Verify sent-as-intended properties and vote correctness online in the control components
Issue description
Currently (computational proof version 0.9.9), our security analysis demonstrates that the Swiss Post Voting System provides the sent-as-intended property (section 16.1 of the computational proof). In a nutshell, this property shows that a voter or an auditor can always detect an attacker's attempt to alter a vote. Moreover, the Swiss Post Voting System guarantees vote compliance (section 15.2 of the computational proof): we prove that an auditor can check that a vote contains valid voting options. However, the security analysis of our current cryptographic proof implies that specific attacks against sent-as-intended and vote compliance are detected late in the process: when the auditors execute the verifier offline. We will move these verifications into the control components in order to detect these types of attacks online (at the time of voting).
Proposed solution
We plan to modify the following: · Allow the control components to verify the DecryptPCC algorithm themselves. · We adapt the security analysis of the sent-as-intended and vote-compliance property to no longer rely on the auditor's faithful execution of the VerifyVotingPhase algorithm. · We implement the protocol improvements (checking the validity of voting options via allowList) described in section 13.5 of the computational proof. We are going to implement these improvements before the first productive use of the Swiss Post Voting System.