摘要: |
电子投票系统被认为是现代生活中高效提供政府服务和进一步加强民主活力的方法。但是,现有构建电子投票系统的方法存在以下问题:第一,在面临贿选及胁迫的压力时,选民无法无视外在压力独立投票。其次,审计投票结果的实体可以在审计的同时获知有关投票内容的额外信息。为了解决上述两个问题,我们首次将可否认认证加密技术与身份基等式测试加密技术相结合,提出了一种支持等式测试的身份基可否认认证加密方案。该方案可以在第三方服务器不解密的情况下提供密文可比性,还能保证接收方验证发送方的身份的同时,不能向第三方证明信息来自发送方,从而保护发送方的隐私。该方案利用可否认认证加密技术在技术层面保证了选民独立投票的能力,并额外增加了身份基下的等式测试功能以确保审计机构在逻辑结构上拥有访问权限。在使用本方案的电子投票系统中,审计机构在审计投票结果的同时,不获得有关选票的任何其他信息。我们证明了我们的方案在随机预言模型中是安全的,并且可以在电子投票系统中确保不可胁迫性和可审计性。该方案与已有相关方案相比,在开销和安全性能均有较好表现的同时,实现了更为丰富的功能。此外,我们使用所提出的密码学方案设计了一个安全的电子投票系统,其安全特性可以很好地保护电子投票系统中的选民自由和公平性。 |
关键词: 电子投票|不可胁迫性|可审计性|可否认认证加密|身份基密码体制|等式测试 |
DOI:10.19363/J.cnki.cn10-1380/tn.2023.09.08 |
投稿时间:2022-02-05修订日期:2022-04-11 |
基金项目:本课题得到国家自然科学基金(No. U1936101, No. 61902054)资助。 |
|
Identity-based deniable authenticated encryption with equality test and its application to e-voting system |
YAO Tianang,XIONG Hu |
School of Information and Software Engineering, University of Electronic Science and Technology of China, Chengdu 610054, China;Network and Data Security Key Laboratory of Sichuan Province(University of Electronic Science and Technology of China), Chengdu 610054, China;Department of Computer Science and Technology Nanjing University, Nanjing 210023, China |
Abstract: |
E-voting is considered an approach to further strengthen the provision of government services and the vibrancy of democracy effectively in modern life. However, the existing methods to build an e-voting system have the following issues: First, when facing the pressure of vote-buying and extortion, voters may have no way to cast their votes alone, under no pressure. Second, the entities who can audit the voting results may learn additional information about the content of the ballot during the audit phase. To handle the above two issues, we first integrated the functionalities called deniable authenticated encryption and identity-based encryption with equality test, and we have proposed an identity-based deniable authenticated encryption with equality test scheme (IB-DAE-ET). This scheme not only can provide ciphertext comparability without decryption executed by the third-party server, and can also ensure that the receiver cannot prove to the third party that the information comes from the sender while verifying the identity of the sender. Hence, our scheme is able to protect the sender's privacy. This novel scheme utilizes deniable authenticated encryption to technically guarantee the ability of voters to vote independently, and we add the primitive called identity-based encryption with equality test to ensure audit agencies have logical access to audit the voting results. In e-voting systems that apply this scheme, the audit institution does not obtain any other information about the ballot while auditing the voting results. We prove that our scheme is secure in the random oracle model and can ensure uncoercibility and accountability in the e-voting system. Compared with the existing related schemes, this scheme achieves more abundant functionalities while having better performance in overhead and security properties. Furthermore, we design a secure e-voting system using the proposed deniable authenticated encryption with equality test scheme, which properties can guarantee the freedom and fairness of the e-voting system. |
Key words: electronic voting|uncoercibility|accountability|deniable authenticated encryption|identity-based cryptography|equality test |