Security in Electronic Voting Systems - Case Study Example

Task Security in Electronic Voting Systems Introduction Voting is all about data collection and accuracy, with time and cost being an important factor in the terms of efficiency. Electronic voting uses computerized equipment in the process of vote casting. Electronic voting systems seek to reduce time consumption during any type of voting and increase participation (Liaw, p 108). It also improves the accuracy of results and lowers the cost of conducting elections. There is an advanced online voting system used in universities for teaching and voting, whereby the students vote anytime and anywhere using both fixed and mobile devices such as personal computers, PDAs and smartphones. Though electronic voting systems are highly efficient and accurate, security of the systems is of high concern. Security in electronic voting is core in the terms of confidentiality of voter information and prevention of malicious or accidental abuse of electronic voting (Liaw, p 110). Electronic voting systems must be efficiently designed to maintain high confidence levels and integrity in order to eliminate voter manipulation, and the manipulation of the electronic voting at large (Liaw, p 115). The electronic voting system should be capable of separating the data content from its presentation form to avoid replication of the web content. This is ensured by the use of modern technologies in the system design, such as the extensive markup language for the web representation of the data content and the extensive language transformation style sheets for the customization of the data presentation. Electronic Voting Security Requirements Confidentiality: The electronic system must be appropriately designed to ensure the confidentiality of voters’ personal information. In fact, confidentiality is core in protecting the unauthorized access to voter information, such that no person should have the ability to determine the identity of the voter and/or how they voted (Bungale & Sridhar, p2). Integrity: The electronic voting system must be conveniently designed to ensure that it cannot be re-configured during the voting process. Additionally, data integrity is also core, and hence the system should ensure that each vote is appropriately recorded and cannot be tampered with, that is, votes cannot be modified or deleted without detection (Bungale & Sridhar, p2). Authentication: The system must ensure that the voter is efficiently identified, as per the registration database, to be entitled to and allowed to vote. Appropriate identification documents may be required for clarification of voter identity (Bungale & Sridhar, p2). The voter must identify him/herself as per the system’s voter registry to be able to vote, and hence an elimination of fraudulent voting and manipulation of the electronic voting (Bungale & Sridhar, p2). Anonymity: On the other hand, the electronic voting system must also ensure that votes are not associated or identifiable with voter identity. The system should also be non-coercible, that is, voters should not be able to prove to others on how they voted. This eliminates vote selling and/or coercion (Bungale & Sridhar, p2). Verifiability: The electronic voting system should be able to efficiently verify voters for voting, after identification. Additionally, the system should also be able to verify the results to ensure accuracy, including the number of voters who participated and the total number of votes cast. The system should be reliable and robust to eliminate the loss of votes, despite any technical failures such as loss of network communication (Bungale & Sridhar, p2). Cryptographic Chimes of an Electronic Voting System The cryptographic voting protocols ensure and facilitate verifiable voting without fundamentally trusting any software in the voting system. However, cryptographic protocols may cause challenges to the voting system, such as denial of service, compromise on voter confidentiality and creation of subliminal channels in the encrypted ballot. In addition to analyzing the protocol and/or subsystems of an electronic voting system in isolation, it is critical to conduct a wholesome security analysis of the system (Ryan & Schoenmakers, p27). In the developed world, electronic voting techniques gradually replace traditional paper-based voting processes for convenience and efficiency. The electronic voting systems face the tough challenges of voter coercing and confidentiality, in addition to security for protection of the integrity of the voting process (Ryan & Schoenmakers, p34). Unfortunately, some of the cryptographic solutions are impractical owing to lack of efficiency or too complicated to be implemented, and hence this make suitable for an incoercible system to be implemented. Some of the systems may face denial of service attacks due to cryptographic protocols, which may ruin the confidence of the voters and the integrity of the voting process (Ryan & Schoenmakers, p37). Anonymous Channels in E-voting A secure anonymous electronic voting system must fundamentally ensure voter confidentiality to eliminate possible coerciveness during or after the voting process. Additionally, it must ensure completeness of voter information and accuracy in vote counting. Additionally, the system should be subject to testing by experts for the security considerations so that election officials to have the confidence with the system. The system should be designed as extremely simple to eliminate complexity, which is a threat to security. Digital Signature The digital signature helps in guaranteeing voter security and correct voter identification. It helps to verify that the identification message comes from a specific sender, and secures it through the addition of a code. This code acts as a signature and protects the integrity of the message (Subariah et al, p194). Electronic voting uses RSA encryption, which is the public key algorithm that is considered as the best. RSA is asymmetric, and hence uses the public and the private, and performs both encryption and decryption. The RSA key pair is generated through the generation and multiplication of two prime numbers (p & q) to produce the modulus (Subariah et al, p195). In electronic voting, the digital signature is created through RSA encryption. This occurs through the hashing of the message to produce a message digest. The digest is then encrypted using the sender’s private key to produce the digital signature (Subariah et al, p195). In the verification of the message, the receiver hashes the message using the same digestion function (Subariah et al, p195). Simultaneously, the signature is then decrypted using the receiver’s public key. There is a comparison of the two latter processes and if they are equal, the message is authenticated, and the integrity of the message is upheld (Subariah et al, p194). Blind Signature The blind signature is similar to a digital signature but serves to allow an individual to get another person to sign a message with no knowledge of its content. It is the most used cryptographic protocol in electronic voting and helps in the provision of the confidentiality of the voter’s ballot. The blind signature authenticates the voter without disclosing the material in the ballot. The ballot is blinded in order to achieve its confidentiality (Subariah et al, p194). E-voting System Using Blind Signature The blind signature secures confidentiality of the ballot and hence protects the integrity and security of the electronic voting system (Qadah & Taha, p377). The blind signature authenticates the voter without disclosing the content of the ballot. In the electronic voting process, the voter is required to provide the signature of a validator during the voting process. The confidentiality of the ballot is ensured through the blinding of ballot using a random number, and sending it to the validator (Qadah & Taha, p379). The random number serves to conceal the ballot from the validator. Subsequently, the validator then signs the blind ballot after the verification of the voter. The voter unblinds the blind ballot after receiving the validated ballot from the validator to get the true signature of the validator, for the ballot (Subariah et al, p194). An individual must be registered as a voter in order to be eligible to vote (Subariah et al, p195). During voter registration in the electronic voting system, the voter sends his/her name and national card number to the registrar server where the message is encrypted before transmission through the network. The registrar server verifies the user’s particular with the national registration database in order to determine the eligibility of being a voter. If the individual is eligible, the electronic voting system generates the RSA pair of keys, whereby the public key is stored in the electronic voting database whereas the private key is stored in a voter’s diskette that is protected by voter’s preferred password (Subariah et al, p195). In the candidate registration, the election candidates must have been nominated and is required to be a registered voter together with his/her nominators. A registered voter and the required two nominators send their names and national identity card numbers (Nric) to the administration server. The information is then individually signed by the respective voters and encrypted by with the administrator’s public key (Subariah et al, p195). During the voting, the voter sends his/her name and Nric to the validator (Subariah et al, p196). The validator checks the eligibility of the voter and whether he/she has voted earlier. If the voter is eligible, the validator obtains the voter’s precinct number and sends him the ballot that has a unique identification. The voter casts his/her ballot before it is blinded, signed, encrypted and sent to the validator for validation. The validator signs the blinded ballot after verification and sends it back to the voter. The voter validates the integrity of the ballot by unblinding it and comparing it to the original one (Subariah et al, p196). The validated ballot and the original are sent to the tallier, with the communication protected by a session key. The tallier checks the validity of the ballot using the validator’s public key, after which it is stored in the electronic voting database. The tallier then acknowledges the voter by sending the ballot identification, time and date of voting; signed with the tallier’s private key (Subariah et al, p196). Pseudo Voter Identity Voter confidentiality and anonymity are the primary requirements for the satisfaction of electronic voting protocols. Pseud voter identity is based on the blind signature for the achievement of voter anonymity in e-voting protocols (Cetinkaya & Doganaksoy, p1). In the Pseudo Voter Identity, the voter is bound to prepare a list of blinded identities and then obtain blind signatures for each of them, separately, through the interaction with the approval authority in a single session. The voter then extracts anonymous pseudo identities (PVIDs) that cannot be linked to the voter’s registration identity. Each PVID is chosen by the voter and blindly signed by the approval authority to ensure the anonymity of the PVID (Cetinkaya & Doganaksoy, p1). The voter loses his/her real identity while communicating with the authorities, as per the existing e-voting protocol. The voter uses anonymous pseudo identities that have no relation to the voter’s real identity. The PVID scheme uses only the blind signature and provides anonymity without requiring any complex cryptographic mechanisms and computations (Cetinkaya & Doganaksoy, p2). Works Cited Bungale, Prashanth & Sridhar, Swaroop. Requirements of an Electronic Voting System. 2003. pp1-2. Cetinkaya, Orhan & Doganaksoy, Ali, Pseudo-Voter Identity (PVID) Scheme for e-Voting Protocols. 2007. H. T. Liaw, “A secure electronic voting protocol for general elections,” Computers & Security, vol. 23, no. 2, pp. 107-119, 2004. Qadah, Ghassan & Taha, Rani, Electronic Voting Systems: Requirements, design & implementation, Computer Standards. Vol. 29 (3), pp. 376-386. Ryan, Peter & Schoenmakers, Berry, E-voting and Identity: Second International Conference, VOTE-ID, Luxembourg. New York: Springer. 2009. Subariah, Ibrahim, Kamat, Maznah, Salleh, Mazleena & Rizan, Shah, Secure E-voting with Blind Signature, IEEE.Vol. 7(3), pp. 193-197. 2004. Read More