90 likes | 103 Views
Explore the properties of voting systems, mixnets, and testing methodologies to optimize security and integrity. Discover the trade-offs between cryptographic and statistical soundness, and the impact of honest mixes on anonymity. Analyze open problems and potential solutions.
E N D
Voting System Properties • Most voting systems assume no collusion between more than one party for keys • Most voting systems require a consistency check by each voter for a small piece of the protocol • If 5-20% of voters check, the correctness of the entire protocol is determined by this weakest link
Choosing a Mixnet • If we can trade a mixnet that requires only one honest* mix for a mixnet that is faster but requires more than one honest mix: good trade for voting • If we can trade cryptographic soundness (1-ε) for statistical soundness (99%) and speed: good trade for voting * keep permutation private from other mixes
2 Such Mixnets Assuming re-encryption: Randomized Partial Checking [JJR02] Almost Entirely Correct Mixing [BG02] Open problem 1: others? Open problem 2: throw combinatorics at BG02
Mix Σ Σ
Necessary but not sufficient Mix Σ Σ
Mix Σ ≠ Σ
Properties Testing product of subsets is probabilistic: boost soundness by repeating Testing product of subsets reduces anonymity: repeating makes worst Adding additional honest mixes increases anonymity Optimize number of tests per mix and number of honest mixes to balance anonymity and soundness
Open Problem 2 Analysis in paper is tricky Complexity seems to result from using random coins Idea: throw a combinatorial design at the problem Choose random instance from a family of { ? } so that guarantees can be made by anonymity sets within mixes and with adjacent honest mixes