End-to-end verifiable cumulative voting without tallying authorities

In this paper, we propose the first end-to-end (E2E) verifiable e-voting system for cumulative voting without requiring any tallying authorities. Cumulative voting is an electoral system, heavily used in corporate governance as practised in several US states, and in participatory budgeting as seen in many European cities where local residents decide how to spend a portion of the local government’s budget through voting. Traditionally, cumulative voting is done with pen and paper, but the manual counting process is time consuming and costly, especially when such voting events occur frequently. Many systems have changed to use electronic voting, but without considering the security aspects of this change. To our knowledge, none of the existing e-voting systems implemented for cumulative voting are end-to-end verifiable; if there is any bug or tempering at the tallying software, the tally would be inadvertently modified without any voter noticing this. Although there are existing voting systems (e.g., mix-net based) that could be adapted to support cumulative voting with E2E verifiability, they generally require a set of tallying authorities, which can lead to substantial complexity of finding and managing such authorities in practice. We address this issue by adopting novel cryptographic techniques to achieve E2E verifiability for cumulative voting, but without involving any tallying authorities. We formally define a model to prove the security of our system, and present the efficiency analysis to show that our proposed solution is feasible for practical use.