The voter enters the polling station and identifies himself/herself using an id card. The voting committee checks the voter appears in the registered voters list and has not voted yet. The committee tells the voter to proceed to the voting booth.
The voter enters the voting booth and makes his/her choices on a touch screen. The voting machine prints out a ballot consisting of two detachable halves, one contains the vote in plain text and the other contains the vote encrypted.
At this stage the voter can either audit the ballot or use it for voting.
a) If the voter chooses to proceed,
the voter takes the ballot, folds it over the plain text, leaves the voting booth and proceeds with step 4.
b) If the voter chooses to audit, the voting machine reveals how the ballot was created. There is a simple algorithm (using the additional data the voting machine supplied for the audit request) checking that the plain text and the electronic encryption that appear on the ballot match. The algorithm can be run while still at the polling station, or at any later time. Anyone with basic cryptographic background can write the checking algorithm. For example, the following Android application does this test.
The checking algorithm can either pass or fail:
The voter hands the folded ballot to the voting committee. The committee stamps the ballot and the cipher text is scanned and published on the public ballot tracking web page.
The voter then tears the ballot in half in front of the polling station committee members. The covered plain text is cast into the ballot box, and the cipher text is given to the voter as a receipt. The voter can use it to verify that his encrypted vote was indeed uploaded to the public ballot tracking web page.