Professional Documents
Culture Documents
Initial Report
Initial Report
16 November 2009
Word Count
[1837]
1
Initial Report
Keywords
Internet based voting, e-voting pilot schemes, security, applicable law, standards,
accessibility, maintainability
2
Initial Report
Table of Contents
3
Initial Report
Initial Report
1 Current Situation
Key areas of work completed or in process of being developed
A historical development of electronic and online voting systems have been
investigated which indicate the most common technologies and systems that have
been implemented in them. Further studies have been conducted to investigate the
future of online voting from renowned sources such as IEEE, etc.
The current types of voting schemes that are currently used in voting systems have
been identified. These are visual cryptography, homomorphic encryption and mix
network encryption as explained in the literature review.
UCL university have agreed to be interviewed by telephone and the process will be
completed with the next week after the deadline for the inital report.
1.3 Research
After the 2000 elections in America, the vast problem areas of current voting practices
were exposed and the Help America Vote Act was introduced in 2002. This Act
would enable the government to invest in other approaches to develop secure and
reliable voting systems.
"In the election industry today, there are many different election systems and a wide
variety of components used for many different functions, so the need for easier
integration of different system components has never been greater"
Dr. Ron Rivest, E-Vote: Election Markup Language 5.0 Approved as OASIS
Standard, Jan 29, 2008, News Report
Voting systems are many and undefined. Important improvements to online voting
had been introduced since the early years of the internet, given the rapid speeds at
which the internet was growing, it was apparent that it would be a place for businesses
to trade goods on a global scale with security of transactions being the main factor for
its use.
4
Initial Report
Introduction to Cryptography
The areas that will be explored are those concerned with cryptographic principles and
processes. This will support the design decisions when recommending security
protocols, voter verification and candidate visibility to ensure ease of use prior to
voting. Also when determining the technological tools and software that will be in
effect, when developing the web content.
It will also investigate and explore the relationship of voters and their machines,
aiming to understand the benefits of online voting with the perception of the voter
commitment from remote area. Other research will assess work relating to project
management and the approaches used in organising, managing and implementing a
successful software engineering project.
The general encryption protocols that were identified in almost all forms of
technological voting systems were 4 broad protocols:
RSA
To use blind signature and encryption methods to ensure that public keys cannot be
identified with the corresponding private key due to the use of the blind signature
method. R. Rivest, A. Shamir and L. Adleman, A Method for Obtaining Digital
Signature and Public Key Cryptosystems, Comm. of ACM, 21 (1978), pp. 120-126.
Mix Networks
5
Initial Report
Visual Cryptography
And
Homomorphic Encryption
to decrypt votes using shared keys J. Benaloh and D. Tuinstra, “Receipt-Free Secret-
Ballot Elections,” Proc. 26th Ann. ACM Symp. Theory of Computing, 1994, ACM
Press, pp. 544–553.
Pre-encrypted Ballots
There is another voting system scheme that is very different to the ones mentioned
above which has very recently been developed called pre-encrypted ballot, where the
voter enters the voting code that corresponds to a specific candidate. V. Morales-
Rocha, M. Soriano, J. Puiggali, “New Voter Verification scheme using pre-encrypted
ballots”, Computer Communications 32 (2009) 1219-1227. This method is found to
be difficult to understand and use by users but it is eventually accepted.
Technology has been used to automate every aspect of daily life including tax
assessments, national security intelligence, opinion polls, and assistive technologies
for CCTV operations.
All of these voting methods have been modified and many innovative
implementations of each of them have been developed in an attempt to produce a
6
Initial Report
flawless electronic voting system that could become the standard for global use, but
that has not been the case due to the vast security breaches that can take place.
Security for voting systems is generally based on blind signature that was developed
by David Chaum in his conference report in 82. This is the basis on which current
research is conducted using the now established method of blind signatures and recent
development in areas of online voting such as ease of use and HCI aspects that have
also been researched to allow easy integration of voting technologies.
Since Chaum’s original paper in 82 he has further developed his proposals and has
been pioneering his ideas in 2004, 2005 up to 2008 papers. This indicates that the
matter of security has not yet been resolved in online votes since Chaum is still
carrying out research in this area of interest. The latest technologies that were
identified in all forms of technological voting systems were 3 broad technologies:
In chaum’s work it is seen that attempts were made to ensure voter verification checks
were achieved to allow openness of electronic voting, by issuing voter receipts per
voter, but it is achieved by not fully incorporating the aspect of coercion.
1.4 Development
It was discovered through current events governmental reports that various pilot
schemes had been initiated in order to understand the different avenues in which
electronic voting would be perceived in.
In the UK there has been a great deal of interest in online voting and various pilot
schemes for online voting systems have been developed by Accenture, which were
successful in proving that online voting would be a success if it went perfectly. (May
2007 electoral modernisation pilots and statutory orders - Ministry of Justice
(2007)).The test was aimed at the functionality of online voting and not the targeting
the core problems of security and hacking of systems. The results found that serious
security risks were breached and in the current state of technological advancements
the scheme was not to be perused any further (The Government’s response to the
Electoral Commission’s recommendations on the May 2007 electoral pilot schemes)
unless the architecture of the internet was improved.
Clearly this shows that the UK government and the US were taking a serious look at
online voting to improve voter security and to produce rapid results.
Also new developments in open source technology have instigated the British
government to investigate the suggestion of implementing open source software to
improve the security areas of online voting. (2007)
A recently new strategy for online voting has been used to take advantage of the web
developments that have taken place using open source languages such as xml and http
to create large scale voting websites through web services. This allows voters to vote
on an international level although the security issues are much greater than traditional
7
Initial Report
voting systems, but the benefits could out way the drawbacks using xml and EML
(Oasis open source consortium).
2 Problem Areas
Delays?
Documentation for the previous java prototype could not be obtained upon request
because the documentation had been misplaced so it was decided to visually inspect
the prototype in isolation of documentation and was forced to make realistic
assumptions.
The design was not started until there was enough understanding of the scope which
was required to fulfil the project requirements, so that took much longer than
expected.
The requirements analysis at the present time has not been undertook with much
consideration to the client requirements and it was found difficult to identify smart
requirements as it did not feel as if any interest was being taken in the project by the
supervisor. Thus, the requirements have not been fully completed.
At present the network of resources and personnel have recently been good and as
such there is no one that cannot be contacted through the correct channels. It is a
matter of time management and openness from me to become clear in the goals that
need to be achieved.
Open source voting systems have been a new development in the current year and
with the Microsoft .net material that is being taught in the course there is a strong
initiative to develop an open source system using XML and open source database.
This will be a very interesting route to online voting as it has not been considered
before.
There will need to be time set aside to search for open source cryptography APIs and
ensure blind signatures are in place to allow anonymity of users.
There will need to be an API that shuffles the encrypted voter so that it can be
decrypted by another server and the candidate that was voted for identified, but no
relation must exist of the voter to the candidate.
Identify how voters with disabilities can vote including physically blind voters.
Set up the marketing aspects of the project which includes the candidate websites.
8
Initial Report
Set up the login registration for the voter and authenticate the voter registration
verification procedure using key encryption techniques.
Provide the voter with interactive information about candidate details and up to date
news feeds. News feeds are optional.
9
Initial Report
Appendix A
Literature Review
[Approx 3,000 words]
Background
This literature review will discuss issues surrounding security techniques that will be
the main focus throughout the development of the online voting process. It will
describe the work that was gathered on the specific area of research and also assess
the validity and depth of this research.
Problem identification
"In the election industry today, there are many different election systems and a wide
variety of components used for many different functions, so the need for easier
integration of different system components has never been greater"
Dr. Ron Rivest, E-Vote: Election Markup Language 5.0 Approved as OASIS
Standard, Jan 29, 2008, News Report
Voting systems are many and undefined. Important improvements to online voting
had been introduced since the early years of the internet, given the rapid speeds at
which the internet was growing, it was apparent that it would be a place for businesses
to trade goods on a global scale with security of transactions being the main factor for
its use.
Introduction to Cryptography
The areas that will be explored are those concerned with cryptographic principles and
processes. This will support the design decisions when recommending security
protocols, voter verification and candidate visibility to ensure ease of use prior to
voting. Also when determining the technological tools and software that will be in
effect, when developing the web content.
10
Initial Report
It will also investigate and explore the relationship of voters and their machines,
aiming to understand the benefits of online voting with the perception of the voter
commitment from remote area. Other research will assess work relating to project
management and the approaches used in organising, managing and implementing a
successful software engineering project.
The general encryption protocols that were identified in almost all forms of
technological voting systems were 4 broad protocols:
RSA
To use blind signature and encryption methods to ensure that public keys cannot be
identified with the corresponding private key due to the use of the blind signature
method. R. Rivest, A. Shamir and L. Adleman, A Method for Obtaining Digital
Signature and Public Key Cryptosystems, Comm. of ACM, 21 (1978), pp. 120-126.
Mix Networks
Visual Cryptography
Recent work
11
Initial Report
And
Homomorphic Encryption
to decrypt votes using shared keys J. Benaloh and D. Tuinstra, “Receipt-Free Secret-
Ballot Elections,” Proc. 26th Ann. ACM Symp. Theory of Computing, 1994, ACM
Press, pp. 544–553.
Pre-encrypted Ballots
There is another voting system scheme that is very different to the ones mentioned
above which has very recently been developed called pre-encrypted ballot, where the
voter enters the voting code that corresponds to a specific candidate. V. Morales-
Rocha, M. Soriano, J. Puiggali, “New Voter Verification scheme using pre-encrypted
ballots”, Computer Communications 32 (2009) 1219-1227. This method is found to
be difficult to understand and use by users but it is eventually accepted.
Technology has been used to automate every aspect of daily life including tax
assessments, national security intelligence, opinion polls, and assistive technologies
for CCTV operations.
All of these voting methods have been modified and many innovative
implementations of each of them have been developed in an attempt to produce a
flawless electronic voting system that could become the standard for global use, but
that has not been the case due to the vast security breaches that can take place.
Security for voting systems is generally based on blind signature that was developed
by David Chaum in his conference report in 82. This is the basis on which current
research is conducted using the now established method of blind signatures and recent
development in areas of online voting such as ease of use and HCI aspects that have
also been researched to allow easy integration of voting technologies.
Since Chaum’s original paper in 82 he has further developed his proposals and has
been pioneering his ideas in 2004, 2005 up to 2008 papers. This indicates that the
matter of security has not yet been resolved in online votes since Chaum is still
carrying out research in this area of interest. The latest technologies that were
identified in all forms of technological voting systems were 3 broad technologies:
In chaum’s work it is seen that attempts were made to ensure voter verification checks
were achieved to allow openness of electronic voting, by issuing voter receipts per
voter, but it is achieved by not fully incorporating the aspect of coercion.
In the UK there has been a great deal of interest in online voting and various pilot
schemes for online voting systems have been developed by Accenture, which were
successful in proving that online voting would be a success if it went perfectly. (May
12
Initial Report
Clearly this shows that the UK government and the US were taking a serious look at
online voting to improve voter security and to produce rapid results.
A recently new strategy for online voting has been used to take advantage of the web
developments that have taken place using open source languages such as xml and http
to create large scale voting websites through web services. This allows voters to vote
on an international level although the security issues are much greater than traditional
voting systems, but the benefits could out way the drawbacks using xml and EML
(Oasis open source consortium).
13
Initial Report
Appendix B
Revised Project Schedule
14