firoorg / aura-paper Goto Github PK
View Code? Open in Web Editor NEWThe technical paper for the Aura voting protocol
License: MIT License
The technical paper for the Aura voting protocol
License: MIT License
It appears to be the case that an adversary can resubmit a ballot to the bulletin board. This means the following scenario is possible:
Duplicate ballots should fail verification, which removes this attack vector.
The DeVoS voting protocol preprint (and perhaps other constructions as well) achieves its form of coercion resistance through the use of a posting authority. At the start of an election, the election authority (who distributes voter keys) signs a null ballot for each voter. During the election, a voter submits its ballot (and any updates to it) to the posting authority, who verifies and caches it.
At the end of predefined epochs throughout the election, if the posting authority has received a valid ballot from a voter, it posts it to the bulletin board. If it has not received a valid ballot from a voter, it generates a re-randomization of the voter's most recent ballot, and posts this to the bulletin board. The intent is for a coercer to be unable to distinguish these cases. To ensure this, ballot signatures are generated using a disjunction proof, which shows that either the ballot is signed by the voter, or that the ballot is a re-randomization of the previous ballot.
This has benefits and drawbacks.
Benefits include:
Drawbacks include:
A similar approach may work for Aura in a way that meets its primary goal of minimizing trust in authorities.
In this approach, ballot proofs are disjunctive, and show that either:
When a voter submits either its initial ballot or an updated ballot, it uses the former clause of the disjunction. Periodically, the updater examines the bulletin board and issues re-randomized ballots (based on linking tags) using the latter clause of the disjunction. It will likely be very important that this dual-submission approach, where voters still submit ballots directly to the bulletin board, does not leak metadata allowing observers to identify which ballots are likely to be submitted by the updater.
When the election ends, the tallying authorities discard all but the most recent ballot for each linking tag and proceed to tally as before.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.