17-04-2012, 01:38 PM
Applying MESE processes to Improve Online E-Voting Prototype System with PTC Web Services
OnlineEVotingSystem_PresentationV3.ppt (Size: 1.32 MB / Downloads: 80)
Introduction
The online E-Voting system generated within this project was based on an idea put forward in the ‘Future Suggestions’ section of the Master’s Thesis of Mr. Brett Wilson. (http://cs.uccs.edu/~gsc/pub/master/bswilson/doc/)
As a result, augmentation of the demo application for PTC Web Services was undertaken.
E-Voting Requirements
Basic requirements for electronic voting
Privacy – All votes should be kept secret
Completeness – All valid votes should be counted correctly
Soundness – Any invalid vote should not be counted
Unreusability – No voter can vote twice
Eligibility – Only authorized voters can cast a vote
Fairness – Nothing can affect the voting
Extended Requirements for electronic voting
Robustness – faulty behavior of any reasonably sized coalition of participants can be tolerated. In other words, the system must be able to tolerate to certain faulty conditions and must be able to manage these situations.
Universal Verifiability – any party can verify the result of the voting
Receipt-freeness – Voters are unable to prove the content of his/her vote
Incoercibility – Voter cannot be coerced into casting a particular vote by a coercer.
Cryptographic Techniques Implemented
Threshold Encryption [15]
Public key encryption as usual
Distribute secret key “shares” among i participants
Decryption can only be accomplished if a threshold number t of the i participants cooperate
No information about m can be obtained with less than t participants cooperating
Shamir Secret Sharing
Lagrange Interpolation formula
f(X) = Σti=0 aiXi
a0 is secret, ai are random, f(X) are “secret shares”
X is share index (1 to number of servers)
If enough f(X) available it is possible to recover a0
Lessons Learned
The SE processes applied in this project has set precedence which can be used for the future projects.
Ensure that the SRS, SDS and test documents can be easily modified and any future enhancements can be made with ease.
Security issues involved in E-voting systems.
CRT is a very useful theorem that can be applied on other theorems to improve the efficiency and increase the speed of the computations.
Pre-computation is always an improvement to the systems as long as they are designed and architected properly like running a thread on the background to generate prime numbers in this case.
Setting up read/write access permissions for the folders is important in ASP .Net. It is very important to follow the processes on this setup.
Certificate registration and confirmation requires additional processes for the internet solutions.
Conclusion
Encryption parameters creation process improvements with the application of pre-computation to the web services.
Alternate processes are also available to improve the efficiency further, such as: CRT Theorem, applying pre-computation to other constants in the Paillier’s scheme and also using 3rd scheme instead of the 1st scheme as explained in many researches.
The online E-Voting system with Paillier Cryptosystem Web Services implemented in this project brings a more secure e-voting environment one step closer.
Online E-Voting systems need to be considered as an enterprise solution when security, from the registration till the end of the Tally process, is to be considered.