Selectio Helvetica with Anonymized DSA Public Keys

Infrastructure attack protection
All internet voting systems are vulnerable to denial-of-service attacks. There are defenses against these kind of attacks, but they can't stand up to an adversary given sufficient computing power. In the event of such a situation voters would have to vote in person (or by mail)

Outsider hacking protection
All internet voting systems are, at least potentially, vulnerable to outside attack on the servers running the software. Yet there is a high degree of protection against such attempts because of the public bulletin board. Auditors and individuals will notice if information gets deleted from the board for no apparent reason, or if anything is edited. The server doing the tallying must remain secure, but the tallying can be re-done if the bulletin board stays online.

Malware and virus protection
This is a problem. If the voters' computers run viruses, they might display corrupt information at verification and mislead voters. Still, users can verify their votes online by checking the public bulletin board. It's also possible that there could be a utility to allow them to verify their vote using another channel (like SMS), or they could just use another machine. If they have any doubt about the integrity of their vote, they can re-vote in person or online.

Man in the middle attack protection
This is mitigated by the fact that the man in the middle doesn't know the content of the vote that is being transmitted. The voter could check to ensure that his or her vote went through the system as well before the election ends.

Insider attack protection
This hasn't been addressed because this system is theoretical. This is a big issue however. It can be partially addressed by 1) open source software and 2) security of the systems themselves - at least there are less machines to deal with compared with DREs.

Coercion resistance
Hanni and Spycher admit that their protocol isn't receipt-free, thus it provides minimal defense against vote selling and coercion. After voting, the voter possesses his private key which can be combined with his encrypted ballot on the bulletin board to prove to any adversary how he voted. This is partially solved because they can change their vote at a polling station, or online (though this may not help when an adversary demands the voter's username and password.)

Ensuring one person, one vote
Like in Selectio Helvetica, voters must sign their votes. As the authors write, "multiple ballots from the same eligible voter contain the same anonymous key and are therefore detected during the tallying phase."

Counting and tallying accuracy
The system should accurately count and record votes. For Selectio Helvetica (but applicable here) Dubuis et al write that "the integrity can... be ensured by letting voters digitally sign their votes cast." Verifiability helps ensure this - anyone can ensure that their vote has been included in the final tally. Auditors monitoring the system can identify suspicious activity (i.e. if ballots are being deleted)

Voter anonymity
The protocol provides a high degree of privacy. As Haenni and Spycher write, "Every plaintext vote is unambiguously linked to an anonymous key, but linking the anonymous key back to its owner is prohibited by the anonymous channel and the unlinkability property of the public key shuffling procedure." This also prevents an adversary from finding out whether a particular voter has voted. The anonymous channel discussed "may be hard to implement," but use of mix nets before vote encryption could solve this.

Voter verifiability
As the authors wrote for Selectio Helvetica (though applicable here) "Verifiability is... achieved by publishing all votes cast (together with... cryptographic proofs) on a public bulletin board." This could be checked automatically. Voters can't delete/change anything and can verify that their vote was counted.

Immediate results protection
So long as there are multiple "key shares split among several independent tally authorities" then no election results should be obtainable before the voting period ends.

Ease of performing a recount
Theoretically anyone with the data should be able to tally it themselves provided that they have all the necessary decryption keys. Some may object to this type of recount, however. In particular, if the bulletin board is running the wrong software (assuming this goes undetected which isn't likely) then this kind of recount seems to beg the question. Ultimately, this question seems to not have been explored as to whether recounting the data on the bulletin board would solve back all of the potential harms that could appear during the voting process.

Usability
The exact usability of the system isn't fully known because this system is more of a general protocol at this stage rather than something that has been implemented and tested.