Anonymity and Verifiability in Voting: Understanding (Un)Linkability

Lucie Langer, Hugo Jonker, Wolter Pieters

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    10 Citations (Scopus)
    1 Downloads (Pure)


    Anonymity and verifiability are crucial security requirements for voting. Still, they seem to be contradictory, and confusion exists about their precise meanings and compatibility. In this paper, we resolve the confusion by showing that both can be expressed in terms of (un)linkability: while anonymity requires unlinkability of voter and vote, verifiability requires linkability of voters and election result. We first provide a conceptual model which captures anonymity as well as verifiability. Second, we express the semantics of (un)linkability in terms of (in)distinguishability. Third, we provide an adversary model that describes which capabilities the attacker has for establishing links. These components form a comprehensive model for describing and analyzing voting system security. In a case study we use our model to analyze the security of the voting scheme Prêt à Voter. Our work contributes to a deeper understanding of anonymity and verifiability and their correlation in voting.
    Original languageUndefined
    Title of host publication12th International Conference Information and Communications Security, ICICS 2010
    EditorsMiguel Soriano, Sihan Qing, Javier López
    Place of PublicationBerlin
    Number of pages15
    ISBN (Print)978-3-642-17649-4
    Publication statusPublished - 2010
    Event12th International Conference on Information and Communications Security, ICICS 2010 - Barcelona, Spain
    Duration: 15 Dec 201017 Dec 2010
    Conference number: 12

    Publication series

    NameLecture Notes in Computer Science
    PublisherSpringer Verlag
    ISSN (Print)0302-9743
    ISSN (Electronic)1611-3349


    Conference12th International Conference on Information and Communications Security, ICICS 2010
    Abbreviated titleICICS


    • IR-75062
    • METIS-276726
    • Anonymity
    • E-voting
    • EWI-19020
    • Unlinkability
    • verifiability
    • SCS-Cybersecurity
    • adversary model

    Cite this