A secure end-to-end verifiable e-voting system using blockchain and cloud server

Abstract

We propose a cryptographic technique for an authenticated, end-to-end verifiable and secret ballot election. Currently, almost all verifiable e-voting systems require trusted authorities to perform the tallying process except for the DRE-i and DRE-ip systems. We have shown a weakness of the DRE-ip system and proposed a solution. We propose a secure and verifiable voter registration and authentication mechanism. The proposed scheme prevents ballot stuffing attack. We have modified the DRE-ip system so that no adversary can create and post a valid ballot on the public bulletin board without detection. We propose a method for publishing the final tally without revealing the tally from individual Direct-Recording Electronic (DRE) machines using secure multi-party computation and non-interactive zero-knowledge (NIZK) proof. We propose two methods to store these ballots using blockchain and cloud server. To the best of our knowledge, it is the first end-to-end verifiable DRE based e-voting system using blockchain. We provide security proofs to prove the security properties of the proposed scheme. We prove that the efficient NIZK proof proposed by Lin et al. in APSIPA ASC 2019 is not correct since it does not satisfy the witness indistinguishability property of a zero-knowledge proof. We introduce an improved NIZK proof that boosts the efficiency of the system. The experimental data obtained from our tests show the protocol’s potential for real-world deployment.