7

There are many design goals for an e-voting system. My question concerns a conflict between 2 particular goals:

  • A voter should be able to verify that their vote was correctly tallied
  • A voter should not be able to prove how they voted (to prevent vote selling)

I've looked into various e-voting systems and none of them appear to be able to satisfy these 2 goals simultaneously.

Some researchers argue that end-to-end auditability and receipt-freeness should be considered to be orthogonal properties. (Wikipedia)

Is this an unsolved problem?

bkoodaa
  • 639
  • 7
  • 12

3 Answers3

3

The second property is formally called receipt freeness. Any voting system based on probabilistic encryption cannot be receipt free, because the voter uses a random value to construct the vote, this random value can serve as a receipt. The solution given to this problem is by having an authority create the vote and the voter simply selects it from a presented list. The first protocol to achieve this is as far as I know is the one described in the paper Receipt-free secret-ballot elections from Benaloh and Tuinstra. A more widely used example is Efficient receipt-free voting based on homomorphic encryption from Hirt and Sako. You can check these references especially the second one on details about how to achieve verifiability.

Panagiotis Grontas
  • 863
  • 5
  • 15
1

I believe you can have a system that gives a receipt that increases personal voter confidence but cannot be used to prove how a voter voted. But this method requires already having a shared secret between the voter and the voting authority. Also the voter can only prove to themselves that their vote was tallied correctly, they couldn't show this proof to someone else.

A voter couldn't say "look at this evidence that the government didn't count my vote" but also couldn't say "look at this evidence that I voted for who you told me to".

https://security.stackexchange.com/questions/152044/is-this-voting-system-secure-in-an-information-theory-sense

daniel
  • 912
  • 5
  • 15
0

Punchscan does this, though it's not a purely electronic system. I'm not aware of any purely electronic (online) system that satisfies these properties, but having a paper trail makes audits easier and improves security anyway. Scantegrity is an updated version.

SAI Peregrinus
  • 5,968
  • 20
  • 27