Three Voting Protocols: ThreeBallot, VAV, and Twin

We present three new paper-based voting methods with interesting security properties. Our goal is to achieve the same security properties as recently proposed cryptographic voting protocols, but using only paper ballots and no cryptography. From a security viewpoint we get reasonably close, particularly for short ballots. However, our proposals should probably be considered as more “academic” than “practical.” In these proposals, not only can each voter verify that her vote is recorded as intended, but she gets a “receipt” she can take home that can be used later to verify that her vote is actually included in the final tally. But her receipt does not allow her to prove to anyone else how she voted. All ballots cast are scanned and published in plaintext on a “public bulletin board” (web site), so anyone may correctly compute the election result. In ThreeBallot, each voter casts three paper ballots, with certain restrictions on how they may be filled out. These paper ballots are of course “voterverifiable.” A voter receives a copy of one of her ballots as her “receipt”, which she may take home. Only the voter knows which ballot she copied for her receipt. The voter is unable to use her receipt to prove how she voted or to sell her vote, as the receipt doesn’t reveal how she voted. A voter can check that the web site contains a ballot matching her receipt. Deletion or modification of ballots is thus detectable; so the integrity of the election is verifiable. VAV is like ThreeBallot, except that the ballotmarking rules are different: one ballot may “cancel” another (VAV = Vote/Anti-Vote/Vote). VAV is better suited to – i.e. yields better security properties ∗The latest version of this paper is always at http://people.csail.mit.edu/ rivest/RivestSmith-ThreeVotingProtocolsThreeBallotVAVAndTwin.pdf for – Plurality and preference (Borda, Condorcet, IRV) voting, while ThreeBallot is better suited for Approval and Range voting. Finally, we introduce “Floating Receipts,” wherein voters may take home a copy of another voter’s ballot. (She doesn’t know whose ballot, though.) Floating Receipts are well-tuned to the security requirements of ThreeBallot-like schemes, and we examine protocols for achieving them. Our final voting system, Twin, is based almost entirely on Floating Receipts. Each voter casts a single ballot and takes home a single receipt. Twin is quite simple and close to being practical.