Norway

This system is to be used in the 2011 local elections, and was developed in part by Scytl. This election represents a relatively small scale trial for Norway's election system - the current plan is to have internet voting available in time for the 2017 national elections. Norway's system is not universally verifiable, but it shares similar properties to an E2E voting system. There is no public bulletin board - instead, voters are sent a receipt by a "receipt generator" through a second channel (in this case, SMS.) This presumably doesn't open up extra avenues for coercion, however, because the receipt is a seemingly random string of numbers that correspond to digits on the voter's card (that he or she receives through mail.) However, this may create issues with verifiability.

Infrastructure attack protection
All internet voting systems are vulnerable to denial-of-service attacks. There are defenses against these kind of attacks, but they can't stand up to an adversary given sufficient computing power. In the event of such a situation voters would have to vote in person (or by mail)

Outsider hacking protection
There is a fair amount of protection against outside hacking attempts. If the ballot box was corrupted, the auditor would notice something going awry unless it was corrupt as well. It would be very hard for both of these systems to fall prey to outside hacking attempts assuming that they are programmed well. Given Norway's transparency about the matter (the code is open source so anyone can try to find vulnerabilities) this constraint is likely met, though we still don't know for sure.

Malware and virus protection
There is moderate protection against viruses. While viruses can change the vote of a user, the receipt generator offers voters another channel to ensure that the vote has been recorded correctly. If it looks like they have a virus, voters can vote on another machine or vote in person.

Man in the middle attack protection
The system should be difficult for a man in the middle to tamper with, so long as there is a certificate authority for the voter to trust. Votes are encrypted, and the computer waits for a signed response from the receipt generator so it looks suspicious if there's a major delay (or if the message doesn't arrive). If the wrong message comes from the receipt generator then the voter knows that something is wrong. But could this message be spoofed itself? (In the SERVE report, Jefferson et. al mention that "attackers could engage in election fraud by spoofing the voting server and observing how the voter votes," and could then redirect the voter if the vote is to their liking, at least in the SERVE protocol) The receipt generator serves as a defense against this - it sends the user a message over another channel verifying his or her vote. This message would be difficult to spoof because it uses a set of codes to communicate with the voter.

Insider attack protection
Protection against insider attacks is an issue in any voting system, especially one that involves voting online. However, there are defenses against this. First, the Norwegian government has decided on "nearly complete transparency" - making the voting system open source, etc. Further, there are multiple modules that would need to be compromised in order to pull off a successful insider hacking attempt: both the decryption service and the auditor would have to be corrupt. Yet the threat still exists.

Coercion resistance
There is a moderate level of protection against coercion. Depending on how the receipt is set up, it may not serve as an exact receipt to the election (i.e. it may depend on a card the voter has that can easily be falsified). Further, voters can still vote more than once (canceling previous votes) or in person.

Ensuring one person, one vote
Assuming the security of the system holds, voters should be only allowed to vote once. Gjosteen writes that "With signed ballots, it is also easy for the ballot box and the auditor to ensure that at most one ballot is counted per voter."

Counting and tallying accuracy
The vote has a very high chance of being accurately counted and recorded thanks to the auditor. Also the voter is messaged a receipt by the receipt generator.

Voter anonymity
Gjosteen writes that "condentiality is preserved, even if the auditor is corrupt." This is because ciphertexts seen by the auditor contain no information about the ballots. Also, even if the decryption service is compromised, the ballots still remain confidential. Further, the "corrupt receipt generator learns nothing about the submitted ballots, except what the receipt codes tell him." Therefore, multiple parts of the election infrastructure need to be corrupt in order to breach anonymity.

Voter verifiability
A receipt generator is in place to send a message to the voter verifying their vote. This could be transmitted through snail mail, SMS, or online. This verification indicates a high probability that someone's vote will be counted.

Immediate results protection
In order to decrypt the votes a set of key shares given to notable government figures would need to be assembled. Only then would the election officials be able to obtain election results.

Ease of performing a recount
With backups of the ballot box it should be possible to perform a recount. However this may not be very useful because it assumes the ballot box isn't corrupted. The auditor checks for that, but it's not 100% perfect.

Usability
Norway's internet voting system is probably just as easy to use as its regular voting system, if not easier. Norway's election system is complicated because it uses proportional representation, while giving citizens a high degree of freedom as to which candidates they want to vote for. Internet voting would probably be as easy as a touch screen DRE to vote with as both allow voters to visualize their choices - in addition, it would likely be more convenient.

Transparency
The Norwegian government decided on "nearly complete transparency" for their elections. This goal manifests itself in many ways - the code is open source, for example.