International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Traceable Receipt-Free Encryption

Authors:
Henri Devillez , UCLouvain
Thomas Peters , UCLouvain
Olivier Pereira , UCLouvain
Download:
Search ePrint
Search Google
Presentation: Slides
Conference: ASIACRYPT 2022
Abstract: CCA-like game-based security definitions capture confidentiality by asking an adversary to distinguish between honestly computed encryptions of chosen plaintexts. In the context of voting systems, such guarantees have been shown to be sufficient to prove ballot privacy (Asiacrypt'12). In this paper, we observe that they fall short when one seeks to obtain receipt-freeness, that is, when corrupted voters who submit chosen ciphertexts encrypting their vote must be prevented from proving how they voted to a third party. Since no known encryption security notion can lead to a receipt-free ballot submission process, we address this challenge by proposing a novel publicly verifiable encryption primitive coined Traceable Receipt-free Encryption (TREnc) and a new notion of traceable CCA security filling the definitional gap underlined above. We propose two TREnc instances, one generic achieving stronger guarantees for the purpose of relating it to existing building blocks, and a dedicated one based on SXDH. Both support the encryption of group elements in the standard model, while previously proposed encryption schemes aiming at offering receipt-freeness only support a polynomial-size message space, or security in the generic group model. Eventually, we demonstrate how a TREnc can be used to build receipt-free protocols, by following a standard blueprint.
BibTeX
@inproceedings{asiacrypt-2022-32515,
  title={Traceable Receipt-Free Encryption},
  publisher={Springer-Verlag},
  author={Henri Devillez and Thomas Peters and Olivier Pereira},
  year=2022
}