Jérôme Dossogne

Mental voting booths

In this paper, we introduce the notion of mental voting booths, i.e., a building block for voting schemes that provides remote voters with similar protection as that offered by physical voting booths, essentially protecting them from over-the-shoulder coercion attacks (shoulder-surfing). We introduce a framework to model voting booths and formulate a property of the modelled booths that is sufficient to ensure over-the-shoulder coercion resistance. Next, we propose an example of mental booth that is simple enough to be used by any voter without prior training and show that an execution of the remote booth in the presence of the adversary is equivalent to that execution in his absence (e.g., inside a physical booth). The only cost lies in the use of an untappable channel in order to transmit a piece of information before the voting phase. Mental booths also allow for the voter to safely delegate his own voice to an untrusted person while still being able to verify that the untrusted person followed his instructions while voting.

Secure and practical threshold RSA

This article describes a scheme that outputs RSA signatures using a threshold mechanism in which each share has a bitlength close to the bitlength of the RSA modulus. The scheme is proven unforgeable under the standard RSA assumption against an honest but curious adversary that has static corruption capabilities. Previous practical and provably secure schemes require to introduce a factor n! [33] and 2kt [15] in the exponent when computing the partial signatures, where n is the RSA modulus, t + 1 the threshold and k a fixed parameter. Our scheme requires only t + 1 modular exponentiations and l + 1 modular multiplications, with t the threshold and l the number of participants.

Blinded additively homomorphic encryption schemes for self-tallying voting

In this paper, we propose a self-tallying election protocol based public key homomorphic encryption. The additive homomorphism allows a set of participants (voters) to publish an encrypted value (ballot) and to compute the encrypted sum of all these values based on their ciphertexts. Our scheme has the particularity that anyone can decrypt the sum, but only once all participants have contributed to its computation. More precisely, the sum can be decrypted at all times, but remains blinded until all participants have contributed their vote, which contains a share of the unblinding key. Additionally, we propose an adaptation of Helios in order to provide self-tallying.