Secure Internet Voting Based on Paper Ballots

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5352)


Internet voting will probably be one of the most significant achievements of the future information society. It will have an enormous impact on the election process making it fast, reliable and inexpensive. Nonetheless, so far the problem of providing security of remote voting is considered to be very difficult, as one has to take into account susceptibility of the voter’s PC to various cyber-attacks. As a result, most of the research effort is put into developing protocols and machines for poll-site electronic voting. Although these solutions yield promising results, most of them cannot be directly applied to Internet voting because of the secure platform problem. However, the cryptographic components they utilize may be very useful in the context of remote voting, too. This paper presents a scheme based on combination of mixnets and homomorphic encryption borrowed from robust poll-site voting, along with techniques recommended for remote voting – code sheets and test ballots. The protocol tries to minimize the trust put in voter’s PC by employing paper ballots distributed before elections. The voter uses the ballot to submit an encrypted vote, which is illegible for the potentially corrupt PC. The creation of paper ballots, as well as the decryption of votes, is performed by a group of cooperating trusted servers. As a result, the scheme is characterized by strong asymmetry – all computations are carried out on the server side. Hence, it does not require any additional hardware on the voter’s side. Furthermore, the scheme offers distributed trust, receipt-freeness and verifiability.


Homomorphic Encryption Digital Evidence Electronic Vote Code Sheet Election Authority 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Schneier, B.: Beyond fear: Thinking sensibly about security in an uncertain world. Copernicus Books (2003)Google Scholar
  2. 2.
    CIVTF: A report on the feasibility of internet voting (2000),
  3. 3.
    Oppliger, R.: How to address the secure platform problem for remote internet voting. In: Proceedings 5th Conf. on Security in Information Systems (SIS 2002), pp. 153–173 (2002)Google Scholar
  4. 4.
    Chaum, D.: Secret-ballot: True voter verifiable elections. IEEE Security and Privacy, 38–47 (2004)Google Scholar
  5. 5.
    Neff, A.: A verifiable secret shuffle and its application to e-voting. In: Samarati, P. (ed.) ACM CCS 2001, pp. 116–125. ACM Press, New York (2001)Google Scholar
  6. 6.
    Klonowski, M., Kutyłowski, M., Lauks, A., Zagórski, F.: A practical voting scheme with receipts. In: Zhou, J., López, J., Deng, R.H., Bao, F. (eds.) ISC 2005. LNCS, vol. 3650, pp. 490–497. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  7. 7.
    Adida, B., Rivest, R.L.: Scratch and Vote: Self-contained paper-based cryptographic voting. In: Dingledine, R., Yu, T. (eds.) ACM Workshop on Privacy in the Electronic Society. ACM Press, New York (2006)Google Scholar
  8. 8.
    Ryan, P., Schneider, S.: Prêt à Voter with re-encryption mixes. In: Gollmann, D., Meier, J., Sabelfeld, A. (eds.) ESORICS 2006. LNCS, vol. 4189, pp. 313–326. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  9. 9.
    Popovenuic, S., Hosp, B.: An introduction to punchscan. In: IAVoSS Workshop On Trustworthy Elections, WOTE (2006)Google Scholar
  10. 10.
    van de Graaf, J.: Merging prêt à voter and punchscan (2007),
  11. 11.
    Xia, Z., Schneider, S., Heather, J.: Analysis, improvement and simplification of Prêt à Voter with paillier encryption. In: USENIX/ACCURATE Electronic Voting Technology Workshop (2008)Google Scholar
  12. 12.
    Rubin, A.: Security considerations for remote electronic voting over the internet (2001),
  13. 13.
    SureVote: E-voting system - overview (2001),
  14. 14.
    Lee, B., Kim, K.: Receipt-free electronic voting scheme with a tamper-resistant randomizer. In: Lee, P.J., Lim, C.H. (eds.) ICISC 2002. LNCS, vol. 2587, pp. 389–406. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  15. 15.
    Kutyłowski, M., Zagórski, F.: Verifiable internet voting solving secure platform problem. In: Miyaji, A., Kikuchi, H., Rannenberg, K. (eds.) IWSEC 2007. LNCS, vol. 4752, pp. 199–213. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  16. 16.
    Clarkson, M.R., Chong, S., Myers, A.C.: Civitas: Toward a secure voting system. In: 2008 IEEE Symposium on Security and Privacy, pp. 354–368 (2008)Google Scholar
  17. 17.
    Young, A., Yung, M.: The dark side of black-box cryptography, or: Should we trust Capstone? In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109. Springer, Heidelberg (1996)Google Scholar
  18. 18.
    Estonian National Election Committee: E-voting system - overview (2006),
  19. 19.
    Chaum, D., Pedersen, T.: Wallet databases with observers. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 89–105. Springer, Heidelberg (1993)CrossRefGoogle Scholar
  20. 20.
    Park, C., Itoh, Kh., Kurosawa, K.: Efficient anonymous channel and all/nothing election scheme. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 248–259. Springer, Heidelberg (1994)CrossRefGoogle Scholar
  21. 21.
    Jakobsson, M., Juels, A., Rivest, R.L.: Making mix nets robust for electronic voting by randomized partial checking. In: USENIX Security Symposium, pp. 339–353 (2002)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  1. 1.Faculty of Mathematics and Computer ScienceAdam Mickiewicz UniversityPoznańPoland

Personalised recommendations