Randomized voting

In theory, an election is a simple process: People express their preferences. The winner is the candidate preferred by the majority. In practice, an election is a amalgam of many choices and procedures, each of which can affect the outcome. These aspects run from the gamut from “Who is eligible to vote?” to “How does a voter physically express her preferences?” to “What mechanisms protect against fraud?” Mathematics is the ideal language for exploring some of the thorniest of such issues. There are two fundamental stages to voting. In the first stage, voters express their preferences. In the second stage, these cumulative preferences are processed in order to determine the winner(s). Historically, much of the mathematical literature on voting has been concerned with the second stage (see, for example, [10]). In these studies, mathematicians have considered the framework that arises from the basic axioms of voting theory. Their work has shown that there are significant limitations to the robustness of voting systems. More recently, mathematicians and computer scientists have focused their attentions on the first stage. The interest here arises from the two competing criteria of secrecy and verifiability. Roughly, secrecy means that there should be no way for anyone to tell how a specific individual voted. Secrecy is desirable as it guards against coercion of voters. Verifiability amounts to a mechanism for checking that the election was not subject to any fraud or errors. Either one of secrecy or verifiability is easy to design into an election protocol; the difficulty arises in trying to incorporate both criteria. The “secret ballot voting methods” widely used today protect secrecy at the expense of verifiability. (Unfortunately, the increasingly popular absentee ballots effectively provide neither.) While there are many safeguards in place to ensure accurate results, the individual voter is asked to trust that these safeguards are working and that the administering body is trustworthy. Several protocols have been proposed that utilize cryptography as a means of allowing secrecy and verifiability simultaneously. Some of the more recent proposals include those of Neff [5–7], the visual cryptography of Chaum [1], the Prêt-à-Voter scheme of Chaum and Ryan [2], and the Scratch-and-Vote enhancement of Adida and Rivest as described in [8]. For simplicity, we conflate these schemes into a “cryptologic method” we now describe. Each voter gets a receipt, albeit with the votes (more or less) listed only in encrypted form. These receipts are publicly posted. Since they are encrypted, secrecy is not compromised. Each voter can confirm that her (encrypted) vote made it out of the polling station. The administering body then decrypts these receipts so that the results of the election can be determined. A division-of-powers approach along with clever cryptologic protocols enables this all to occur while preserving both secrecy and verifiability. Within certain constraints, the security of the protocol can be proven mathematically. The voter does not need to trust the administering body. However, she must still trust cryptologic constructions and mathematical proofs that will be incomprehensible to the average voter. These cryptologic protocols are creative and robust systems; we do not claim or attempt to improve on them here. But while fraud in these systems is harder to perpetuate and errors can be caught, it is unclear that the average voter will trust the process any more than she trusts our current system. Here we pursue an alternate approach that offers a measure of secrecy and verifiability without relying on encrypted votes (though we do utilize standard digital signatures). In this paper we suggest a simple approach that lets some voters directly verify that their votes have been accurately recorded and that they are appropriately contributing to the final tallies. This is done while minimizing coercion and bribery. Third-party auditors play a crucial role in verifying votes and guarding against vote stuffing. No sophisticated network algorithms, encryption techniques, or blind faith in an administering body is asked. In our “randomized method,” most voters leave the polling station with a receipt. The receipt might correspond to someone else’s vote. These receipts can be compared to the contents of a plaintext list on a