a comprehensive analysis of quantum e voting protocols
play

A Comprehensive Analysis Of Quantum E-voting Protocols M. Arapinis, - PowerPoint PPT Presentation

Nov 15, 2022 •175 likes •478 views

A Comprehensive Analysis Of Quantum E-voting Protocols M. Arapinis, N. Lamprou, E. Kashefi, A. Pappa 29 August 2018 Electronic Voting compared to manual procedures, could provide: higher voter participation better accuracy enhanced

  1. A Comprehensive Analysis Of Quantum E-voting Protocols M. Arapinis, N. Lamprou, E. Kashefi, A. Pappa 29 August 2018

  2. Electronic Voting compared to manual procedures, could provide: ◮ higher voter participation ◮ better accuracy ◮ enhanced security guarantees ◮ verification of counting against untrusted authorities 2 / 20

  3. Electronic Voting is based on computational assumptions like integer factorization and discrete log. Why not use quantum mechanics to achieve better guarantees than classically possible, while attaining the same properties? 3 / 20

  4. Electronic Voting properties ◮ eligibility ◮ vote privacy ◮ no double-voting ◮ verifiability ◮ receipt-freeness 4 / 20

  5. Quantum Electronic Voting We have categorised the proposed protocols in 4 groups: 1. “Two measurement bases”-based protocols 2. Traveling ballot protocols 3. Distributed ballot protocols 4. “Conjugate coding”-based protocols 5 / 20

  6. “Two measurement bases”-based protocols The ballot is an entangled state, with the following property: ◮ when measured in the computational basis, the sum of outcomes is equal to zero. ◮ when measured in the Fourier basis, all outcomes are equal. 1 � | D 1 � = √ | i 1 �| i 2 � . . . | i N � m N − 1 � N k =1 i k =0 mod c [1] W. Huang, Q.-Y. Wen, B. Liu, Q. Su, S.-J. Qin, F. Gao, “Quantum anonymous ranking”, Physical Review A, vol. 89, no. 3, p. 032325, 2014. [2] Q. Wang, C. Yu, F. Gao, H. Qi, Q. Wen, “Self-tallying quantum anonymous voting”, Physical Review A, vol. 94, no. 2, p. 022333, 2016. 6 / 20

  7. “Two measurement bases”-based protocols Protocol: 1. States are shared and tested (cut-and-choose technique) 2. Remaining are measured to create an (almost) random matrix 3. Voters add their vote to a specific place in the matrix according to the result of measuring: 1 � | D 2 � = √ | i 1 �| i 2 � . . . | i N � N ! ( i 1 ,i 2 ,...,i N ) ∈P N and broadcast their column 4. Each vote is equal to the sum of the elements of a row in the matrix. 7 / 20

  8. The cut-and-choose technique ◮ An untrusted party shares N + N 2 δ states. ◮ Each voter checks 2 δ by asking the rest of the voters to measure half in computational and half in Hadamard. Theorem (Cut-and-choose) If an adversary shares the states and controls a fraction of the voters, then with non-negligible probability in δ , N corrupted states can pass the test. 8 / 20

  9. Traveling ballot protocols 1. The Tallier prepares two entangled qudits and sends one to travel from voter to voter. 2. All voters apply an operation to the “ballot” qudit and finally it is sent back to the Tallier. 3. The Tallier measures the whole state and computes the result (of the referendum in this case). [3] M. Hillery, M. Ziman, V. Buzek, M. Bielikova, “Towards quantum-based privacy and voting”, Physics Letters A, vol. 349, no. 1, pp. 75–81, 2006. [4] J. A. Vaccaro, J. Spring, A. Chefles, “Quantum protocols for anonymous voting and surveying”, Physical Review A, vol. 75, no. 1, p. 012333, 2007. [5] Y. Li, G. Zeng, “Quantum anonymous voting systems based on entangled state”, Optical review, vol. 15, no. 5, pp. 219–223, 2008. [6] M. Bonanome, V. Buzek, M. Hillery, M. Ziman, “Toward protocols for quantum-ensured privacy and secure voting”, Physical Review A, vol. 84, no. 2, p. 022331, 2011. 9 / 20

  10. Traveling ballot protocols Problems with privacy, double-voting and verifiability!! 10 / 20

  11. Distributed ballot protocols j =0 | j � ⊗ N to each voter. � D − 1 1 1. T sends one qudit of the state: | Φ � = √ D [6] M. Bonanome et al, Physical Review A, vol. 84, no. 2, p. 022331, 2011. 11 / 20

  12. Distributed ballot protocols j =0 | j � ⊗ N to each voter. � D − 1 1 1. T sends one qudit of the state: | Φ � = √ D 2. T also sends to each voter option qudits: � D − 1 1 j =0 e ijθ y | j � yes: | ψ ( θ y ) � = √ D � D − 1 1 j =0 e ijθ n | j � no: | ψ ( θ n ) � = √ D [6] M. Bonanome et al, Physical Review A, vol. 84, no. 2, p. 022331, 2011. 11 / 20

  13. Distributed ballot protocols j =0 | j � ⊗ N to each voter. � D − 1 1 1. T sends one qudit of the state: | Φ � = √ D 2. T also sends to each voter option qudits: � D − 1 1 j =0 e ijθ y | j � yes: | ψ ( θ y ) � = √ D � D − 1 1 j =0 e ijθ n | j � no: | ψ ( θ n ) � = √ D 3. Each voter appends the option qudit to the ballot and performs a measurement and a correction operation, and sends the ballot to T . [6] M. Bonanome et al, Physical Review A, vol. 84, no. 2, p. 022331, 2011. 11 / 20

  14. Distributed ballot protocols j =0 | j � ⊗ N to each voter. � D − 1 1 1. T sends one qudit of the state: | Φ � = √ D 2. T also sends to each voter option qudits: � D − 1 1 j =0 e ijθ y | j � yes: | ψ ( θ y ) � = √ D � D − 1 1 j =0 e ijθ n | j � no: | ψ ( θ n ) � = √ D 3. Each voter appends the option qudit to the ballot and performs a measurement and a correction operation, and sends the ballot to T . 4. (After corrections) T has the state: D − 1 1 � e ij ( mθ y +( N − m ) θ n ) | j � ⊗ 2 N √ | Ω m � = D j =0 [6] M. Bonanome et al, Physical Review A, vol. 84, no. 2, p. 022331, 2011. 11 / 20

  15. Distributed ballot protocols With an appropriate mesurement, T learns the outcome m of the referendum. ◮ Tampering with the option qudits to learn θ y and θ n is detected by running the protocol many times and checking if the outcome is the same. 12 / 20

  16. Distributed ballot protocols With an appropriate mesurement, T learns the outcome m of the referendum. ◮ Tampering with the option qudits to learn θ y and θ n is detected by running the protocol many times and checking if the outcome is the same. TRUE! 12 / 20

  17. Distributed ballot protocols With an appropriate mesurement, T learns the outcome m of the referendum. ◮ Tampering with the option qudits to learn θ y and θ n is detected by running the protocol many times and checking if the outcome is the same. TRUE! ◮ However, double-voting does not require learning the actual values θ y and θ n . 12 / 20

  18. Distributed ballot protocols: The d -transfer attack Let’s delve into more details about the protocol: ◮ θ v = (2 πl v /D ) + δ , where l v ∈ R { 0 , . . . , D − 1 } and δ ∈ R [0 , 2 π/D ) . ◮ l n is chosen such that N ( l y − l n mod D ) < D . ◮ The values l v , l y , δ are known only to T . ◮ T retrieves the outcome by applying a unitary to the received state: D − 1 D − 1 1 1 e ij ( mθ y +( N − m ) θ n ) | j � ⊗ 2 N → � � e 2 πijm ( l y − l n ) /D | j � ⊗ 2 N √ √ D D j =0 j =0 13 / 20

  19. Distributed ballot protocols: The d -transfer attack Observation 1: If l y − l n is known, then a malicious voter can transfer d votes from one option to the other. Observation 2: We can find the difference with overwhelming probability in the number N of voters 14 / 20

  20. Distributed ballot protocols: Finding l y − l n ◮ An adversary controls ǫN of the voters, who are (all but one) instructed to vote half “yes” and half “no”. ◮ Remaining votes are used to run Algorithm 1 15 / 20

  21. Distributed ballot protocols: Finding l y − l n Theorem (Observation 2) Algorithm 1 finds the difference l y − l n with overwhelming probability in N : 1 Pr [ Algo y − Algo n = l y − l n ] > 1 − exp(Ω( N )) Theorem (Efficiency) If the protocol runs less than exp(Ω( N )) times, then the attack succeeds with probability at least 25% . 16 / 20

  22. “Conjugate coding”-based protocols [7] T. Okamoto and Y. Tokunaga, “Quantum voting scheme based on conjugate coding”, NTT Technical Review, vol. 6, no. 1, pp. 18, 2008. [8] R. Zhou, L. Yang, “Distributed quantum election scheme”, arXiv:1304.0555 [quant-ph]. 1. EA creates one blank ballot for each voter. 17 / 20

  23. “Conjugate coding”-based protocols [7] T. Okamoto and Y. Tokunaga, “Quantum voting scheme based on conjugate coding”, NTT Technical Review, vol. 6, no. 1, pp. 18, 2008. [8] R. Zhou, L. Yang, “Distributed quantum election scheme”, arXiv:1304.0555 [quant-ph]. 1. EA creates one blank ballot for each voter. 2. Each voter re-randomizes it. 17 / 20

  24. “Conjugate coding”-based protocols [7] T. Okamoto and Y. Tokunaga, “Quantum voting scheme based on conjugate coding”, NTT Technical Review, vol. 6, no. 1, pp. 18, 2008. [8] R. Zhou, L. Yang, “Distributed quantum election scheme”, arXiv:1304.0555 [quant-ph]. 1. EA creates one blank ballot for each voter. 2. Each voter re-randomizes it. 3. Each voter encodes vote in the ballot and sends it to T . 17 / 20

  25. “Conjugate coding”-based protocols [7] T. Okamoto and Y. Tokunaga, “Quantum voting scheme based on conjugate coding”, NTT Technical Review, vol. 6, no. 1, pp. 18, 2008. [8] R. Zhou, L. Yang, “Distributed quantum election scheme”, arXiv:1304.0555 [quant-ph]. 1. EA creates one blank ballot for each voter. 2. Each voter re-randomizes it. 3. Each voter encodes vote in the ballot and sends it to T . 4. EA announces bases to T . 17 / 20

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Analysis of electronic voting protocols in applied pi calculus Mark Ryan University of

Analysis of electronic voting protocols in applied pi calculus Mark Ryan University of

Analysis of electronic voting protocols in applied pi calculus Mark Ryan University of Birmingham based on joint work with Ben Smyth Steve Kremer Mounira Kourjieh IFIP WG 1.3, Udine, Italy September 2009 Outline Electronic voting Applied

695 views • 30 slides
Quantum Cryptography 1. Fake Quantum Theory. 2. Simple Quantum Protocols. 3. More Fake Quantum

Quantum Cryptography 1. Fake Quantum Theory. 2. Simple Quantum Protocols. 3. More Fake Quantum

Contents: Quantum Cryptography 1. Fake Quantum Theory. 2. Simple Quantum Protocols. 3. More Fake Quantum Theory: Fake Tensor Products, Entanglement. 4. A Glance at Genuine Quantum Theory. 5. Quantum Computing, Shors

559 views • 8 slides
Electronic Voting Electronic voting at a precinct Analysis of an Internet Voting Focus

Electronic Voting Electronic voting at a precinct Analysis of an Internet Voting Focus

Electronic Voting Electronic voting at a precinct Analysis of an Internet Voting Focus is on preventing fraud on the part of Protocol people building and running system. Electronic voting over the internet Dale Neal Must

508 views • 5 slides
A Formal Taxonomy of Privacy in Voting Protocols Jannik Dreier, Pascal Lafourcade, Yassine

A Formal Taxonomy of Privacy in Voting Protocols Jannik Dreier, Pascal Lafourcade, Yassine

Introduction Definitions: Four Dimensions Analysis and Case Studies Conclusion A Formal Taxonomy of Privacy in Voting Protocols Jannik Dreier, Pascal Lafourcade, Yassine Lakhnech Universit Grenoble 1, CNRS, Verimag, France First IEEE

584 views • 44 slides
Vote-Independence: A Powerful Privacy Notion for Voting Protocols Jannik Dreier, Pascal

Vote-Independence: A Powerful Privacy Notion for Voting Protocols Jannik Dreier, Pascal

Introduction Intuitive Definitions Formal Definitions Analysis and Case Studies Conclusion Vote-Independence: A Powerful Privacy Notion for Voting Protocols Jannik Dreier, Pascal Lafourcade, Yassine Lakhnech Universit Grenoble 1, CNRS,

1.12k views • 58 slides
Large-Scale Electronic Voting Protocols Mike Carpenter Introduction What is meant by large-scale

Large-Scale Electronic Voting Protocols Mike Carpenter Introduction What is meant by large-scale

Large-Scale Electronic Voting Protocols Mike Carpenter Introduction What is meant by large-scale electronic voting protocol: Primarily Internet-based Users voting from their own devices (such as home PC/laptop) Aimed toward actual

721 views • 21 slides
Verifying Electronic Voting Protocols in the Applied Pi Calculus Mark Ryan University of

Verifying Electronic Voting Protocols in the Applied Pi Calculus Mark Ryan University of

Verifying Electronic Voting Protocols in the Applied Pi Calculus Mark Ryan University of Birmingham joint work with St ephanie Delaune and Steve Kremer LSV Cachan, France SoCS Seminar November 2007 Outline Electronic voting Electronic

763 views • 33 slides
OPEIU Local 407 Collective Bargaining Agreement COMPREHENSIVE PRESENTATION OF TENTATIVELY AGREED

OPEIU Local 407 Collective Bargaining Agreement COMPREHENSIVE PRESENTATION OF TENTATIVELY AGREED

OPEIU Local 407 Collective Bargaining Agreement COMPREHENSIVE PRESENTATION OF TENTATIVELY AGREED ARTICLES Electronic Voting Voting will open: You will be voting for or against contract ratification 2:00PM Friday Sept. 20 th Yes-

316 views • 28 slides
Analysis of Security Protocols Gavin Lowe Analysis of Security Protocols 02 Overview Brief

Analysis of Security Protocols Gavin Lowe Analysis of Security Protocols 02 Overview Brief

Analysis of Security Protocols 01 Analysis of Security Protocols Gavin Lowe Analysis of Security Protocols 02 Overview Brief introduction to security protocols; Model checking of security protocols, particularly using the process

1.28k views • 110 slides
Computer Aided Security : Cryptographic Primitives, Voting protocols, and Wireless Sensor

Computer Aided Security : Cryptographic Primitives, Voting protocols, and Wireless Sensor

Computer Aided Security: Cryptographic Primitives, Voting protocols, and Wireless Sensor Networks Computer Aided Security : Cryptographic Primitives, Voting protocols, and Wireless Sensor Networks Pascal Lafourcade November 6, 2012

624 views • 44 slides
Internet Voting Protocols with Everlasting Privacy Jeroen van de Graaf Joint work with Denise

Internet Voting Protocols with Everlasting Privacy Jeroen van de Graaf Joint work with Denise

Internet Voting Protocols with Everlasting Privacy Jeroen van de Graaf Joint work with Denise Demirel e Roberto Samarone jvdg@dcc.ufmg.br June 2012 Jeroen van de Graaf Joint work with Denise Demirel e Roberto Samarone Internet Voting Protocols

697 views • 40 slides
Exploiting symmetries when proving equivalence properties for security protocols Vincent Cheval,

Exploiting symmetries when proving equivalence properties for security protocols Vincent Cheval,

Exploiting symmetries when proving equivalence properties for security protocols Vincent Cheval, Steve Kremer, Itsaka Rakotonirina Inria Nancy Grand-Est Security protocols TLS Wifi @ PASS E-voting E-passport 2 24 Security protocols

830 views • 69 slides
for Post-Quantum Lattice-based Protocols Utsav Banerjee * , Tenzin S. Ukyab, Anantha P.

for Post-Quantum Lattice-based Protocols Utsav Banerjee * , Tenzin S. Ukyab, Anantha P.

Sapphire: A Configurable Crypto-Processor for Post-Quantum Lattice-based Protocols Utsav Banerjee * , Tenzin S. Ukyab, Anantha P. Chandrakasan * utsav@mit.edu Massachusetts Institute of Technology Post-Quantum Cryptography Current public key

911 views • 25 slides
Comprehensive Energy Analysis IGEN Comprehensive Energy Analysis Funding Information Funding

Comprehensive Energy Analysis IGEN Comprehensive Energy Analysis Funding Information Funding

Illinois Green Economy Network (IGEN) Comprehensive Energy Analysis IGEN Comprehensive Energy Analysis Funding Information Funding provided from the Illinois Department of Commerce and Economic Opportunity through a legislative

238 views • 13 slides
Improving Patient Outcomes through Clear Comprehensive Communication Protocols Rem Jackson, CEO

Improving Patient Outcomes through Clear Comprehensive Communication Protocols Rem Jackson, CEO

Improving Patient Outcomes through Clear Comprehensive Communication Protocols Rem Jackson, CEO Top Practices Rem@TopPractices.com Conflict of Interest Disclosure Rem Jackson is disclosing the following financial relationships. These

1.84k views • 145 slides
How about quantum computing? Bert de Jong wadejong@lbl.gov - 1 - What makes quantum computing

How about quantum computing? Bert de Jong wadejong@lbl.gov - 1 - What makes quantum computing

How about quantum computing? Bert de Jong wadejong@lbl.gov - 1 - What makes quantum computing so exciting? Speedups over classical computing Unbreakable encryption protocols Quantum simulation Efficient optimization

961 views • 47 slides
tss str s

tss str s

rs r r t tr tss str

743 views • 39 slides
Factoring integers, Producing primes and the RSA cryptosystem Harish-Chandra Research Institute

Factoring integers, Producing primes and the RSA cryptosystem Harish-Chandra Research Institute

HRI, Allahabad, February, 2005 0 RSA cryptosystem Factoring integers, Producing primes and the RSA cryptosystem Harish-Chandra Research Institute Allahabad (UP), INDIA February, 2005 Universit` a Roma Tre HRI, Allahabad, February, 2005 1

1.92k views • 170 slides
Agenda Susan Gunderman Mimi Dyer Lenora Nyeste 1. Rigor, Relevance and High School Reinvention

Agenda Susan Gunderman Mimi Dyer Lenora Nyeste 1. Rigor, Relevance and High School Reinvention

Model Schools 06 High School Reinvention - Focus on Instruction High School Reinvention www.peterpappas.com ~ Focus on Instruction High School Social Studies Teacher K-12 Program Director Assistant Superintendent Senior Consultant

277 views • 16 slides
electrons within the MST1 TCV15-1.3.5 project J. Decker, G. Papp, S. Coda, B. Duval, P.

electrons within the MST1 TCV15-1.3.5 project J. Decker, G. Papp, S. Coda, B. Duval, P.

2016 TCV experiments on runaway electrons within the MST1 TCV15-1.3.5 project J. Decker, G. Papp, S. Coda, B. Duval, P. Blanchard, D. Choi, C. Galperti, B. Labit, P. Marmillod, O. Sauter, U. Sheikh, D. Testa, D. Carnevale, B. Esposito, O.

585 views • 20 slides
Entrapping Nature Elham Kashefi University of Edinburgh UK Networked Quantum Information

Entrapping Nature Elham Kashefi University of Edinburgh UK Networked Quantum Information

Entrapping Nature Elham Kashefi University of Edinburgh UK Networked Quantum Information Technologies Hub CNRS, Pierre and Marie Curie University Paris Centre for Quantum Computing Profile of a Quantum Person Profile of a Quantum Person

1.16k views • 87 slides
Contrast #2: We are not like the poor widow. The widow had three obstacles to overcome: She was a

Contrast #2: We are not like the poor widow. The widow had three obstacles to overcome: She was a

MODERN PARABLES Part 4: The Widow and Judge 10.17.10 Jean reads Luke 18:1-8 ESV Movie: The Widow and Judge [16:08] Introduction: How many would admit to being discouraged from time to time? We have an expectation of how things are going to work

336 views • 4 slides
Results-Oriented Accountability for Grants: The Office of Management and Budget and the Future of

Results-Oriented Accountability for Grants: The Office of Management and Budget and the Future of

Results-Oriented Accountability for Grants: The Office of Management and Budget and the Future of Federal Grants Management Brette Fishman and Farrah Pappa BruMan Spring Forum May 8, 2019 Overview OMB AND G RANTS I NTRODUCTION TO THE P

368 views • 17 slides
BTRY 7210: Topics in Quantitative Genomics and Genetics Jason Mezey Biological Statistics and

BTRY 7210: Topics in Quantitative Genomics and Genetics Jason Mezey Biological Statistics and

BTRY 7210: Topics in Quantitative Genomics and Genetics Jason Mezey Biological Statistics and Computational Biology (BSCB) Department of Genetic Medicine jgm45@cornell.edu March 12, 2015 Lecture 4: What we can infer about eQTL and by

360 views • 15 slides

More recommend