## Cryptology ePrint Archive: Report 2014/348

A Simple Cast-as-Intended E-Voting Protocol by Using Secure Smart Cards

Helger Lipmaa

Abstract: We propose a simple cast-as-intended remote e-voting protocol where the security is based on the use of secure (and trusted) smart cards that incorporate incard numeric keyboards and LCD displays, and can perform a limited number of cryptographic operations (like encryption, signing, and random number generation). The protocol, while very simple, is significantly more secure (in the sense of cast-as-intended'') and convenient to use than the e-voting protocol currently used in Norway. The protocol is developed primarily with the idea of deploying it in Estonia within the next $3$ to $10$ years. Since in Estonia, a vast majority of the population already has ID-cards with digital signing and authentication functionality, and the use of ID-cards is a required prerequisite to participate in Estonian e-voting anyway, our assumption of every voter having a secure hardware token makes sense in this concrete context.

Category / Keywords: applications / Cast-as-intended e-voting, Estonian e-voting, secure hardware

Contact author: helger lipmaa at gmail com

Available format(s): PDF | BibTeX Citation

Note: This paper was written for Estonian government two years ago (note the date: March 2012) as a proposal to make the existing I-voting more secure by switching to the use of secure smartcards that allow to have individual verifiability.

It draws early comparison with a competing proposal of achieving verifiability (by using smartphones and QR codes) by Willemson and Heiberg, a variant of which was later adopted and was implemented in the local elections in 2013 in the national scale.

The proposal was not meant to be published, but given the recent public criticism --- by Alex Halderman and a team, https://estoniaevoting.org (full report available in the 'Downloads' section) --- against Estonian I-voting (and in particular, against the smartphone-and-QR code approach) I decided to make it public. The version is as it was in 2012, only with references slightly updated.

Short URL: ia.cr/2014/348

[ Cryptology ePrint archive ]