We are now ready to present original results on making election protocols scalable by distributing the election across a wide-area network. All current election protocols require some kind of global state to be maintained, for example the ``bulletin board'' for public communication, which subsumes the bit per eligible voter indicating whether the voter has voted or not. Hence, it is desirable for as much global state as possible to be localized in the network topology. A relatively straightforward way to make distribution more scalable is to make the election hierarchical. To this end, we propose the following model:
The assumption in this model is that voters in each district care enough about the correctness of their own district-wide election, that any violation of the protocol will always be detected by some voter within the same district. Hence, much of the information that was globally broadcast in previous election protocols need only be broadcast at the district level in order for the election to be verifiable.
In this model and probably any hierarchical election protocol, there is a fundamental tradeoff for efficiency and robustness at a slight expense of voter privacy. The reason is that, compared to a non-hierarchical election--a special case of the above model, in which there is only one district with DT ``intermediate'' authorities--the number of authorities contacted by each voter is now smaller. A smaller number of authorities implies reduced message and computation complexity, but the maximum number of authorities that can be corrupt before voter privacy is compromised is also forced to be smaller. For example, with sum secret sharing, the number of authorities that need to be corrupt in order to violate privacy is exactly the number of authorities that are contacted by the voter. With other secret sharing schemes such as Shamir secret sharing, fewer authorities may need to be corrupt, but never more.