Improving Helios with Everlasting Privacy Towards the Public

In this paper we propose improvements on the Helios voting protocol such that the audit data published by the authority provides everlasting privacy, as opposed to the computational privacy provided currently. We achieve this with minor adjustments to the current implementation. For the homomorphic Helios variant we use Pedersen commitments to encode the vote, together with homomorphic encryption over a separate, private channel between the user and Helios server to send the decommitment values. For the mix-net variant we apply a recent result which shows that mixing with everlasting privacy is possible. Observe that we do not claim everlasting privacy towards the server, which, if dishonest, could try to break the homomorphic encryption scheme used in the private channel. Thus towards the authority the voter’s level of privacy is identical to what Helios currently offers. However, our protocol is much harder to attack by an outsider: apart from having to break the computational assumption, an adversary must intercept the communication between the voter and the server to violate ballot privacy of that voter. The feasibility of such an attack depends on the way both parties choose to implement this channel. Both contributions are generic in the sense that they can be applied to other voting protocols that use homomorphic tallying or mixnets.