electronic voting in the standard model

Electronic Voting in the Standard Model Thomas Briner September 2003 Electronic voting schemes that claim to satisfy the property of receipt-freeness usually need strong physical assumptions which are not available in real life. In this paper we present a protocol that achieves receipt-freeness in a threshold model without unrealistic assumptions. It is designed for large scale votes. It uses an existing type of untappable channels for the initialization of a vote but only usual internet connections for the voting phase. The untappable channels are needed only in order to achieve receipt-freeness but are not mandatory for all other properties. The protocol achieves receipt-freeness by allowing each voter to convince a votebuyer who is willing to pay for a certain vote even though the voter casted an arbitrary vote. Even if the votebuyer is able to eavesdrop all channels between voters and authorities except for the untappable ones, it is indistinguishable for him whether or not the voter is telling the truth. In case of coercion, a voter who is forced to cast a certain vote is still able to make sure that the vote will be considered invalid and therefore ignored by the authorities without giving the coercer the opportunity to figure it out. All these properties hold under the assumption that no authority cooperates with a votebuyer or blackmailer. A dishonest authority is able to prevent a voter from casting a vote. This cannot be prevented but at least it will be detected that some irregularity has occurred. It is possible that the correctness of the result can be influenced by dishonest authorities, but in a context of a large scale vote, the level of overall correctness can still be judged by detecting the number of such irregularities and comparing it to the result. Universal verifiability is not achieved with this protocol. The protocol is based on a threshold on the number of honest authorities. This is no loss compared to the protocols that claim to have the property of universal verifiability in theory as they need additional elements e.g. a kind of bulletin board that do not exist in real life. To implement this bulletin board it has to be simulated by the authorities and therefore depends on the honesty of those authorities too.