ijiss International Journal of Information Security Science 2147-0030 Şeref SAĞIROĞLU Requirement Analysis of Some Blockchain-based E-voting Schemes Buyukbaskin Latif Anil Cybersecurity Engineering, Graduate School of Natural and Applied Sciences, Istanbul Sehir University, Turkey Sertkaya Isa MCS Labs & BCLabs, TUB¨ ˙ITAK B˙ILGEM UEKAE, Kocaeli, Turkey 12 01 2020 9 4 188 212 Copyright © 2012, International Journal of Information Security Science 2012 International Journal of Information Security Science

Today, developing technology is one of the most effective tools to make our lives easier. One of these developing technologies is blockchain that enables securely transferring digital assets between peers without requiring a trusted third party. In particular, blockchain poses new opportunities to effectively satisfy transparency, verifiability and anonymity for e-voting schemes. Based on recent proposals, it can be easily seen that applicability of blockchain technology for e-voting systems is actively researched. In this paper, we first summarized the set of e-voting requirements based on studies by Popoveniuc et al., Fujioka et al., Cranor et al., Benaloh et al., Juels et al. and etinkaya et al. In the light of these studies and requirement set, we analyzed recently proposed blockchain-based e-voting systems. As a result of these analyzes, one can determine that a mature blockchain based e-voting system that can meet all criteria has not been proposed yet. Particularly, we show that either the proposed schemes misses the basic requirements or does not fulfill these while claiming otherwise. Additionally, by simulating a large-scale election, we show that time complexity of e-voting schemes utilizing cryptocurrency blockchain such Bitcoin or Ethereum is impractical. Besides, we also emphasize new risks of utilizing public cryptocurrency blockchains for e-voting schemes. Accordingly, the readiness of blockchain-based e-voting has been discussed, from which it can be deduced that it would be more advantageous to research for e-voting specific blockchain technologies instead of utilizing existing cryptocurrency blockchains.

 Electronic voting e-voting blockchain cryptocurrencies security privacy [1] J. Benaloh and D. Tuinstra, “Receipt-free secret-ballot elections,” in STOC, vol. 94, 1994, pp. 544–553. [2] D. Chaum, “Blind signatures for untraceable payments,” in Advances in cryptology. Springer, 1983, pp. 199–203. [3] P. A. Rezende, “Electronic voting systems–is brazil ahead of its time,” RSA CryptoBytes, vol. 7, no. 2, 2004. [4] U. Madise and T. Martens, “E-voting in estonia 2005. the first ¨ practice of country-wide binding internet voting in the world,” Electronic voting, vol. 86, no. 2006, 2006. [5] J. Gerlach and U. Gasser, “Three case studies from switzerland: E-voting,” Berkman Center Research Publication No, vol. 3, p. 2009, 2009. [6] S. Wolchok, E. Wustrow, D. Isabel, and J. A. Halderman, “Attacking the washington, dc internet voting system,” in International Conference on Financial Cryptography and Data Security. Springer, 2012, pp. 114–128. [7] I. S. G. Stenerud and C. Bull, “When reality comes knocking norwegian experiences with verifiable electronic voting,” in 5th International Conference on Electronic Voting 2012 (EVOTE2012). Gesellschaft fur Informatik eV, 2012. ¨ [8] J. A. Halderman and V. Teague, “The new south wales ivote system: Security failures and verification flaws in a live online election,” in International conference on e-voting and identity. Springer, 2015, pp. 35–53. [9] S. J. Lewis, O. Pereira, and V. Teague, “Ceci nest pas une preuve,” 2019. [10] S. Popoveniuc, J. Kelsey, A. Regenscheid, and P. Vora, “Performance requirements for end-to-end verifiable elections,” in Proceedings of the 2010 International Conference on Electronic Voting Technology/Workshop on Trustworthy Elections (EVT/WOTE’10). Berkeley, CA, USA: USENIX Association, 2010, pp. 1–16. [Online]. Available: https://www.usenix.org/legacy/event/evtwote10/tech/ full papers/Popoveniuc.pdf [11] J. Benaloh, R. Rivest, P. Ryan, P. Stark, V. Teague, and P. Vora, “End-to-end verifiability,” arXiv preprint arXiv:1504.03778, 2015. [12] S. Nakamoto, “Bitcoin: A peer-to-peer electronic cash system,” https://bitcoin.org/bitcoin.pdf, 2008, (Accessed: 2019-02-18). [13] Z. Zhao and H. Chan, “How to vote privately using bitcoin,” in International Conference on Information and Communications Security. Springer, 2015, pp. 82–96. [14] A. B. Ayed, “A conceptual secure blockchain-based electronic voting system,” International Journal of Network Security & Its Applications, vol. 9, no. 3, pp. 01–09, 2017. [15] F. Sheer Hardwick, A. Gioulis, R. Naeem Akram, and K. Markantonakis, “E-voting with blockchain: An e-voting protocol with decentralisation and voter privacy,” in 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), 2018, pp. 1561–1567. [16] S. Gajek and M. Lewandowsky, “Trustless, censorship-resilient and scalable votings in the permission-based blockchain model.” [17] F. P. Hjalmarsson, G. Hreioarsson, M. Hamdaqa, and ´ G. Hjalmt ´ ysson, “Blockchain-based e-voting system,” in ` 2018 IEEE 11th International Conference on Cloud Computing (CLOUD). IEEE, 2018, pp. 983–986. [18] B. Shahzad and J. Crowcroft, “Trustworthy electronic voting using adjusted blockchain technology,” IEEE Access, vol. 7, pp. 24 477–24 488, 2019. [19] R. Tso, Z. Liu, and J. Hsiao, “Distributed e-voting and e-bidding systems based on smart contract,” Electronics, vol. 8, no. 4, p. 422, 2019. [20] D. Khoury, E. F. Kfoury, A. Kassem, and H. Harb, “Decentralized voting platform based on ethereum blockchain,” in 2018 IEEE International Multidisciplinary Conference on Engineering Technology (IMCET). IEEE, 2018, pp. 1–6. [21] C. K. Adiputra, R. Hjort, and H. Sato, “A proposal of blockchain-based electronic voting system,” in 2018 Second World Conference on Smart Trends in Systems, Security and Sustainability (WorldS4). IEEE, 2018, pp. 22–27. [22] A. Fujioka, T. Okamoto, and K. Ohta, “A practical secret votingscheme for large scale elections,” in Advances in Cryptology — AUSCRYPT ’92, J. Seberry and Y. Zheng, Eds. Berlin, Heidelberg: Springer Berlin Heidelberg, 1993, pp. 244–251. [23] L. F. Cranor and R. K. Cytron, “Sensus: a security-conscious electronic polling system for the internet,” in Proceedings of the Thirtieth Hawaii International Conference on System Sciences, vol. 3, Jan 1997, pp. 561–570 vol.3. [24] A. Juels, D. Catalano, and M. Jakobsson, “Coercion-resistant electronic elections,” in Proceedings of the 2005 ACM Workshop on Privacy in the Electronic Society, ser. WPES ’05. New York, NY, USA: ACM, 2005, pp. 61–70. [25] O. Cetinkaya and D. Cetinkaya, “Towards secure e-elections in Turkey: Requirements and principles,” in The Second International Conference on Availability, Reliability and Security (ARES’07), April 2007, pp. 903–907. [26] J. Cruz and Y. Kaji, “E-voting system based on the bitcoin protocol and blind signatures,” IPSJ Transactions on Mathematical Modeling and Its Applications, vol. 10, no. 1, pp. 14–22, 2017. [27] P. Tarasov and H. Tewari, “Internet Voting Using Zcash,” Cryptology ePrint Archive, Report 2017/585, 2017, https://eprint. iacr.org/2017/585. [28] Y. Wu, “An e-voting system based on blockchain and ring signature,” Master. University of Birmingham, 2017. [29] Y. Liu and Q. Wang, “An e-voting protocol based on blockchain,” Cryptology ePrint Archive, Report 2017/1043, 2017, https://eprint.iacr.org/2017/1043. [30] P. McCorry, S. F. Shahandashti, and F. Hao, “A smart contract for boardroom voting with maximum voter privacy,” in International Conference on Financial Cryptography and Data Security. Springer, 2017, pp. 357–375. [31] R. Alyoshkin, “Polys online voting system. whitepaper.” [Online]. Available: https://polys.me/assets/docs/Polys whitepaper. pdf [32] S. Heiberg, I. Kubjas, J. Siim, and J. Willemson, “On trade-offs of applying block chains for electronic voting bulletin boards,” E-Vote-ID 2018, p. 259, 2018. [33] F. Reid and M. Harrigan, “An analysis of anonymity in the bitcoin system,” in Security and privacy in social networks. Springer, 2013, pp. 197–223. [34] E. Ben-Sasson, A. Chiesa, C. Garman, M. Green, I. Miers, E. Tromer, and M. Virza, “Zerocash: Decentralized anonymous payments from bitcoin,” in 2014 IEEE Symposium on Security and Privacy, May 2014, pp. 459–474. [Online]. Available: https://doi.org/10.1109/SP.2014.36 [35] “Zcash user documentation, viewing key,” 2018, (accessed 04.2018). [Online]. Available: https://buildmedia.readthedocs. org/media/pdf/zcash/latest/zcash.pdf [36] R. Rivest, A. Shamir, and Y. Tauman, “How to leak a secret,” in Advances in Cryptology — ASIACRYPT 2001, C. Boyd, Ed. Berlin, Heidelberg: Springer Berlin Heidelberg, 2001, pp. 552– 565. [37] F. Hao, P. Ryan, and P. Zielinski, “Anonymous voting by two- ´ round public discussion,” IET Information Security, vol. 4, no. 2, pp. 62–67, 2010. [38] A. Kiayias and M. Yung, “Self-tallying elections and perfect ballot secrecy,” in International Workshop on Public Key Cryptography. Springer, 2002, pp. 141–158. [39] D. Khader, B. Smyth, P. Ryan, and F. Hao, “A fair and robust voting system by broadcast,” Lecture Notes in Informatics (LNI), Proceedings-Series of the Gesellschaft fur Informatik (GI), pp. 285–299, 2012. [40] A. Shamir, “How to share a secret,” Communications of the ACM, vol. 22, no. 11, pp. 612–613, 1979. [41] M. Moser, “Anonymity of bitcoin transactions,” 2013. [42] A. E. Gencer, S. Basu, I. Eyal, R. Van Renesse, and E. G. Sirer, “Decentralization in bitcoin and ethereum networks,” arXiv preprint arXiv:1801.03998, 2018. [43] “T.C. Yksek Seim Kurulu, SSS,” 2019, (accessed 05.2019). [Online]. Available: http://ysk.gov.tr/tr/sss/1523 [44] “Bitcoin Transaction Fees,” 2019, (accessed 19.08.2019). [Online]. Available: https://bitcoinfees.info [45] K. Wust and A. Gervais, “Do you need a blockchain?” in ¨ 2018 Crypto Valley Conference on Blockchain Technology (CVCBT). IEEE, 2018, pp. 45–54.