A distributed networked system for secure publicly verifiable self-tallying online voting

Abstract

For successful electronic voting (e-voting), it is critically important to ensure the security, privacy and verifiability of all steps. This paper uses Intel Software Guard Extensions (SGX) to achieve these goals and provide protection against malicious adversaries with administrative access. We introduce a Distributed SGX Networked System (DSGXNS). It connects one or several SGXs and the bulletin board of the election. We propose and investigate a DSGXNS-based secure, publicly verifiable and self-tallying online voting protocol. Each cast vote is uploaded to the DSGXNS via a secure communication channel built after a remote attestation. The validity of submissions is verified inside the SGX enclaves and legitimate votes are encrypted there. For end-to-end voter verification, a new encryption mechanism is proposed. It prevents confidentiality breaches and enables everyone to verify the validity of submissions and the outcome, which can be self-tallied using a homomorphic property. It maintains confidentiality because even the system administrators or malicious adversaries gaining administrative access cannot read data in the SGX enclaves. Every voter can verify all steps of the election and tally the cast ballots. Our theoretical analysis and experiments show that the protocol is secure and efficient.