ThreeBallot

ThreeBallot is an end-to-end (E2E) auditable voting system that can in principle be implemented on paper.

ThreeBallot attempts to solve this problem by giving each voter three ballots: one verifiable, and two anonymous.

At the polling station, the voter makes a copy of any one of his three ballots including its ID number.

A field test has found ThreeBallot to have significant privacy, security, and usability problems, as well as implementation pitfalls.

[2][3][4][5] The encryption system used in the ThreeBallot was broken by a correlation attack devised by Charlie Strauss,[4] who also showed how it could be used to prove how you voted.

[3] In either case, the veil of the secret ballot is pierced and traceable to the ID number on the receipt.

Rivest later acknowledged this logic error in the original concept[1] and revised the RFC schema in his final publication to require tearing off each row (each yes/no) individually (destroying the correlation of the questions) and also having unique tracking numbers on each mark on each ballot (not just one ID for each column ballot).

While this did restore the unbreakable aspect of the scheme, the proliferation of receipts (one per row) and chopped ballots rendered the mechanics of processing the votes or for a voter reviewing a receipt significantly complex, thus undermining its intended simplicity.

[1] An electronic version addressing the paper-ballot implementation and usability problems was proposed by Costa, et al.[6]

A sample ThreeBallot multi-ballot, with a first race for President with candidates Jones, Smith, and Wu and a second race for Senator with candidates Yip and Zinn.