A multicandidate electronic voting scheme with unlimited participants
Abstract
In this paper a new multicandidate electronic voting scheme is constructed with unlimited participants.
The main idea is to express a ballot to allow voting for up to out of the candidates and unlimited participants.
The purpose of vote is to select more than one winner among candidates.
Our result is complementary to the result by Sun peiyong s scheme, in the sense, their scheme is not amenable for largescale electronic voting due to flaw of ballot structure.
In our scheme the vote is split and hidden, and tallying is made for encoding in decimal base without any trusted third party, and the result does not rely on any traditional cryptography or computational intractable assumption.
Thus the proposed scheme not only solves the problem of ballot structure, but also achieves the security including perfect ballot secrecy, receiptfree, robustness, fairness and disputefreeness.
Keywords: electronic voting; ballot structure; encoding
1 Introduction
Electronic voting plays an important role in the cryptographic applications. In recent years, the traditional voting has been gradually replaced by electronic voting. An evoting scheme is a set of protocols that allow a collection of voters to cast their votes, while enabling a collection of authorities to collect the voters, compute the final tally, and communicate the final tally that is checked by tallyclerk. Generally evoting protocols adopt the group signature [1], verifiable password sharing, homomorphic encryption [2] and limited commitment protocol, etc. In 1981, the first evoting is proposed by Chaum D [3]. In 1996, Cramer [4] posed the problem of multicandidate vote. Based on the ElGamal homomorphic encryption, Cramer el al. [5] proposed a electronic voting scheme. However, this scheme is difficult to avoid the situation that same voters repeatedly vote, and it cannot achieve the evoting. In 2001, Damgard el al. [6] proposed a voting scheme based on the Paillier system, while it has the same problem as the Cramer scheme. In 2006, a multicandidate evoting scheme (called ZhongHuang scheme) was proposed by Zhong et al [7]. The scheme adopted a secure sum protocol [8, 9, 10] to achieve the voting scheme and solve the problem as the Cramer scheme. Nevertheless, by analysis, ZhongHuang scheme has a flaw that the flaw could disclose the information of voters due to the ballot construction. To overcome the flaw, in 2012, a secure evoting scheme with multicandidate (called SunLiu scheme) was proposed by Sun et al [11].The scheme achieves the perfect ballot secrecy by adopting the random number to blind the vote. However, this scheme is only suitable for smallscale voting due to the flaw of ballot construction.
In this paper, a multicandidate electronic voting scheme with unlimited participants was proposed by using the encoding to tally vote. Firstly the identity of candidate is masked by using prime number and the process is operated in decimal. Then the ballot of voter and random number are distributed to other voters by secure channel. Finally the result is computed by every voter and is broadcasted to all participants. In this protocol, every voter can tally to achieve the fairness and unlimited participants, perfect ballot secrecy, receiptfree, robustness and disputefreeness.
In section 2, a brief introduction of coding is introduced and some conditions and properties are defined. The scheme of SunLiu is presented in detail and a simple example is given in Section 3. In section 4 the new scheme is presented in detail and the experimental results are shown in section 5. Section 6 gives the performance analysis of the presented scheme. The conclusions are described in Section 7.
2 Preliminary knowledge
2.1 coding
In 1931, used a system based on prime factorization and assigned a unique natural number to each basic symbol in the formal language of arithmetic. To encode an entire formula, the following system was used by .
Given a sequence of positive integers, the encoding of the sequence is the product of the primes raised to their corresponding values in the sequence: .
According to the fundamental theorem of arithmetic, any number (and, in particular, a number obtained in this way) can be uniquely factored into prime factors, so it is possible to recover the original sequence from its numbers (for any given number n of symbol to be encoded).
2.2 Basic definition
 Definition 1:

In the protocol, the semihonest person fully obeys the regulation of evoting. However the semihonest person could collect all records and try to infer information of other voters in the acting process. This semihonest person is also called the passive attacker.In this paper, involved members are assumed to be semihonest members.
 Definition 2:

The evoting scheme with unlimited participants is called secure and feasible, if it satisfies the following properties.
(1) Unlimited participants: The evoting scheme allows for unlimited participants.
(2) Perfect ballot secrecy: If there are voters have been colluded among voters, voters only get their own vote and cannot get the voting result of other voters.
(3) Receiptfree: Voters are unable to provide his vote to outside world and the vote data cannot be proved to other people.
(4) Robustness: Voters cannot interrupt the normal process of the protocol.
(5) Fairness: All voters can get the voting result, and a single individual cannot tally in advance.
(6) Disputefreeness: Any voter can verify the correctness of the result and can test the honesty of voters.
3 Sun  Liu Scheme and Analysis of applicability
3.1 SunLiu scheme
In SunLiu scheme, voters are set with equal status, same rights, and were registered before the vote. There are candidates , and the ballot format is . The bit length is , the last bit is , and the remaining bits are . , so the total bit length is . The value of depends on the wish of voters. Only when voters agree with the candidate, ; otherwise . The voting scheme is divided into three stages: voting, casting, and tallying. The ballot format is shown in Table 1 .
Candidate  Ballot Format 

(1) Voting
makes a vote for candidates in the electronic vote. The value of is or . Then according to the binary sequence, gets a decimal number .
(2) Casting
randomly selects a decimal and gets . Then is divided into smaller integers , such that . is sent to other voters by a secure channel[12][13]. calculates after receiving the random numbers .Then calculates .
(3) Tallying
is broadcasted to the other voters. Then calculates the sum . from:
.
Finally, is able to get the binary sequence from ,then the binary sequence is intercepted in every bits. The voting result of is obtained.
3.2 Example: 7 voters vote for 3 candidates
The example of 7 voters vote for 3 candidates is used to explain the SunLiu scheme. The scheme is divided into 3 steps.
(1) Voting
The voting result is shown in Table 2

Candidate  Vote  

Voter  A  B  C  Binary  Decimal 
001  000  001  001000001  65  
000  000  001  000000001  1  
001  000  000  001000000  64  
000  001  001  000001001  9  
001  001  001  001001001  73  
000  001  000  000001000  8  
000  001  000  000001000  8 
(2) Casting
Step 1: Selecting a random number and calculate from:
The result is shown in Table 3



65  1  64  9  73  8  8  
10  12  2  6  11  25  6  
75  13  66  15  84  33  14 
Step 2: is divided into seven smaller subdigits by and is sent to other voters. The transfer matrix is shown in Figure.1
Step 3: Calculate the sum of th list from:
Here is an element of divided in Figure.1.
Step 4: Calculate the result of derandomization from:
Step 5: Broadcast , the result is shown in Table 4.



42  46  42  40  45  42  43  
10  12  2  6  11  25  6  
32  34  40  34  34  17  37 
(3) Tallying
he amount of votes is ,then sequence is got from 228 and is intercepted in every 3 bits. So the voting result of A, B, and C are 3, 4, and 4 respectively.
3.3 Adaptive analysis of SunLiu scheme
In SunLiu scheme, the bit length of vote is , when , the bit length will lead to more consumption of computing time. So in , the method is low efficiency. If , the binary bit length is , the situation has more consumption of computing time than .
4 A multicandidate electronic voting scheme with unlimited participants
In view of the boundedness of the SunLiu scheme, the ballot structure is improved to achieve the aim of unlimited participants by the multiplication in the finite field ( is a big prime). The process is following:
(1) Voting
(a total of primes) are respectively identities of candidates. Voter makes vote for candidates. If the candidate is agreed, selects the prime which represents the identity of candidate, otherwise the number ï¿½ï¿½1ï¿½ï¿½ is selected instead.
(2) Casting
randomly selects arbitrary primes to be regarded random number in the primes. sends to other voters by secure channel, where consists of the selected prime, , and . receives from voters, and the process could be showed by transfer matrix Figure.2.
(3) Tallying
gets the result by calculating ( is inverse element of ) and broadcast to by secure channel. calculates the product after receiving other results, namely , the sequence is the voting result of corresponding candidate respectively.
5 Example
5.1 Example 1
7 voters vote for 3 candidates
(1) Voting
The situation of vote is shown in Table 5

Select  

Voter  2  3  5  Random number 
2  1  5  2,3  
1  1  5  3,5  
2  1  1  5  
1  3  5  3  
2  3  5  2,5  
1  3  1  2,3  
1  3  1  2,3 
(2) Casting
Step 1: gets data and broadcasts to other voters by secure channel. The transfer matrix is shown in Figure.3.
Step 2: After calculating the product of list and broadcasts to other voters, the result is :
(3) Tallying
The amount of vote is , so the voting result of are 3, 4, 4 respectively.
5.2 Example 2
1000 voters vote for 9 candidates
(1) Voting
The voting situation is shown in Table 6

Select  
Voter  2  3  5  7  11  13  17  Random number 
2  1  1  7  1  13  1  2,3,5  
1  1  5  7  1  1  1  3,7,17  
⋮  ⋮  ⋮  ⋮  ⋮  ⋮  ⋮  ⋮  ⋮ 
1  1  1  7  1  1  17  7,11,13,17  

(2) Casting
Step 1: gets and sends it to by secure channel, the transfer matrix is shown in Figure.4.
Step 2: After calculating the list, gets the result and broadcasts by checking table 4, the result is following:
(3) Tallying
The amount of vote is , so the vote of are respectively.
According to the analysis of example, the aim of unlimited participants is achieved in the protocol.
6 Analysis of performance
Theorem 1.
The result is correct based on encoding.
Proof.
According to Figure.2, a transfer matrix is got by randomly splitting the ballot. ,so the product of all elements does not change before sending vote and after receiving vote. The encoding sets up a sole corresponding relation for and limited positive integer sequence. According to the relation, the voting result is got. So the result is right. ∎
Theorem 2.
If all voters are semihonest, the evoting scheme with unlimited participants is secure and feasible.
Proof.
The following ideas reflectively prove that our program meets all security properties raised by defination 2
(1) Unlimited participants: The ballot format adopts the form of decimalism and it has not relation with the amount of participants. In theory, the amount of candidates only relates to the number of primes. For example, if the election has 1 billion candidates, 1 billion primes are found. Then according to the protocol, the voting result is got.
(2) Perfect ballot secrecy: randomly selects the random number to conceal the ballot before sending the vote. Only when voters are collaborated, the secret ballot of voter is calculated by the protocol. So the protocol can resist the attack from passive attackers. When voters are collaborated, the voters only can get their own ballot and cannot get other voting result. So perfect ballot secrecy can be achieved.
(3) Receiptfree: By the random number, the ballot is concealed and is split into n parts and is sent to other voters. Any voter cannot reconstruct the complete vote, because only can receive from . So the vote is receiptfree.
(4) Robustness: When has been abstained from election, the vote data cannot be sent in casting. In tallying, the process still can be started by cooperation of remaining voters.
(5) Disputefreeness: The voting result is tallied by all voters, if the result of one or a few voters is not same with most voters, these voters are dishonest persons. Moreover, by making public all we also can test and verify and track the dishonest voters.
∎
6.1 Scheme comparison
The scheme need not using binary sequence to express vote, which avoids the situation of digit overflow, at the same time the ballot structure does not have relation with the amount participants. So the protocol can achieve the situation of unlimited participants. Our solution only needs to send selected prime number and random number to , then gets the result by arranging the data of the list and broadcast to other voters. In contrast with the SunLiu scheme, our solution not only satisfies the security of evoting but also improves computing efficiency to achieve unlimited participants.
7 Conclusion
The protocol uses the coding to solve the problem of low efficiency in previous schemes. In this paper, the scheme does not rely on traditional encryption algorithms to ensure the security of ballot and does not contain any scabrous computational problem. In information theory, the protocol is secure. The evoting can be applied to election of any scale by the scheme, for example largescale electronic auction, electronic tending, et al. Although the problem for number of restrictions is solved, the insecure channel and dishonest voter need to be resolved. The voter selects secret random numbers need to be proved legal and the security of electoral package need to be further researched. It is possible (and is part of work in progress) that extensions of our ideas can give a scheme with insecure channel and dishonest voter while maintaing security, robustness and efficiency.
Acknowledgments
This study was supported by the National National Science Foundation of China (Grant Nos.61363069 ), The Innovation Project of GUET Graduate Education (2016YJCX44) and Guangxi Key Laboratory of Cryptography and Information Security.
We thank yining Liu, Huiyong Wang and Lei Li for helpful comments and discussions.
References
 [1] MH Ibrahim. Resisting traitors in linkable democratic group signatures. International Journal of Network Security, 9(1):51–60, 2009.
 [2] C Porkodi, R Arumuganathan, and K Vidya. Multiauthority electronic voting scheme based on elliptic curves. International Journal of Network Security, (2):84–91, 2011.
 [3] Chaum D. Untraceable electronic mail, return addresses and digital pseudonyms. Communications of the ACM, 24(2):84–88, 1981.
 [4] R Cramer and B Schoenmakers. Multiauthority secretballot elections with linear work. In: Advances in CryptologyEurocryptï¿½ï¿½ 97, LNCS 1070, pages 72–83, 1996.
 [5] R Cramer, R Gennaro, and B Schoenmakers. A secure and optimally efficient multiauthority election scheme. In: Advances in CryptologyEurocryptï¿½ï¿½96, LNCS 1223, pages 103–118, 1997.
 [6] I Damgard M Jurik. A generalization, a simplication and some applications of paillierï¿½ï¿½s probabilistic publickey system. In: The 4th Intï¿½ï¿½l Workshop on Practice and Theory in Public key Cryptosystem (PKC 2001), LNCS 1992, pages 119–136, 2001.
 [7] Zhong Hong, Huang Liusheng, and Luo Yonglong. A multicandidate electronic voting scheme based on secure sum protocol. Journal of Computer Research and Development, 43(8):1405–1410, 2006.
 [8] KH Rosen. Elementary number theory and its applications. Academic Press, 7(2):287–300, 1980.
 [9] H Cohen. A course in computational algebraic number theory. Kluwer, 26(2):211–244, 1990.
 [10] DE Knuth. The art of computer programming, volume 2: Seminumerical algorithms. And Searching, 1981.
 [11] SUN Peiyong, LIU Yining, and YAN Jihong. Secure evoting scheme with multicandidate. Computer Engineering and Applications, 48(25):217–219, 2012.
 [12] Linnan Wang, Wei Wu, Zenglin Xu, Jianxiong Xiao, and Yi Yang. Blasx: A high performance level3 blas library for heterogeneous multigpu computing. In Proceedings of the 2016 International Conference on Supercomputing, ICS ’16, pages 20:1–20:11, New York, NY, USA, 2016. ACM.
 [13] Linnan Wang, Yi Yang, Renqiang Min, and Srimat Chakradhar. Accelerating deep neural network training with inconsistent stochastic gradient descent. Neural Networks, 93(Supplement C):219 – 229, 2017.
Xi Zhao is currently pursuing his M.S. degree in Guilin University of Electronic Technology, Guilin China. His current research interests include information security and image security.
Yong Ding as born in Chongqing, China. He received the
Ph.D. degrees from the School of Communication Engineering,
Xidian University, Shaanxi, in 2005 . He is currently professor
in Guilin University of Electronic Technology, China. His
current research interests include cryptography and information
security.
Quanyu Zhao is currently pursuing his M.S. degree in Guilin University of Electronic Technology, Guilin, China. He received the B.S. degree in Mathematics and Applied Mathematics from Huainan Normal University, Anhui, China, in 2014. His research interests focus on evoting, micropayment, elottery, group key transfer, and oblivious transfer.