Internet Voting Maturity Framework — Quantifying Maturity in Internet Voting Protocols
Stanisław Barański, Ben Biedermann, Joshua Ellul · 2026 · ACM Distributed Ledger Technologies · doi:10.1145/3797872
Summary
This paper introduces the Internet Voting Maturity Framework (IVMF), a structured, trust-centric scoring methodology for evaluating and comparing seventeen internet voting protocols. The research addresses a critical gap: despite a proliferation of i-voting systems, no unified framework existed to assess security, usability, and trustworthiness against standardized criteria that also reflect real-world deployment concerns. The authors — from Gdansk University of Technology and the University of Malta — combine systematic literature analysis with qualitative expert evaluation of protocol documentation. The IVMF operationalizes maturity through three composite indicators: Complexity (CMPX), which measures the number and trust-sensitivity of system components; Practical Usability (PU), which scores real-world deployment history on a 0–3 scale; and Trust Model (TM), which quantifies each protocol's reliance on trusted parties across six security properties: Voter Anonymity, Voting Secrecy, Individual Verifiability, Universal Verifiability, Eligibility Verifiability, and Coercion Resistance. The Trust Model tier system ranges from Centralized (a single trusted party, highest reliance) through Distributed Closed and Publicly Verifiable to Trustless (permissionless public blockchain, lowest reliance on trust). A weighted composite score generates a ranked maturity index. The seventeen protocols analyzed span government-built systems (CHVote, Estonian IVXV, Scytl/sVote), academic protocols (Helios, Belenios), and blockchain-native systems (MACI, Voatz, Snapshot, Vocdoni, zkSnap, Cicada, Open Vote Network, Decidim, and others). The framework's accessibility motivation is explicit: internet voting removes participation barriers for remote communities, people with disabilities, and overseas voters, and was adopted during COVID-19 to enable continued democratic participation when in-person voting was unsafe or impossible.
Key findings
CHVote (Switzerland) and the Estonian IVXV system achieved the highest overall maturity scores, both earning the maximum Practical Usability rating (PU=3) from repeated deployment in legally-binding national elections. MACI ranks third, distinguished by its strong cryptographic coercion resistance via a key-switching mechanism — the strongest such property of any analyzed protocol. Voatz ranks last, exposed by an independent security analysis revealing that a backend administrator could deanonymize votes, and that the system's PDF receipt fundamentally violates receipt-freeness. Coercion resistance is the hardest property to achieve: no protocol attained full trustless receipt-freeness. Most systems offer only weak mitigation via re-voting mechanisms; Estonia's hybrid model — where an in-person vote overrides any previously cast online vote — provides strong procedural resistance but is not a cryptographic guarantee. Blockchain-based systems outperform traditional systems on universal verifiability and common knowledge (every node acts as an auditor), but they also introduce greater architectural complexity and, when using private permissioned chains, can actually centralize trust rather than distribute it. Government systems consistently outranked blockchain systems, primarily due to higher practical usability scores from real election deployment. Sensitivity analysis demonstrated that the overall maturity rankings are robust to moderate changes in indicator weights, validating the framework's stability.
Relevance
For digital accessibility practitioners, this paper is directly relevant because it establishes a rigorous framework for evaluating whether internet voting systems can serve as inclusive alternatives to in-person voting. The accessibility argument is central to the paper's motivation: i-voting is framed as a mechanism for enfranchising voters with disabilities, those in remote or archipelagic regions, and those who cannot physically attend polling stations. The IVMF provides decision-makers — including government officials and disability advocacy organizations — with a structured tool to compare systems on real-world deployability alongside security. The finding that simpler systems score higher on practical usability aligns with accessibility principles: lower complexity generally correlates with broader manageability and easier auditing. The framework is explicitly adaptable: weights can be tuned to prioritize trust model strength or practical usability depending on context. The conclusion that no current system achieves fully trustless coercion resistance is an important caveat for organizations considering internet voting as an accessible, secure alternative for elections serving voters with disabilities.
Tags: internet voting · e-voting · blockchain · accessibility · trust models · security · cryptography · digital democracy · decentralized autonomous organizations · verifiability
Standards referenced: Council of Europe Recommendation CM/Rec(2017)5 · EU eIDAS Regulation 2024/1183