Or you can use a system with paper ballots where you fill in the bubble next to the candidate to vote and that can be quickly counted by simple, cheap, already widely used optical scan machine and can be hand audited, but by doing some clever things when you print the ballots get an end to end verifiable system that among other things:
1. Allows you to publish all the ballots afterwards so that any third party can do their own recount,
2. Allows voters to verify that their vote was counted correctly, but does not allow them to prove to a third party how they voted,
3. Allows voters to check before voting that the ballots have been correctly printed.
4. Looks and feels like a plain old fill in the bubble optical scan system to voters who don't want to take advantage of the extra security provided by the above measures.
Here's a paper about this [1]. Wikipedia article [2]. Here's a paper on the coercion resistance of that system [3].
> After the election, the trustees generate an independent tally from the voter-verifiable list of ballots and confirmation codes. Since the link between a confirmation code and the candidate voted for must remain secret, the tally is generated using an anonymity-preserving backend.
The Wikipedia article doesn't make it clear what threat model is being considered for this "anonymity-preserving backend".
If in your election you have a major party with an interest in preventing a count from occurring, or intimidating people with the threat of having their vote leaked, then "Don't worry, it uses clever cryptography" might not be enough to convince your jurisdiction to adopt this.
I'd state it even more strongly: the legitimacy of an election is based on public trust, and therefore contingent upon its auditability by an average citizen with no special training. This is why pen and paper is the optimal technology for the job (though tzs's solution seems compatible with that end, and is probably a net win).
1. Allows you to publish all the ballots afterwards so that any third party can do their own recount,
2. Allows voters to verify that their vote was counted correctly, but does not allow them to prove to a third party how they voted,
3. Allows voters to check before voting that the ballots have been correctly printed.
4. Looks and feels like a plain old fill in the bubble optical scan system to voters who don't want to take advantage of the extra security provided by the above measures.
Here's a paper about this [1]. Wikipedia article [2]. Here's a paper on the coercion resistance of that system [3].
[1] https://www.usenix.org/legacy/event/evt08/tech/full_papers/c...
[2] https://en.wikipedia.org/wiki/Scantegrity
[3] https://eprint.iacr.org/2010/502.pdf