Based on the experiences from my masters thesis I've designed and implemented a simple election system. The system is currently in use here at the university for elections to the board of trustees, academic council and study boards.

Election model

Votes are protected in two ways: 1) they are encrypted and 2) the connection between the submitted ballot and the voter can only be established with the receipt sent to the voter.

All votes are encrypted with public-key encryption and then stored in a database. An election has an election_key, the private key for the encryption. The password to the private key are split into a number of parts each held by a member of the election comitee (I have some ideas regarding using a threshold based encryption scheme for the keyholders).

When the voter votes first time a random and unique receipt is printed on screen and sent to the voters email. The email is digitally signed to prevent someone from invalidating the election with false receipts. The votes are stored in the database with the GUID as key, it's a sha1 checksum of the voters uid and receipt. In the list of eligible voters is a counter of how many times the voter has voted. The voter can cast any number of votes but only the last submitted vote is counted.

Technology

The implementation is done in Perl and uses Template Toolkit for page rendering. The database used is Postgres, but with minor adjustements anything should work. The authentication is CAS sing-sign-on and user info is fetched from LDAP. The application is bi-lingual, currently danish and english.

The administration interface is crude, it includes a interface to genereate pdf's with eligible voters and view election results. Definition of elections, electorial lists, candidates and eligible votes is done with batch-scripts and sql-statements.

I'm planning to GPL the software and make it available to everyone. Please contact me if you like to see the software in it's current form.