Prêt à Voter

Prêt à Voter is an E2E voting system devised by Peter Ryan of the University of Luxembourg. It aims to provide guarantees of accuracy of the count and ballot privacy that are independent of software, hardware etc. Assurance of accuracy flows from maximal transparency of the process, consistent with maintaining ballot privacy. In particular, Prêt à Voter enables voters to confirm that their vote is accurately included in the count whilst avoiding dangers of coercion or vote buying.

The key idea behind the Prêt à Voter approach is to encode the vote using a randomized candidate list. The randomisation of the candidate list on each ballot form ensures the secrecy of each vote. Incidentally, it also removes any bias towards the top candidate that can occur with a fixed ordering.

The value printed on the bottom of the receipt is the key to extraction of the vote. Buried cryptographically in this value is the information needed to reconstruct the candidate order and so extract the vote encoded on the receipt. This information is encrypted with secret keys shared across a number of tellers. Thus, only the set of tellers acting together are able to interpret the vote encoded on the receipt. No individual agent or machine involved in the election should ever be able to tie a particular voter to a particular decrypted vote.

After the election, voters (or perhaps proxies acting on their behalf) can visit the Web Bulletin Board (WBB) and confirm their receipts appear correctly. Once this is over, the tellers take over and perform anonymising mixes and decryption of the receipts. All the intermediate stages of this process are posted to the WBB and are audited later.

There are various auditing mechanisms to ensure that all the steps, the creation of the ballot forms, the mixing and decryption and so on were all performed correctly, but these are carefully designed so as not to impinge on ballot privacy.

Example
Suppose that our voter is called Anne. At the polling station, Anne chooses, at random, a ballot form sealed in an envelope. An example of such a form is shown below:

In the booth, Anne extracts her ballot form from the envelope and makes her selection in the usual way by placing a cross in the right-hand column against the candidate of choice (or, in the case of a Single Transferable Vote (STV) system for example, she marks her ranking against the candidates). For example, a vote for Asterix is given by:

Once her selection has been made, she separates the left and right hand strips along a perforation and discards the left hand strip. She is left with the right hand strip which now constitutes her privacy protected receipt, as shown in Table 3.

Anne now exits the booth clutching her receipt, registers with an official, and casts her receipt. Her receipt is placed over an optical reader or similar device that records the random value at the bottom of the strip and records in which cell her "X" is marked. Her original paper receipt is digitally signed and franked, and returned to her to keep.

Note that because the candidate list is removed before scanning, the machine that reads the ballot paper never learns the content of the vote. This prevents (intentional or unintentional) violation of vote privacy by the scanning equipment.

Origin
Prêt à Voter was inspired by the earlier, voter-verifiable scheme by David Chaum. It replaces the visual cryptographic encoding the voter's choice in Chaum's scheme by the conceptually and technologically simpler candidate randomization. The Prêt à Voter idea of encoding the vote through permutations has subsequently been incorporated in Chaum's Punchscan scheme. However Punchscan uses a permutation of indirection symbols instead of candidate names allowing it to comply with voting laws that require a specific ordering of candidates. The first implementation of Prêt à Voter, by a team led by the University of Surrey, won Best Design, and overall second place at the 2007 University Voting Systems Competition, after the winning team, Punchscan, uncovered a security flaw in the random number generator portion of the Prêt à Voter source code .

Past development
An EPSRC-funded project, Trustworthy Voting Systems, ran from April 2009 to April 2014, and aimed to enhance the design of Prêt à Voter in various ways, to build a full prototype implementation, and to produce mathematical proofs of the claimed security properties of Prêt à Voter. The project was run by James Heather and Steve Schneider at the University of Surrey, and Mark Ryan at the University of Birmingham; it was a close collaboration with the FNR-funded SerTVS project run by Peter Ryan at the University of Luxembourg.

Current development
There appears to have been no development since 2014. Their domains have expired as of 2015.

Security Analysis
There were a few different studies done, mostly concluding that the system was secure and "remarkably robust", despite a few possible attack vectors.