2015 Neuchâtel’s Cast-as-Intended Verification Mechanism

  • David Galindo
  • Sandra GuaschEmail author
  • Jordi Puiggalí
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9269)


Cast-as-intended verification seeks to prove to a voter that their vote was cast according to their intent. In case ballot casting is made remotely through a voting client, one of the most important dangers a designer faces are malicious voting clients (e.g. infected by a malware), which may change the voter’s selections. A previous approach for achieving cast-as-intended verification in this setting uses the so-called Return Codes. These allow a voter to check whether their voting options were correctly received by the ballot server, while keeping these choices private. An essential ingredient of this approach is a mechanism that allows a voter to discard a vote that does not represent their intent. This is usually solved using multiple voting, namely, if the return codes received by the voter do not match their choices, they cast a new vote. However, what happens if voters are not allowed to cast more than one ballot (aka single vote casting)? In this paper we propose a simple ballot casting protocol, using return codes, for allowing a voter to verify votes in a single vote casting election. We do so without significantly impacting the number of operations in the client side. This voting protocol has been implemented in a binding election in the Swiss canton of Neuchâtel in March 2015, and will be the canton’s new voting platform.


Electronic voting protocols Binding election Cast-as-intended verifiability Malicious voting client Return codes 



We are thankful to the comments and suggestions made by the anonymous reviewers.


  1. 1.
    Crytographic key length recommendation (2015).
  2. 2.
    Adida, B.: Helios: web-based open-audit voting. In: van Oorschot, P.C. (ed.) USENIX Security Symposium, pp. 335–348. USENIX Association, Berkeley (2008)Google Scholar
  3. 3.
    Adida, B., de Marneffe, O., Pereira, O.: Helios voting system.
  4. 4.
    Adida, B., de Marneffe, O., Pereira, O., Quisquater, J.J.: Electing a university president using open-audit voting: analysis of real-world use of Helios. In: Proceedings of the 2009 Conference on Electronic Voting Technology/Workshop on Trustworthy Elections (2009)Google Scholar
  5. 5.
    Adida, B., Neff, C.A.: Ballot casting assurance. In: Wallach, D.S., Rivest, R.L. (eds.) 2006 USENIX/ACCURATE Electronic Voting Technology Workshop, EVT 2006, Vancouver, BC, Canada, 1 August 2006. USENIX Association (2006)Google Scholar
  6. 6.
    Allepuz, J.P., Castelló, S.G.: Internet voting system with cast as intended verification. In: Kiayias, A., Lipmaa, H. (eds.) VoteID 2011. LNCS, vol. 7187, pp. 36–52. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  7. 7.
    Bellare, M.: New proofs for NMAC and HMAC: security without collision-resistance. Cryptology ePrint Archive, Report 2006/043 (2006)Google Scholar
  8. 8.
    Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: Proceedings of the 1st ACM Conference on Computer and Communications Security. CCS 1993, pp. 62–73. . ACM, New York (1993)Google Scholar
  9. 9.
    Benaloh, J.: Simple verifiable elections. In: Proceedings of the USENIX/Accurate Electronic Voting Technology Workshop 2006. EVT 2006, p. 5. USENIX Association, Berkeley (2006)Google Scholar
  10. 10.
    Bernhard, D., Pereira, O., Warinschi, B.: On necessary and sufficient conditions for private ballot submission. Cryptology ePrint Archive, Report 2012/236 (2012)Google Scholar
  11. 11.
    Chancellery, S.F.: Explications relatives à l’ordonnance de la chancellerie fédérale sur le vote électronique (OVotE) (2013).
  12. 12.
    Chaum, D., Pedersen, T.P.: Wallet databases with observers. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 89–105. Springer, Heidelberg (1993) Google Scholar
  13. 13.
    El Gamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 10–18. Springer, Heidelberg (1985) CrossRefGoogle Scholar
  14. 14.
    Gerlach, J., Gasser, U.: Three case studies from Switzerland: E-voting (2009)Google Scholar
  15. 15.
    Gjøsteen, K.: Analysis of an internet voting protocol. Cryptology ePrint Archive, Report 2010/380 (2010)Google Scholar
  16. 16.
    Gjosteen, K.: The Norwegian internet voting protocol. Cryptology ePrint Archive, Report 2013/473 (2013)Google Scholar
  17. 17.
    Kripp, M.J., Volkamer, M., Grimm, R. (eds.): 5th International Conference on Electronic Voting 2012, (EVOTE 2012), Co-organized by the Council of Europe, Gesellschaft für Informatik and E-Voting.CC, 11–14 July 2012, Castle Hofen, Bregenz, Austria, LNI, vol. 205. GI (2012)Google Scholar
  18. 18.
    Lipmaa, H.: Two simple code-verification voting protocols. Cryptology ePrint Archive, Report 2011/317 (2011)Google Scholar
  19. 19.
    Malkhi, D., Margo, O.: E-voting without ‘Cryptography’. In: Blaze, Matt (ed.) FC 2002. LNCS, vol. 2357. Springer, Heidelberg (2003) CrossRefGoogle Scholar
  20. 20.
    Neuchatel: Guichet unique citizen portal.
  21. 21.
    Pedersen, T.P.: Non-interactive and information-theoretic secure verifiable secret sharing. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 129–140. Springer, Heidelberg (1992) Google Scholar
  22. 22.
    Pinault, T., Courtade, P.: E-voting at expatriates’ MPs elections in France. In: Kripp et al. [17], pp. 189–195Google Scholar
  23. 23.
    Puigalli, J., Guasch, S.: Cast-as-intended verification in Norway. In: Kripp et al. [17], pp. 49–63Google Scholar
  24. 24.
    Rosen, A., Ta-shma, A., Riva, B., Ben-Nun, J.: Wombat voting.
  25. 25.
    Sandler, D., Derr, K., Wallach, D.S.: Votebox: a tamper-evident, verifiable electronic voting system. In: van Oorschot, P.C. (ed.) USENIX Security Symposium, pp. 349–364. USENIX Association, Berkeley (2008)Google Scholar
  26. 26.
    Schnorr, C.: Efficient signature generation by smart cards. J. Cryptology 4(3), 161–174 (1991)zbMATHMathSciNetCrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  1. 1.Scytl Secure Electronic VotingBarcelonaSpain

Personalised recommendations