A Parameterizable Research Framework for Electronic Voting Based on Cryptographic Protocols and Blockchain Audit

Round 1

Reviewer 1 Report

Comments and Suggestions for Authors

1. I am not fully convinced by the “secure electronic voting system” claim. The paper presents a research prototype, but it does not provide a formal security proof, rigorous protocol specification, or complete cryptographic verification of the claimed properties.
2. I think the parameterizability idea is promising, but it is not implemented strongly enough. The paper admits that some security profiles are partly architectural or experimental rather than fully executable protocol pipelines. This weakens the claim that the system is truly configurable across security levels.
3. I am concerned that the blockchain role is still somewhat overvalued. The authors correctly state that blockchain alone does not solve privacy or correctness, but the prototype still seems to rely heavily on blockchain as an audit layer without proving that it improves security compared with a conventional append-only bulletin board.
4. I am not fully convinced by the threat model. Important real e-voting threats such as coercion, vote buying, malware on voter devices, denial-of-service attacks, side-channel leakage, compromised authorities, and Byzantine behavior are either excluded or only lightly discussed.
5. I think coercion resistance is a major missing property. Receipt-based verification may improve individual confidence, but it can also create risks if receipts can be used to prove voting behavior. The paper should discuss receipt-freeness and coercion resistance much more carefully.
6. I am concerned that the threshold-authority model is not realistic enough. The paper refers to threshold-supported artifacts, but the trusted authorities are not independently deployed or operationally separated. Without true independent authorities, the trust-reduction claim is limited.
7. I am not fully convinced by the homomorphic counting description. The paper mentions homomorphic aggregation, but the exact cryptographic construction, ballot validity proof, ciphertext format, key generation, decryption protocol, and tally verification process are not specified in enough detail.
8. I think the lack of a full zero-knowledge proof layer is a serious limitation. Secure voting systems usually need proofs that encrypted ballots are well formed without revealing the vote. Without this, invalid encrypted ballots could affect the tally unless additional assumptions are made.
9. I am concerned about the experimental scale. The benchmark uses very small numbers of voters and candidates, such as up to 25 voters and 5 options. This is useful for prototype testing, but it cannot support claims about scalability or deployment readiness.
10. I am not convinced by the performance evaluation. All experiments are run locally on a single MacBook without distributed network interaction, real blockchain consensus, independent authorities, or realistic concurrent voting. The results therefore measure only local prototype overhead, not real system performance.
11. I think the comparison with existing systems is too qualitative. The paper compares features with Helios, blockchain voting systems, and classical cryptographic schemes, but it does not run a direct benchmark or formal comparison against an existing implementation.
12. I am concerned that the manuscript sometimes uses imprecise terminology. Terms such as “newsletter,” “voice,” “zero-disclosure evidence,” and “bulletin” appear inconsistently, which makes the technical protocol harder to understand and reduces confidence in the cryptographic presentation.

Author Response

Thank you very much for taking the time to review this manuscript. Please find the detailed responses below and the corresponding revisions/corrections highlighted in the resubmitted files.

Author Response File: Author Response.docx

Reviewer 2 Report

Comments and Suggestions for Authors

The abstract introduces many concepts (blind signature, homomorphic counting, blockchain audit, etc.) without structuring them hierarchically or clearly indicating the main contribution vs. support components. Explicit delimitation between the original contribution and the integrated elements is recommended.

It is stated that the novelty consists of the “parameterizable architecture”, but it is not clear whether this is a conceptual, methodological or technical innovation. Rigorous comparison criteria with similar works are missing.
Introduction included general formulations, without strong critical positioning

The introduction resumes general ideas about e-voting without clearly highlighting the research gap. The existence of a problem is suggested, but this is not explicitly and critically formulated.
Lack of a formal definition for “parameterizable designer”

The central concept of the paper is introduced vaguely. There is no formal definition (mathematical or systemic), which reduces scientific rigor. The contributions are descriptive rather than demonstrative.

The contributions are formulated as a description of the system, not as validated results. There are no formulations like: "we prove", "we demonstrate empirically that...".

Related Work – good structure, but insufficiently critical. The section is well organized thematically, but the analysis is predominantly descriptive. The limitations of the cited works in direct relation to the proposed solution are not clearly highlighted.

Linguistic coherence problems (stylistic mix), page 5, line 178 ("активно explored")
Linguistic inconsistencies appear (English + terms from other languages), which affects the academic quality and professionalism of the text.

Table 1 – useful, but insufficiently explained, The table provides a good comparison, but is not accompanied by a sufficiently deep interpretative analysis. Comparative implications should be discussed, not just presented.

The architecture is well described narratively, but a formalization (formal diagram, mathematical model or pseudocode) is missing. This limits reproducibility.
Voting protocol ..conceptually correct, but insufficiently analyzed from a security perspective

Page 8, phases 1–7 describe the phases, but there is no formal analysis of vulnerabilities at each stage (e.g. possible attacks, probabilities, security conditions).

The authors acknowledge the limitations (lack of resistance to coercion, Byzantine attacks, etc.), but these are major for e-voting. Thus, the practical applicability is seriously reduced.

The experiments are performed in a controlled local environment (MacBook, without a distributed network), which affects external validity. They cannot be generalized to real systems.

The authors justify the computational costs, but the analysis seems defensive, not critical. Concrete comparisons with other systems (external benchmark) are missing.

There are conceptual repetitions (e.g. the role of blockchain as an audit layer is reiterated several times), which dilutes the clarity of the argument.

Comments on the Quality of English Language

No obs.

Author Response

Thank you very much for taking the time to review this manuscript. Please find the detailed responses below and the corresponding revisions/corrections highlighted in the resubmitted files.

Author Response File: Author Response.docx

Round 2

Reviewer 1 Report

Comments and Suggestions for Authors

All my concerns have been adequatlly addressed.

Reviewer 2 Report

Comments and Suggestions for Authors

The article has been substantially improved. There are no more aspects that need clarification.

Comments on the Quality of English Language

No obs.