Practical Remote End-to-End Voting Scheme

  • Xun Yi
  • Eiji Okamoto
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6866)


Recently, remote voting systems have gained popularity and have been used for government elections and referendums in the United Kingdom, Estonia and Switzerland as well as municipal elections in Canada and party primary elections in the United States and France. Current remote voting schemes assume either the voter’s personal computer is trusted or the voter is not physically coerced. In this paper, we present a remote end-to-end voting scheme, in which the voter’s choice remains secret even if the voter’s personal computer is infected by malware or the voter is physically controlled by the adversary. In particular, our scheme can achieve absolute verifiability even if all election authorities are corrupt. Based on homomorphic encryption, the overhead for tallying in our scheme is linear in the number of candidates. Thus, our scheme is practical for elections at a large scale, such as general elections.


Electronic voting coercion-resistance 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Benaloh, J.: Ballot casting assurance via voter-initiated poll station auditing. In: Proc. Electronic Voting Technology Workshop, EVT 2007 (2007)Google Scholar
  2. 2.
    Benaloh, J., Tuinstra, D.: Receipt-free secret-ballot elections (extended abstract). In: Proc. 26th ACM STOC 1994, pp. 544–553 (1994)Google Scholar
  3. 3.
    Blum, M., Santis, A.D., Micali, S., Persiano, G.: Non-interactive zero-knowledge. SIAM Journal on Computing 6, 1084–1118 (1991)CrossRefGoogle Scholar
  4. 4.
    Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM 24(2), 84–88 (1981)CrossRefGoogle Scholar
  5. 5.
    Chaum, D.: Punchscan (2005),
  6. 6.
    Chaum, D., Pedersen, T.P.: Wallet databases with observers. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 89–105. Springer, Heidelberg (1993)CrossRefGoogle Scholar
  7. 7.
    Clarkson, M.R., Chong, S., Myers, A.C.: Civitas: A secure remote voting system. In: Proc. IEEE Symposium on Security and Privacy, pp. 354–368 (2008)Google Scholar
  8. 8.
    Cohen, J. D.(Benaloh), Fischer, M.J.: A robust and verifiable cryptographically secure election scheme. In: Proc. FOCS 1985, pp. 372–382 (1985)Google Scholar
  9. 9.
    ElGamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory 31, 469–472 (1985)MathSciNetCrossRefGoogle Scholar
  10. 10.
    Fujioka, A., Okamoto, T., Ohta, K.: A practical secret voting scheme for large scale elections. In: Zheng, Y., Seberry, J. (eds.) AUSCRYPT 1992. LNCS, vol. 718, pp. 244–251. Springer, Heidelberg (1993)CrossRefGoogle Scholar
  11. 11.
    Gardner, R.W., Garera, S., Rubin, A.D.: Coercion resistant end-to-end voting. In: Dingledine, R., Golle, P. (eds.) FC 2009. LNCS, vol. 5628, pp. 344–361. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  12. 12.
    Golle, P., Jakobsson, M., Juels, A., Syverson, P.: Universal re-encryption for mixnets. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 163–178. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  13. 13.
    Hirt, M., Sako, K.: Efficient receipt-free voting based on homomorphic encryption. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 539–556. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  14. 14.
    Jakobsson, M., Juels, A., Rivest, R.: Making mix nets robust for electronic voting by randomized partial checking. In: Proc. USENIX 2002, pp. 339–353 (2002)Google Scholar
  15. 15.
    Juels, A., Catalano, D., Jakobsson, M.: Coercion-resistant electronic election. In: Proc. WPES 2005, pp. 61–70 (2005)Google Scholar
  16. 16.
    Kutylowski, M., Zagorski, F.: Scratch, click & vote: E2E voting over the Internet. In: NIST End-to-End Voting System Workshop (2009)Google Scholar
  17. 17.
    Moran, T., Naor, M.: Split-ballot voting: everlasting privacy with distributed trust. In: Proc. CCS 2007, pp. 246–255 (2007)Google Scholar
  18. 18.
    Neff, A.: A verifiable secret shuffle and its application to e-voting. In: Proc. ACM CCS 2001, pp. 116–125 (2001)Google Scholar
  19. 19.
    Pointcheval, D., Stern, J.: Security proofs for signature schemes. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 387–398. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  20. 20.
    Rivest, R.L., Smith, W.D.: Three voting protocols: Threeballot, VAV, and twin. In: Proc. Electronic Voting Technology Workshop, EVT 2007 (2007)Google Scholar
  21. 21.
    Sako, K., Kilian, J.: Receipt-free mix-type voting scheme. In: Guillou, L.C., Quisquater, J.-J. (eds.) EUROCRYPT 1995. LNCS, vol. 921, pp. 393–403. Springer, Heidelberg (1995)CrossRefGoogle Scholar
  22. 22.
    Teague, V., Ramchen, K., Naish, L.: Coercion-resistant tallying for STV voting. In: Proc. Electronic Voting Technology Workshop, EVT 2008 (2008)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Xun Yi
    • 1
  • Eiji Okamoto
    • 2
  1. 1.School of Engineering and ScienceVictoria UniversityMelbourneAustralia
  2. 2.Department of Risk EngineeringUniversity of TsukubaTsukubaJapan

Personalised recommendations