Bryan Meng-Hong Tsai

Security Properties for Electronic Voting

  1. Eligibility and Authentication. Only authorized voters should be able to vote. [1]
  2. Uniqueness. No voter should be able to vote more than one time. [1][6]
  3. Accuracy. Election systems should record the votes correctly. [1]
  4. Integrity. Votes should not be able to be modified, forged, or deleted without detection. [1][6]
  5. Verifiability and Auditability. It should be possible to verify that all votes have been correctly accounted for in the final election tally, and there should be reliable and demonstrably authentic election records. [1]
  6. Reliability. Elections systems should work robustly, without loss of any votes, even in the face of numerous failures, including failures of voting machines and total loss of Internet communication. [1]
  7. Voter Anonymity and Non-Coercibility. Neither election authorities nor anyone should be able to determine how any individual voted, and voters should not be able to prove how they voted. [1][6]
  8. Flexibility. Election equipment should allow for a variety of ballot question formats, be compatible with a variety of standard platforms and technologies, and be accessible to everyone including disabilities. [1]
  9. Efficiency. Election systems should be efficient. [9]
  10. Interface Usability and Convenience. Voters should be able to cast votes quickly with minimal equipment or skills. [1][6]
  11. Certifiability. Voting systems should be testable so that election officials have confidence that they meet the necessary criteria. [1]
  12. Trusted Path. A reliable mechanism for delivering cast vote to the election server in a timely manner. The path must be trusted (secure) throughout the period during which votes are transmitted.
  13. Documentation and assurance. The design, implementation, development practice, operational procedures, and testing procedures must all be unambiguously and consistently documented. Documentation must also describe what assurance measures have been applied to each of those system aspects. [2]
  14. System Management and Operation.


  1. "Report of the National Workshop on Internet Voting: Issues and Research Agenda," by Internet Policy Institute, March 2001.
  2. "Security Criteria for Electronic Voting," by Peter G. Neumann, 16th National Computer Security Conference, September, 1993.
  3. "Security Considerations for Remote Internet Voting," by Avi Rubin, AT&T Labs.
  4. "Accuracy, Integrity, and Security in Computerized Vote-Tallying," by R.G. Saltman, NBS (now NIST) special publication, 1988.
  5. "Evaluating Voting Technology," by Douglas W. Jones, Testimony before the United States Civil Rights Commission Tallahassee, Florida, January 11, 2001.
  6. "Design and Implementation of a Practical Security-Conscious Electronic Polling System," by Lorrie Faith Cranor and Ron K. Cytron.
  7. "Electronic Voting - Evaluating the Threat," by Michael Ian Shamos,
  8. "Computer-Related Risks," by Peter G. Neumann, Addison-Wesley, 1995.
  9. "Voting and Technology: Crypto-Gram -- December 15, 2000," by Bruce Schneier.
  10. "Rebecca Mercuri's Statement on Electronic Voting," by Rebecca Mercuri.
  11. "Risks in Computerized Elections," by Peter G. Neumann, Inside Risks, 5, CACM 33, 11, p. 170, November 1990.
  12. "Disenfranchised by design: voting systems and the election process," by Susan King Roth, Information Design Journal, Volume 9, No. 1, 1998.