TY - GEN
T1 - 2015 neuchȃtel’s cast-as-intended verification mechanism
AU - Galindo, David
AU - Guasch, Sandra
AU - Puiggalí, Jordi
PY - 2015/8/13
Y1 - 2015/8/13
N2 - Cast-as-intended verification seeks to prove to a voter that their vote was cast according to their intent. In case ballot casting is made remotely through a voting client, one of the most important dangers a designer faces are malicious voting clients (e.g. infected by a malware), which may change the voter’s selections. A previous approach for achieving cast-as-intended verification in this setting uses the so-called Return Codes. These allow a voter to check whether their voting options were correctly received by the ballot server, while keeping these choices private. An essential ingredient of this approach is a mechanism that allows a voter to discard a vote that does not represent their intent. This is usually solved using multiple voting, namely, if the return codes received by the voter do not match their choices, they cast a new vote. However, what happens if voters are not allowed to cast more than one ballot (aka single vote casting)? In this paper we propose a simple ballot casting protocol, using return codes, for allowing a voter to verify votes in a single vote casting election. We do so without significantly impacting the number of operations in the client side. This voting protocol has been implemented in a binding election in the Swiss canton of Neuchˆatel in March 2015, and will be the canton’s new voting platform.
AB - Cast-as-intended verification seeks to prove to a voter that their vote was cast according to their intent. In case ballot casting is made remotely through a voting client, one of the most important dangers a designer faces are malicious voting clients (e.g. infected by a malware), which may change the voter’s selections. A previous approach for achieving cast-as-intended verification in this setting uses the so-called Return Codes. These allow a voter to check whether their voting options were correctly received by the ballot server, while keeping these choices private. An essential ingredient of this approach is a mechanism that allows a voter to discard a vote that does not represent their intent. This is usually solved using multiple voting, namely, if the return codes received by the voter do not match their choices, they cast a new vote. However, what happens if voters are not allowed to cast more than one ballot (aka single vote casting)? In this paper we propose a simple ballot casting protocol, using return codes, for allowing a voter to verify votes in a single vote casting election. We do so without significantly impacting the number of operations in the client side. This voting protocol has been implemented in a binding election in the Swiss canton of Neuchˆatel in March 2015, and will be the canton’s new voting platform.
KW - Binding election
KW - Cast-asintended verifiability
KW - Electronic voting protocols
KW - Malicious voting client
KW - Return codes
UR - http://www.scopus.com/inward/record.url?scp=84944686630&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-22270-7_1
DO - 10.1007/978-3-319-22270-7_1
M3 - Conference contribution
AN - SCOPUS:84944686630
SN - 9783319222691
VL - 9269
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 3
EP - 18
BT - E-Voting and Identity
A2 - Haenni, Rolf
A2 - Koenig, Reto E.
A2 - Wikström, Douglas
PB - Springer
T2 - 5th International Conference on E-Voting and Identity, VoteID 2015
Y2 - 2 September 2015 through 4 September 2015
ER -