Abstracts

Internet voting has long been a topic both of public discussion and also of scientific research. While the introduction of Internet voting may bring many advantages, it is further important to ensure an adequate level of security of the systems and underlying schemes that are used for casting and tallying the votes in order to encourage faith and acceptance for this relatively new way of voting.A number of cryptographic schemes have been proposed, that enable secure Internet voting. One of the most established and well-researched solutions is the Helios scheme, which is also implemented as an open-source system. Both its implementation and the scheme behind it has been extensively studied in the literature, and the Helios system has been used for numerous elections in practice, such as the IACR elections. However, there are election settings for which Helios is currently not appropriate, either due to infrastructure demands, required functionality for the voters or assurance of the security requirements. These kinds of election settings could benefit from the advantages that secure Internet voting provides. In this thesis we identify the election settings not currently supported by Helios, propose our extensions for each one of these settings and evaluate their security. Hence, this work describes four Internet voting schemes that are build upon Helios, with each scheme developed towards a specific setting. The first scheme presented here enables elections within the so-called boardroom voting setting. This setting is characterized by its decentralization, whereby all the tasks within the election are distributively performed by the voters themselves, without the support of a centralized infrastructure. The election in the boardroom voting setting are further conducted in an ad-hoc manner, so that limited time is available for preparation beforehand. We propose an extension of Helios that distributes the tasks of the voting system components in Helios among the voters. For this, we use cryptographic primitives such as decentralized key exchange with short authentication strings, distributed secret sharing and distributed decryption and Byzantine agreement. The second scheme extends Helios with proxy voting functionality. Proxy voting, as a newly emerged form of voting, enables the voter to delegate her voting right in the election to a trusted third-party, the so-called proxy, who is authorized to vote on the voter's behalf. This extension facilitates such delegation while assuring the security for delegating voters and for the proxies and preserves the security guarantees provided by Helios for the voters who vote directly (instead of delegating). For ensuring the security of our extension, we introduce the so-called delegation credentials that are assigned to the voters and are used to compute anonymized delegation tokens sent to the proxies to enable delegation. We further use cryptographic primitives such as proofs of knowledge and signatures of knowledge. The third scheme combines theAdvisors/Committee Members: Volkamer, Melanie (advisor), Fischlin, Marc (advisor).