Post-quantum Online Voting Scheme

We propose a new post-quantum online voting scheme whose security relies on lattice assumptions. Compared to the state-of-the-art, our work does not make use of homomorphic primitives nor mix-nets, that are more traditional ways to build electronic voting protocols. The main reason is that zero-knowledge proofs, mandatory in the two aforementioned frameworks, are far to be as efficient as in "classical" cryptography, leading us to explore other approaches. We rather base our work on a framework introduced by Fujioka et al. at Auscrypt 1992 that makes use of a blind signature scheme as the main building block. We depart however from this seminal work by allowing threshold issuance of blind signatures (to prevent ballot stuffing by malicious authorities) and by using a threshold post-quantum public key encryption scheme (rather than a commitment scheme) to allow voters to "vote and go" and to prevent "partial results". We instantiate all the required primitives with lattice-based constructions leading to the first online voting scheme that simultaneously provides post-quantum public verifiability and everlasting privacy (information-theoretic ballot anonymity). Another advantage of our protocol is that it can, contrary to recent proposals, efficiently handle elections with multiple candidates or with complex ballots (and not only referendums or single member plurality voting) without weakening the whole voting protocol by increasing the parameters size as with previous post-quantum voting schemes.