Designing issues and requirement to develop online e- voting system systems having a voter verifiable audit trail.

Similar documents
CHAPTER 2 LITERATURE REVIEW

Estonian National Electoral Committee. E-Voting System. General Overview

General Framework of Electronic Voting and Implementation thereof at National Elections in Estonia

Secure Electronic Voting

Secure Electronic Voting: New trends, new threats, new options. Dimitris Gritzalis

L9. Electronic Voting

M-Vote (Online Voting System)

Addressing the Challenges of e-voting Through Crypto Design

Secure Electronic Voting: Capabilities and Limitations. Dimitris Gritzalis

E- Voting System [2016]

E-Voting, a technical perspective

Challenges and Advances in E-voting Systems Technical and Socio-technical Aspects. Peter Y A Ryan Lorenzo Strigini. Outline

The usage of electronic voting is spreading because of the potential benefits of anonymity,

Statement on Security & Auditability

Swiss E-Voting Workshop 2010

ARKANSAS SECRETARY OF STATE

WHY, WHEN AND HOW SHOULD THE PAPER RECORD MANDATED BY THE HELP AMERICA VOTE ACT OF 2002 BE USED?

Volume I Appendix A. Table of Contents

Secure and Reliable Electronic Voting. Dimitris Gritzalis

Case Study. MegaMatcher Accelerator

CRYPTOGRAPHIC PROTOCOLS FOR TRANSPARENCY AND AUDITABILITY IN REMOTE ELECTRONIC VOTING SCHEMES

Key Considerations for Implementing Bodies and Oversight Actors

ARKANSAS SECRETARY OF STATE. Rules on Vote Centers

Smart Voting System using UIDAI

The E-voting Controversy: What are the Risks?

Should We Vote Online? Martyn Thomas CBE FREng Livery Company Professor of Information Technology Gresham College

SECURE REMOTE VOTER REGISTRATION

Internet Voting the Estonian Experience

A paramount concern in elections is how to regularly ensure that the vote count is accurate.

Voting Protocol. Bekir Arslan November 15, 2008

Privacy of E-Voting (Internet Voting) Erman Ayday

Union Elections. Online Voting. for Credit. Helping increase voter turnout & provide accessible, efficient and secure election processes.

SECURITY, ACCURACY, AND RELIABILITY OF TARRANT COUNTY S VOTING SYSTEM

Electronic Voting For Ghana, the Way Forward. (A Case Study in Ghana)

Electronic Voting in Belgium Past, Today and Future

TO: Chair and Members REPORT NO. CS Committee of the Whole Operations & Administration

Office for Democratic Institutions and Human Rights OSCE/ODIHR DISCUSSION PAPER IN PREPARATION OF GUIDELINES FOR THE OBSERVATION OF ELECTRONIC VOTING

Direct Recording Electronic Voting Machines

The problems with a paper based voting

City of Toronto Election Services Internet Voting for Persons with Disabilities Demonstration Script December 2013

Key Considerations for Oversight Actors

Response to the Scottish Government s Consultation on Electoral Reform

M-Polling with QR-Code Scanning and Verification

SEMINAR WORK: E- ELECTIONS AND E- VOTING - THE CASE OF SWITZERLAND AND FRANCE

SMART VOTING. Bhuvanapriya.R#1, Rozil banu.s#2, Sivapriya.P#3 Kalaiselvi.V.K.G# /17/$31.00 c 2017 IEEE ABSTRACT:

Introduction of Electronic Voting In Namibia

Secure Voter Registration and Eligibility Checking for Nigerian Elections

Online Voting System Using Aadhar Card and Biometric

Every electronic device used in elections operates and interacts

VOTERGA SAFE COMMISSION RECOMMENDATIONS

Electronic Voting Systems

FULL-FACE TOUCH-SCREEN VOTING SYSTEM VOTE-TRAKKER EVC308-SPR-FF

Cryptographic Voting Protocols: Taking Elections out of the Black Box

Chief Electoral Officer Directives for the Counting of Ballots (Elections Act, R.S.N.B. 1973, c.e-3, ss.5.2(1), s.87.63, 87.64, 91.1, and 91.

Trusted Logic Voting Systems with OASIS EML 4.0 (Election Markup Language)

Electronic Voting Machine Information Sheet

Nevada Republican Party

Arthur M. Keller, Ph.D. David Mertz, Ph.D.

Uncovering the veil on Geneva s internet voting solution

Security Analysis on an Elementary E-Voting System

SMS based Voting System

Ballot Reconciliation Procedure Guide

DIRECTIVE November 20, All County Boards of Elections Directors, Deputy Directors, and Board Members. Post-Election Audits SUMMARY

Electronic Voting: An Electronic Voting Scheme using the Secure Payment card System Voke Augoye. Technical Report RHUL MA May 2013

The Use of New Technologies in Electoral Process in Bosnia and Herzegovina: Where we started and where we are going

Brittle and Resilient Verifiable Voting Systems

The Use of New Voting Technologies (NVT)

Act means the Municipal Elections Act, 1996, c. 32 as amended;

DESIGN AND ANALYSIS OF SECURED ELECTRONIC VOTING PROTOCOL

Additional Case study UK electoral system

14 Managing Split Precincts

Procedures for the Use of Optical Scan Vote Tabulators

COMPUTING SCIENCE. University of Newcastle upon Tyne. Verified Encrypted Paper Audit Trails. P. Y. A. Ryan TECHNICAL REPORT SERIES

ANTI FRAUD MEASURES. Principles

E-Poll Books: The Next Certification Frontier

Implementation of aadhar based voting machine using

Global Conditions (applies to all components):

IC Chapter 15. Ballot Card and Electronic Voting Systems; Additional Standards and Procedures for Approving System Changes

Citizen engagement and compliance with the legal, technical and operational measures in ivoting

EXPERIENCING SMALL-SCALE E-DEMOCRACY IN IRAN. Mohsen Kahani Department of Computer Engineering,

E-Voting Solutions for Digital Democracy in Knowledge Society

Troubleshooting Manual

Running head: ROCK THE BLOCKCHAIN 1. Rock the Blockchain: Next Generation Voting. Nikolas Roby, Patrick Gill, Michael Williams

FAQ s Voting Method & Appropriateness to PICC Elections

A Study on Ways to Apply the Blockchain-based Online Voting System 1

OCSE Vienna 17/ Open Source Remote Electronic Voting in Norway

Computer Security Versus the Public's Right to Know

Cuyahoga County Board of Elections

User Guide for the electronic voting system

IN-POLL TABULATOR PROCEDURES

AFFIDAVIT OF POORVI L. VORA. 1. My name is Poorvi L. Vora. I am a Professor of Computer Science at The George

Novel E-Voting System with Biometric Authentication and Distributed Server System

Aadhaar Based Voting System Using Android Application

Democracy depends on losers accepting the results

PROCEDURES FOR THE USE OF VOTE COUNT TABULATORS

MUNICIPAL ELECTIONS 2014 Voting Day Procedures & Procedures for the Use of Vote Tabulators

An Overview on Cryptographic Voting Systems

E-Voting Within The E-Government System

Internet Voting: Experiences From Five Elections in Estonia

AADHAAR BASED VOTING SYSTEM USING FINGERPRINT SCANNER

Transcription:

PAPER ID: IJIFR/V1/E4/019 ISSN (Online):2347-1697 Designing issues and requirement to develop online e- voting system systems 1 Indresh Aggarwal, 2 Dr. Vishal Kumar 1 Research Scholar, Department of computer science Pacific University, Udaipur 2 Research Supervisor & Associate Professor Department of Computer Science MJP University, Bareilly Abstract Voting machines are useful tools built to improve the election process. They are combination of mechanical, electromechanical, electronic and software components working together in order to define ballots, cast and count votes, report eventually errors, report finals results and guarantee the safety, the privacy and the security of each polling. In e- voting system, several problems including unauthorized privilege escalation, incorrect use of cryptography, vulnerabilities to network threats, and poor software development processes have been identified. We conclude that this voting system is unsuitable for use in a general election. Any paperless electronic voting system might suffer similar flaws, despite any certification it could have otherwise received. It has been suggested that the best solutions are voting systems having a voter verifiable audit trail, where a computerized voting system might print a paper ballot that can be read and verified by the voter. Key Words: E-Voting System, Cryptography, Voter Verified Ballot, Security, Accuracy, Audit Trail 1 Introduction E-voting has been introduced prematurely to national elections in many countries worldwide. There are technical and organizational barriers which must be resolved before the use of e-voting can be recommended in such a critical context. Two fundamental requirements for e-voting systems are: ballot secrecy and accuracy. We describe the nature and implications of these facts, and examine the two main categories of proposed solutions: cryptographic voting schemes, and Voter Verified Ballot Test (VVBT). We emphasize "minimize". Eliminating problems with electronic voting machines is no more possible than with pen and paper, or other means. The proper test is whether the use of electronic voting systems introduces more vulnerability that cannot be remediated. Consider the nature of an election process that uses electronic voting systems. Essentially, the process must manage the flow of ballots from a point of origin to a system on which a voter casts her votes, and then to a tallying mechanism that counts the votes. At any point *except* when the voter is making her selections, the process must be observable, as is a process that uses paper and pencil. We adopt this view to study the design of an election that uses electronic voting systems. [1, 2] The properties that an election process must meet are many. We focus on a few key properties: Integrity: Ballots cannot be changed once cast and results are reported as determined. www.ijifr.com ijifr.journal@gmail.com, editors@ijifr.com IJIFR 2013 41 This paper is available online at - http://www.ijifr.com/searchjournal.aspx. ID: IJIFR/V1/E3/019

Accuracy of the tally: All valid votes are counted, and all invalid votes are discarded. here, "valid" and "invalid" mean conforming and not conforming to the laws governing legal ballot markings or representations. Secrecy of the ballot: No voter may be able to prove to another party how she voted. This prevents vote selling. Anonymity of the ballot: No party may determine how a voter voted. This prevents an unscrupulous party from forcing a voter to vote in a particular way.[3,4] 2 Research background According to data published on VerifiedVoting.org [5], few years later some Security Teams (UC Red Team, Stanford University, Johns Hopkins, ect.) [6, 7] tested the security of most common Voting machines. In the meantime despite industry tries claims that the problems reported by VerifiedVting.org have any effect on the past presidential race; but the security test result has been deleterious. The most popular Electronic Voting machine: Direct Recording Electronic (DRE) built by Sequoia Pacific, was vulnerable to at least 120 potential attacks[8] which an attacker could compromise each e-voting Machine. ADRE is an electronic machine able to collect ballots. It uses a large display (typically a touch screen) to visualize the ballot, a touch screen monitor or a buttons set to collect the votes and smart software to record them. The whole machine is covered from a resistant anti-shock case and protected by battery backup in order to prevent crashes and power loss. At the end of elections it produces a tabulation of data collected in a removable smart card and a printed copy[9] in order to verify an eventually smart card data manipulations. Companies put a lot of confidence in these few security levels forgetting the capabilities of attackers who can easily compromise the memory card integrity and/or install a malware inside DRE before voting has been started. Can we be sure that Machines software has recorded the correct ballot? Can we be sure that none could vote more than one time? These questions are useful to emphasize some of the most important sets of problems that literature has depicted [8, 10] 1. Insertion of Corrupt Software 2. Wireless and Remote Control 3. Tally Server counting 4. Calibration of the Machine 5. Shut Off Voting Machine Features Intended to assist Voters 6. Denial of Service 7. Actions by corrupt Poll Workers or Others at the Polling Place to affect Votes 8. Vote-Buying Schemes 9. Attacks on Ballots or VVPT 10. Unauthorized privilege escalation 11. Incorrect use of Cryptography 3 Research Objectives & Key Question The Internet voting system descriptions presented in this discussion are based on systems in use elsewhere. They are used in this section as a backdrop against which issues raised can be compared and contrasted. This paper is concerned with the vote collection and tabulation phases of the electoral 42

process. While other aspects of the electoral process have seen the introduction of technology, and may be fruitful areas for research, we chose to focus on e-voting: the use of technology to collect and count votes. Despite the variety of ways in which modern democracies implement elections, the following high-level view of the electoral process applies almost (if not actually) universally. Voter Registration: a list of eligible voters must be kept so that voting can be restricted to only eligible voters. Voter Authentication: when a person attempts to cast a vote, they must be authenticated against the list mentioned above. Vote Collection: the votes of authenticated eligible voters must be recorded in a way which preserves secret program. Vote Tabulation: results must be calculated based on the votes cast by authenticated eligible voters according to the appropriate algorithm. The first question that we identified is the requirements for secrecy and accuracy in online e-voting system. The sub question here could be phrased: What solutions have been proposed to provide secrecy-accuracy in online e-voting system? What is the nature of the e-voting itself? What are the consequences for e-voting specifically (as opposed to traditional paper-only elections), especially in dealing with fraud, error and usability issues? What solutions to these problems may propose, and how do they design the system? The third and most important sub-question encompasses the majority of the technical work of the thesis: Are there deficiencies in existing specifications of requirements for e-voting systems in critical elections? What can be done to address any such deficiencies?" What requirements catalogues exist? Are there any international standards? How suitable are such catalogues for the design, development and testing of e-voting systems? If we were to propose a new catalogue of requirements for e-voting for critical elections, what requirements would we include? 4 Research Issues and Proposals The voting system that exists in developing countries like India right now it is completely paper based that is from gathering the voter details to voting everything are done by hand and all kind of data are written on paper, so there are lots of chances of mistakes and corruption. People become voter in two different areas if people change their residence and become voter in the new area. People can even vote for multiple times because the way the authority follows to make sure a single vote for a single person is really an old style. In this section, we have analysed different issues that need to be taken care before implementation the system. The main issues discussed and some proposals are prepared to design the proposed system. The main issues covered in this section for proposed system are: 4.1 Voting Machine Database maintenance efficiency In e-voting system database is mainly divided into two parts. Those are population database and voter database. After entering all existing people in the data base, system will collect new entry 43

from the medical officer. New entry may be comes from Voting Ministry. All these entry will preserve at population database. Population database has two segments one is primary database and the other one is secondary database. Primary database keeps the record of that part of population whose age is between 0 to less than 18 years. But still he/she will not be a voter until his/her finger print is not given to the authority, which can be collected for UID database. If anyone dies, his /her record will remain in the population database but, their status will be dead. It goes for both of the databases of whose age are 0 to less than 18 and over 18 years. When the election comes the people who are voter, their record upgrade from population database to voter database. At that time this database will distribute the voter list according to their area Id. This will happen only at voting period. Otherwise rest of the time all the data will preserve in a single voter database, the voter list only distribute at voting period. 4.2 User or Voter Fingerprint matching Most efficient and effective part of this system is fingerprint. Fingerprint is a unique identification for any voter. All the information about voter will be preserve against the fingerprint. At the registration period when anyone gives his/her information the system will generate an Id against that information. This Id will be protected by his/her fingerprint. If anyone tries to make double entry in the voter database he/she cannot make that because of fingerprint. So the system makes ensure single entry for individual. The system will not transfer the entry until his/her fingerprint provided. No one can change others information only because of fingerprint. Even administrator cannot modify others information. So all the information will be strongly preserve in the database. In this system the administrator can only excess the data he/she cannot modify anything only because of fingerprint. 4.3 Network issues as system is online A three tiered network system has been proposed here for implementation of this electronic voting system. There will be a number of clients in the most root level that is it may be in Police Station level or sub-district level of a country. But it is necessary to have a lot of clients in the root level. Some clients together make a cluster. The cluster size should between 10 to 15 clients. In the district level there will be a dedicated application server for those police station or sub-district clients under that district. These application servers in this level won t accept packets from any other cluster under another application server. In the division level there will be some dispatcher for each division. These dispatchers will also be dedicated for those districts under that division. There will be a layer of application server layer after the dispatcher through which the dispatcher will pass the encrypted vote to the main database. 4.4 Encryption and decryption for security Security is a broad topic and covers a multitude of sins. In its simplest form, it is concerned with making sure that nosy people cannot read, or worse yet, secretly modify messages intended for other recipients. It is concerned with people trying to access remote services that they are not authorized to use. Most security problems are intentionally caused by malicious people trying to gain some benefit, get attention, or to harm someone. Secrecy has to do with keeping information out of the hands of unauthorized users. This is what usually comes to mind when people think about network security. There are various types of encrypting and decrypting algorithm. Substitutions ciphers, transposition ciphers, One-time pads, Quantum cryptography, Symmetric, 44

Asymmetric these are some algorithms. By using these types of algorithm any network system can be secured. 5 Changing the electoral process India uses electronic voting machines in voting places, but has not adopted online voting at the national level. India s Unique Identification Authority is laying the groundwork for online authentication for government services by issuing unique identification numbers to all Indian residents. The Authority began issuing identification numbers in 2010 and plans to issue 600 million numbers through its network of registrar offices located throughout the country by 2015 (Unique Identification Authority of India, 2011). Implementing Internet voting would require extensive revisions to long-established procedures for voting, counting, monitoring and auditing. It is critical that the general public trusts the security of new voting and counting processes and their ability to deliver a result that is a true and accurate reflection of their will as expressed through the voting process. If Internet voting is not trusted, voters may not accept the legitimacy of the elected members to govern. It is, therefore, very important that trade-offs among electoral principles are considered carefully. This section assesses Internet voting with respect to seven principles of democratic elections. In so doing, it describes some of the challenges presented by Internet voting, trade-offs that may be needed among electoral principles, and best practices that have emerged from implementations of Internet voting in public elections. Accessibility Equal voting power Secrecy Security Auditability Transparency Simplicity 6 Propose System Overview Wide area network will be used to design the whole network system. There will be both radio linked and optical fibre network. There will be one client server and three application server. From all the client servers to the application servers there will be radio linked network as the client server will be busy just in sending the encrypted votes to one of the application server through some other application server. The third application server will send them again to the main database through another application server. There will be optical fibre connection between the second application server to the third application server and from third to the main database. The e-voting system proposed here have been decomposed into several functions. The function specifies what the system does by describing its work. What inputs are fetched to the system, what outputs are produced and data manipulation performed by the system. It is better idea to divide the systems into some sub systems to have a better managed software development also improves reusable capability and make easier for maintenance. Each sub-system will have a well-defined interface with respect to the rest of the system. 45

Figure1: Network model for e-voting Following problems are overcome using the computerize e voting system. System will replace the manual record keeping system by computerize system. System will reduce the chances of error occurrence, while calculation. System will minimize time being consumed. System will increase security of votes. System will not allow chance of rejection of vote. System will do easy management of records. System wills easy searching of desire record. System will do online polling. To know easily whether the voter is registered or not. High and reliable security can be achieved. Insertion sort algorithm is also one of oldest, easiest and most useful sorting algorithms for dealing with modicum of data set. If the first few objects are already sorted, an unsorted object can be inserted in the sorted set in proper place 7 Conclusion In this paper, we proposed to introduce a new voting system that will be accurate, transparent, and faster and will ensure a single vote for a single person. Our proposed system has covered all of these issues successfully. Moreover this system will provide boundary less voting. A better database maintenance, automated registration system and the process of casting vote using finger print will further help us to fulfil our purpose. Based on the design principles and requirement, a prototype of the system for E-voting System has been proposed by the researchers and developed. The using of electronic voting has the potential to reduce or remove unwanted human errors. In addition to its reliability, e-voting can handle multiple modalities, and provide better scalability for large elections. E-Voting is also an excellent mechanism that does not require geographical proximity of the voters. 46

8 References [1] Ansper, A., Heiberg, S., Lipmaa, H., Overland, T. A., & van Laenen, F. (2011). Security and Trust for the Norwegian E-voting Pilot Project. Oslo: Ministry of Local Government and Regional Development. [2] Barnes, E. (2010, November 1). Internet Voting Arrives...But is it Secret and Secure. Retrieved from http://www.foxnews.com/scitech/2010/11/01/internet-voting-secretsafe/ [3] Beaucamps, P., Reynaud-Plantey, D., Marion, J.-Y., & Filiol, E. (2009). On the use of Internet Voting on Compromised Computers. Rennes: Equipe Carte-Loria and Army Signals Academy Virology and Cryptology Laboratory. [4] Benaloh, J. (2008, July ). Ensure Election Accuracy. Tech-Net Magazine. Retrieved from http://technet.microsoft.com/en-us/magazine/2008.07.fieldnotes.aspx [5] Bochsler, D. (2010). Can Internet voting increase political participation? Remote electronic voting and turnout in Estonian 2007 parliamentary elections. Central European University, Budapest: Centre for the Study of Imperfections in Democracies. [6] California Internet Voting Task Force. (2000, January 18). Technical Committee Recommendations. Retrieved from: http://sos.ca.gov/elections/ivote/appendix_ a5.html [7] Puiggali, J., Choliz, J., & Guasch, S. (2010, August 3). Best Practices in Internet Voting. Retrieved from:http://csrc.nist.gov/groups/st/uocava/2010/positionpapers/ _BestPracticesInternetVoting.pdf [8] Schryen, G., & Rich, E. (2009, July 17). Security in Large-Scale Internet Elections: A Retrospective Analysis of Elections in Estonia, The Netherlands, and Switzerland. Retrieved from: http://wwwusers.rwth-aachen.de/guido.schryen/publications/ Schryen%20Rich%20-%20Security%20in%20Large- Scale%20Internet%20 Elections%20-%20IEEE%20Transactions.pdf [9] Unique Identification Authority of India. (2011). Background. Retrieved from: http:// uidai.gov.in/index.php?option=com_content&view=article&id=141&itemid=164 Verified Voting. (2011, May 23). Internet Voting in India? Gujarat is the Early Adopter. Retrieved from: http://thevotingnews.com/international/asia/india/internet-voting-inindia- gujarat-is-the-early-adopterplugged-in/ [10] Zetter, K. (2010, October 6). Hacked Voting System Stored Accessible Password, Encryption Key. Retrieved from: http://www.wired.com/threatlevel/2010/10/votingsystem- hacked/ [11] Verification for Electronic Balloting Systems," Rebecca T. Mercuri and Peter G. Neumann, Chapter 3, Secure Electronic Voting, Dimitris Gritzalis, ed., Advances in Information Security, Volume 7, Kluwer Academic Publishers, Boston, November 2002. ISBN 1-4020-7301-1 [12] EETimes, Computer experts renew call for secure evoting http://www.eetimes.com/news/lastest/showarticle.jht ml?articleid=193100139 47

2024 © lawsdocbox.com Privacy Policy | Terms of Service | Feedback