Long-term privacy in electronic voting systems

This PhD thesis focuses on lattice-based cryptography and how to apply it to build post-quantum online voting systems. It is the result of the research done by the author at Scytl in close collaboration with Dr. Paz Morillo, from the Department of Applied Mathematics at UPC and Ramiro Martínez, PhD...

Descripción completa

Detalles Bibliográficos
Autor: Costa Miranda, Núria
Tipo de recurso: tesis doctoral
Fecha de publicación:2021
País:España
Institución:Universitat Politècnica de Catalunya (UPC)
Repositorio:UPCommons. Portal del coneixement obert de la UPC
Idioma:inglés
OAI Identifier:oai:upcommons.upc.edu:2117/348913
Acceso en línea:https://hdl.handle.net/2117/348913
https://dx.doi.org/10.5821/dissertation-2117-348913
Access Level:acceso abierto
Palabra clave:Àrees temàtiques de la UPC::Matemàtiques i estadística
Descripción
Sumario:This PhD thesis focuses on lattice-based cryptography and how to apply it to build post-quantum online voting systems. It is the result of the research done by the author at Scytl in close collaboration with Dr. Paz Morillo, from the Department of Applied Mathematics at UPC and Ramiro Martínez, PhD student. As part of her work at the electronic voting company Scytl, the author has participated in the design of several electronic voting systems as well as in their implementation, by providing support to the development team. Nevertheless, all these systems use standard and well-known cryptographic primitives, i.e., not lattice-based primitives, to ensure that the security requirements are fulfilled. Due to this, one of the main challenges of this PhD has been to start researching on a field which was not familiar to the author and contribute to its state of the art. This has allowed the company to enter the post-quantum world by participating in a project which aims to implement a lattice-based online voting system. The thesis has the following contents: an introduction to the lattice theory by describing some of its basic concepts and the computational problems in which the security of lattice-based cryptosystems relies. In this first part it is also described in detail those cryptosystems that are used as building blocks of three new protocols proposed in the thesis: a lattice-based coercion-resistant cast-as-intended protocol, a post-quantum mix-net and a fully post-quantum proof of a shuffle. The former is the lattice version of an existing protocol and allows the voter to check that the vote cast contains the selected voting options. The second and third protocols are the result of the research on lattice-based mix-nets. Two constructions are proposed: the first one allows to demonstrate that a mix-node has permuted and re-encrypted a list of RLWE ciphertexts without modifying them, but it cannot be considered fully post-quantum since the binding property of the commitment scheme relies on classical computational problems. The second one is fully post-quantum since all the cryptographic schemes used for building it, i.e., commitment scheme and zero-knowledge proofs, are based on lattices. Last but not least, for this second proposal a security definition and a proof of security are also provided. Finally, the last part of the thesis consists of building a post-quantum online voting system using as building blocks the protocols already presented and existing lattice-based constructions. This system is considered secure under quantum attacks and provides long-term privacy. It also guarantees vote anonymity, vote authenticity, vote integrity, individual verifiability and receipt-freeness. The algorithms involved in each phase are described in detail as well as the interaction among the participants. An implementation of this system is not given as part of this thesis although a lattice-based online voting system based on that is already being implemented at the company.