting Systems",
abstract = "The importance of voter auditing in order to ensure election integrity has been extensively studied in the e-voting literature. On the other hand, the necessity of auditing to protect voter privacy in an e-voting system has been mostly overlooked. In this work, we investigate election privacy issues that appear in the state-of-the-art implementations of e-voting systems that apply threshold public key encryption (TPKE) in the client like Helios and use a bulletin board (BB). More specifically, we show that without PKI support or -more generally- authenticated BB “append” operations, such systems are vulnerable to attacks where the malicious election server can act as a man-in-the-middle between the election trustees and the voters, hence it can learn how the voters have voted. We suggest compulsory trustee auditing as countermeasure for this type of man-in-the-middle attacks. Furthermore, we propose a list of guidelines to avoid some common, subtle, yet important problems that may appear during the implementation of any TPKE-based e-voting system.",
author = "Aggelos Kiayias and Thomas Zacharias and Bingsheng Zhang",
year = "2015",
month = dec,
doi = "10.1007/978-3-319-27164-4_1",
language = "English",
isbn = "978-3-319-27163-7",
series = "Lecture Notes in Computer Science (LNCS)",
publisher = "Springer",
pages = "3--17",
editor = "Katsikas, {Sokratis K.} and Sideridis, {Alexander B.}",
booktitle = "E-Democracy -- Citizen Rights in the World of the New Computing Paradigms: 6th International Conference, E-Democracy 2015, Athens, Greece, December 10-11, 2015, Proceedings",
address = "United Kingdom",
}