Coercion-Resistant Elections
A live demo of the Civitas / JCJ cryptographic voting protocol. Register voters, cast real and coerced ballots, then run the full tabulation pipeline — PET deduplication, RPC MixNet anonymisation, threshold decryption, tally.
Server not running
Start the local server to use the demo:
This page will connect automatically once the server is up.
1 Initialize Election
Generates a shared KTT key across 3 independent tellers via distributed ElGamal key generation, and publishes the encrypted candidate list.
2 Register Voter
Issues credential shares from both registrars with DVRP proofs. The voter verifies the proofs and combines shares into a private credential.
3 Cast Real Ballot
Voter encrypts their credential and vote choice, generates a VotePf proof of knowledge and a ReencPf proof that the choice is one of the published candidates.
4 Submit Coerced Ballot
Simulates a voter being forced to vote under duress. The ballot uses a random unregistered credential — it looks cryptographically valid but will be eliminated by the PET credential check during tabulation. The real ballot wins.
5 Tabulate
Runs the full Civitas pipeline: validate proofs → PET duplicate elimination → PET credential check → RPC MixNet anonymisation → distributed decryption → tally. Takes ~30 seconds.
Reset
Clear all state and start a new election.