Remotegrity: Design and Use of an End-to-End Verifiable Remote Voting System

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7954)


We propose and implement a cryptographically end-to-end verifiable (E2E) remote voting system for absentee voters and report on its deployment in a binding municipal election in Takoma Park, Maryland. Remotegrity is a hybrid mail/internet extension to the Scantegrity in-person voting system, enabling secure, electronic return of vote-by-mail ballots. It provides voters with the ability to detect unauthorized modifications to their cast ballots made by either malicious client software, or a corrupt election authority—two threats not previously studied in combination. Not only can the voter detect such changes, they can prove it to a third party without giving up ballot secrecy.


Dispute Resolution Vote System Polling Place Valid Code Municipal Election 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Adida, B.: Helios: web-based open-audit voting. In: USENIX Security (2008)Google Scholar
  2. 2.
    Adida, B., de Marneffe, O., Pereira, O., Quisquater, J.J.: Electing a university president using open-audit voting: Analysis of real-world use of Helios. In: EVT/WOTE (2009)Google Scholar
  3. 3.
    Burton, C., Culnane, C., Heather, J., Peacock, T., Ryan, P.Y.A., Schneider, S., Srinivasan, S., Teague, V., Wen, R., Xia, Z.: Using Pret a Voter in Victoria State elections. In: EVT/WOTE (2012)Google Scholar
  4. 4.
    Carback, R.T., Chaum, D., Clark, J., Conway, J., Essex, A., Hernson, P.S., Mayberry, T., Popoveniuc, S., Rivest, R.L., Shen, E., Sherman, A.T., Vora, P.L.: Scantegrity II election at Takoma Park. In: USENIX Security (2010)Google Scholar
  5. 5.
    Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM 24(2), 84–90 (1981)CrossRefGoogle Scholar
  6. 6.
    Chaum, D.: Surevote: Technical overview. In: WOTE (2001)Google Scholar
  7. 7.
    Chaum, D., Carback, R., Clark, J., Essex, A., Popoveniuc, S., Rivest, R.L., Ryan, P.Y.A., Shen, E., Sherman, A.T.: Scantegrity II: end-to-end verifiability for optical scan election systems using invisible ink confirmation codes. In: EVT (2008)Google Scholar
  8. 8.
    Chaum, D., Essex, A., Carback, R., Clark, J., Popoveniuc, S., Sherman, A.T., Vora, P.: Scantegrity: End-to-end voter verifiable optical-scan voting. IEEE Security and Privacy 6(3), 40–46 (2008)CrossRefGoogle Scholar
  9. 9.
    Chaum, D., Ryan, P.Y.A., Schneider, S.: A practical voter-verifiable election scheme. In: di Vimercati, S.d.C., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 118–139. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  10. 10.
    Clark, J., van Oorschot, P.: SSL and HTTPS: Revisiting past challenges and evaluating certificate trust model enhancements. In: IEEE Symp. Security & Privacy (2013)Google Scholar
  11. 11.
    Clark, J., Hengartner, U.: On the use of financial data as a random beacon. In: EVT/WOTE (2010)Google Scholar
  12. 12.
    Clark, J., Hengartner, U.: Selections: Internet voting with over-the-shoulder coercion-resistance. In: Danezis, G. (ed.) FC 2011. LNCS, vol. 7035, pp. 47–61. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  13. 13.
    Essex, A., Clark, J., Hengartner, U., Adams, C.: Eperio: Mitigating technical complexity in cryptographic election verification. In: EVT/WOTE (2010)Google Scholar
  14. 14.
    Estehghari, S., Desmedt, Y.: Exploiting the client vulnerabilities in internet e-voting systems: Hacking Helios 2.0 as an example. In: EVT/WOTE (2010)Google Scholar
  15. 15.
    Heiberg, S., Lipmaa, H., van Laenen, F.: On E-vote integrity in the case of malicious voter computers. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 373–388. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  16. 16.
    Helbach, J., Schwenk, J.: Secure internet voting with code sheets. In: Alkassar, A., Volkamer, M. (eds.) VOTE-ID 2007. LNCS, vol. 4896, pp. 166–177. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  17. 17.
    Helbach, J., Schwenk, J., Schage, S.: Code voting with linkable group signatures. In: EVOTE (2008)Google Scholar
  18. 18.
    Joaquim, R., Ribeiro, C.: CodeVoting protection against automatic vote manipulation in an uncontrolled environment. In: Alkassar, A., Volkamer, M. (eds.) VOTE-ID 2007. LNCS, vol. 4896, pp. 178–188. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  19. 19.
    Joaquim, R., Ribeiro, C., Ferreira, P.: VeryVote: A voter verifiable code voting system. In: Ryan, P.Y.A., Schoenmakers, B. (eds.) VOTE-ID 2009. LNCS, vol. 5767, pp. 106–121. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  20. 20.
    Juels, A., Catalano, D., Jacobsson, M.: Coercion-resistant electronic elections. In: WPES (2005)Google Scholar
  21. 21.
    Kiayias, A., Yung, M.: Self-tallying elections and perfect ballot secrecy. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, pp. 141–158. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  22. 22.
    Kusters, R., Truderung, T., Vogt, A.: Accountability: Definition and relationship to verifiability. In: CCS (2010)Google Scholar
  23. 23.
    Kutyłowski, M., Zagórski, F.: Scratch, Click & Vote: E2E voting over the internet. In: Chaum, D., Jakobsson, M., Rivest, R.L., Ryan, P.Y.A., Benaloh, J., Kutylowski, M., Adida, B. (eds.) Towards Trustworthy Elections. LNCS, vol. 6000, pp. 343–356. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  24. 24.
    Oppliger, R., Schwenk, J., Lohr, C.: Captcha-based code voting. In: EVOTE (2008)Google Scholar
  25. 25.
    Popoveniuc, S.: Speakup: remote unsupervised voting. In: ACNS (2010)Google Scholar
  26. 26.
    Ryan, P.Y.A., Teague, V.: Pretty good democracy. In: Christianson, B., Malcolm, J.A., Matyáš, V., Roe, M. (eds.) Security Protocols 2009. LNCS, vol. 7028, pp. 111–130. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  27. 27.
    Spycher, O., Koenig, R., Haenni, R., Schläpfer, M.: A new approach towards coercion-resistant remote e-voting in linear time. In: Danezis, G. (ed.) FC 2011. LNCS, vol. 7035, pp. 182–189. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  28. 28.
    Wolchok, S., Wustrow, E., Isabel, D., Halderman, J.A.: Attacking the washington, D.C. Internet voting system. In: Keromytis, A.D. (ed.) FC 2012. LNCS, vol. 7397, pp. 114–128. Springer, Heidelberg (2012)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  1. 1.Wrocław University of TechnologyPoland
  2. 2.Draper LaboratoryUSA
  3. 3.Voting System InstituteUSA
  4. 4.Carleton UniversityCanada
  5. 5.Western UniversityCanada
  6. 6.The George Washington UniversityUSA

Personalised recommendations