[Resource Topic] 2022/1132: Kryvos: Publicly Tally-Hiding Verifiable E-Voting

Welcome to the resource topic for 2022/1132

Kryvos: Publicly Tally-Hiding Verifiable E-Voting

Authors: Nicolas Huber, Ralf Kuesters, Toomas Krips, Julian Liedtke, Johannes Mueller, Daniel Rausch, Pascal Reisert, Andreas Vogt


Elections are an important corner stone of democratic processes. In addition to publishing
the final result (e.g., the overall winner), elections typically publish the full tally consisting of all
(aggregated) individual votes. This causes several issues, including loss of privacy for both voters and
election candidates as well as so-called Italian attacks that allow for easily coercing voters.

Several e-voting systems have been proposed to address these issues by hiding (parts of) the tally.
This property is called tally-hiding. Existing tally-hiding e-voting systems in the literature aim at
hiding (part of) the tally from everyone, including voting authorities, while at the same time offering
verifiability, an important and standard feature of modern e-voting systems which allows voters and
external observers to check that the published election result indeed corresponds to how voters actually
voted. In contrast, real elections often follow a different common practice for hiding the tally: the
voting authorities internally compute (and learn) the full tally but publish only the final result (e.g.,
the winner). This practice, which we coin publicly tally-hiding, indeed solves the aforementioned issues
for the public, but currently has to sacrifice verifiability due to a lack of practical systems.

In this paper, we close this gap. We formalize the common notion of publicly tally-hiding and propose the
first provably secure verifiable e-voting system, called Kryvos, which directly targets publicly tally-hiding
elections. We instantiate our system for a wide range of both simple and complex voting methods and
various result functions. We provide an extensive evaluation which shows that Kryvos is practical and
able to handle a large number of candidates, complex voting methods and result functions. Altogether,
Kryvos shows that the concept of publicly tally-hiding offers a new trade-off between privacy and
efficiency that is different from all previous tally-hiding systems and which allows for a radically new
protocol design resulting in a practical e-voting system.

ePrint: https://eprint.iacr.org/2022/1132

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .