Internet / electronic voting helps democratic countries to turn the voter turnout in higher numbers. Internet / electronic voting is still under development and ample research and analysis have been done on this subject to prove that implementing internet / electronic voting is not difficult and not in-secure if implemented in a meticulous way. It is not an easy task to implement internet / electronic voting for large scale democratic system, but not an impossible one. There is plenty of requirements needed to fulfil the task of internet / electronic voting [1, 2, 3, 4, 5].
An analysis of proposed objectives has been done and compared them with the existing internet / electronic voting system in term of,
(ii) Coercion-Resistant; and
Internet / electronic voting as per researchers has four different dimensions,
(iii) Technology; and
4.1 ANALYSIS OF SERVE VOTING & ESTONIAN INTERNET / ELECTRONIC VOTING SYSTEM AND THE PROPOSED INTERNET / ELECTRONIC VOTING SYSTEM
United States uses SERVE internet / electronic voting system developed for the United States Department of Defence. SERVE was developed under FVAP (Federal Voting Assistance Program). The SERVE project of internet / electronic voting was planned for deployment in the year 2004 for only those who remain at out of country or for military force.
This voting system stands for “A Security Analysis of the Secure Electronic Registration and Voting Experiment.
Because SERVE is an Internet-based internet / electronic voting system, there are well-known cyber-attacks such as Insider attacks, DoS attack etc.
As per reports, SERVE internet / electronic voting system worked well in 2004 and no successful cyber-attacks detected.
As United States is a big country, and using SERVE was not a bad decision to implement, that is why we analysed SERVE internet / electronic voting system with our proposed internet / electronic voting system. There were other internet / electronic voting systems but we took to analyse SERVE in our comparison and analysis.
Estonia is a country, which fully implemented e-governance in their systems. Estonia also marked itself as the first country which implemented internet / electronic voting.
We also analysed Estonian internet / electronic voting system and compared it with our proposed internet / electronic voting model. Estonian model follows some requirements, which are as follows:
1. Voter can vote more than once during the voting period;
2. Authentication is done through smart Identity cards;
3. All the voting servers remain under scrutiny;
4. Communication from device to device is secure with SSL encryption; and
5. RSA and digital signature are used for encryption.
4.1.1 The primary elements in SERVE & ESTONIAN internet / electronic voting system are as below,
(i) Voter Application;
(ii) Network Server;
(iii) Votes Storing Server; and
(iv) Votes Counting Server.
Voter opens a web application and then opens his/her voter application. Network server captures the vote / ballot from the voter through SSL protocol.
Network server encrypts this ballot and then transmits this vote / ballot to votes storing server.
Votes storing server checks the credentials of the voter for voting rights. Votes storing server decrypts the received cipher texts which is a major flaw in the system. Votes storing server keeps a copy of ballot and information about the voter and sends the encrypted ballot to the votes counting server.
Keeping information about a voter in an unencrypted manner is dangerous. The motive of keeping the voters’ information in the votes storing server is only to verify and check whether the voter is voting again or had casted his/her vote.
SERVE internet / electronic voting system has a distributed votes counting server and these are named as LEO
(Local election Office).
The two internet / electronic voting systems are somehow related and different in other ways. In Estonian system voter application generates a vote and random number and encrypts the vote using public key. Voter application signs this encrypted ballot with private key and sends it to the network server.
But in SERVE system, voter application casts vote and generates a random number and encrypts the vote with public key of SERVE. Voter application sends the encrypted ballot with all the private data of voter to network server.
Every votes counting server generates an internet / electronic voting key pair. One key is Public key and other one is known as Private Key. Public key is used to encrypt ballots.
Voter application receives the acknowledgement in both SERVE & Estonian internet / electronic voting system.
In Estonian internet / electronic voting system, authentication is done by Network server and also the access rights are checked by Network server. Communication between Voter application and Network server is secure using SSL connection.
Network server checks with votes storing server that if the voter had voted or not. If yes then the network server forwards a message for acknowledgement, and a voter can try multiple times to register his/her vote.
And here, we find the major flaw in the system, where a voter could be coerced and forced to do a second voting in favour of some candidate which coercer demands.
Voter again casts vote using voter application and signs the encrypted ballot with private key.
Voters’ personal data and ballot is stored in a LOG file.
SERVE also does the same process but does not keep personal data of voter and ballot in LOG file. SERVE also does not use private key for signature for encrypted ballot but use private key for only decrypting the vote / ballot Votes Storing server.
In Estonian internet / electronic voting system, network server communicates to votes storing server that whether the voter has already voted or not. If the period of voting is over, then only the latest casted vote will be counted for the final tally and not the other ones. Log 2 is maintained for saving multiple votes. Log 3 is created and maintained for storing and sending the list of voters with encrypted votes to Votes Counting Server.
In SERVE, votes storing server does send an error message to the network server in case a voter votes more than once. List of voters and votes / ballots are stored in separate and these two files are then sent to votes counting server.
4.2 THREATS TO SERVE
People could be taken into confidence to vote using internet, only when there is transparency, but in this case voting server decrypts the ballot and keeps it for some time in plain format and any insider official can check it in a very open way, who voted whom and here it makes a big blow to transparency and people will lose confidence in internet / electronic voting system. Information on the functioning of internet / electronic voting system shall be open to public.
Verifiability ensures that voters can check that their vote has been counted. Un-auditability of voting systems is not good. Voter has the right to know, as whether his/her vote has been actually recorded in the final tally or not. Voter does not know after voting as what happened to his / her ballot. In a democratic system, one should have the right to know whether his/her vote has been in a safe database or not.
Before any internet / electronic voting system has to be implemented in any country, election authorities must verify the correctness of the system and what security measures are being implemented in verifying the credentials of any voter with anonymity.
SERVE attempts to separate vote / ballot and name of the voter using the public key method.
SERVE attempts to know with the help of LEO as how a voter voted by downloading votes from the server so frequently.
Analysis of SERVE revealed that ballots exist in an unencrypted manner on the server for a specific period and more important is that LEO has the authority to encrypt the ballot. So in this case SERVE insider admin authorities can easily view peoples’ ballot and know how people voted, giving a serious risk to the privacy. So one can neither confirm that whether his / her vote has been counted for or not counted for as modification of vote could be done easily.
4.3 PROPOSED MODEL FOR VERIFIABILITY
Our proposed model introduced Blind Digital Signatures which strongly verify the voters’ vote / ballot in an internet / electronic voting system and with anonymity.
No one can other than the voter verify that his/her vote has been counted or not. Using RSA algorithm for generating pair keys (private and public keys), only voter has the right to verify the ballot / vote with anonymity. No insider can know who voted whom as was in the case of SERVE internet / electronic voting system. This proposed model gives an internet / electronic voting system the fulfilment of Completeness, Blindness and Unforgeability.
Verifier is the voter who has the private keys which can be used to verify the ballot misuse or not. Not only verifiability could be achieved in our proposed internet / electronic voting system but unforgeability could be maintained as voter cannot vote for more than one candidate during elections.
Any attack on the ballot of any voter could not trace the voters’ credentials due to the secrecy of blind signatures in our proposed verifiability. Ballot is blinded to achieve the confidentiality.
One more big advantage of our proposed model scheme is the computation overhead is less, if there would be large scale voting or large number of voters in any election system.
This makes our blind signature based internet / electronic voting system very strong enough to achieve our objective.
4.4 COERCION – RESISTANCE
Vote selling to a coercer or forcing a voter by a coercer to vote in a certain way is a difficult objective to achieve, we analysed some following cases,
CASE I: In large scale elections, coercers can achieve their motive of coercing only and only when there is a possibility of seeing the contents of voters communication between voting server and the voter.
CASE II: Coercers do not have access to the secret keys. In internet / electronic voting systems, if coercers do get access to the private keys then large scale violation could be done on behalf of coercers by changing the outcome of the elections. And in case of SERVE internet / electronic voting systems this could be done by insider attacks e.g. LEO who encrypts and decrypts himself. LEO can join coercers’ motive and achieve coercers’ target as coercer wishes.
CASE III: If there is a possibility to prove a vote using receipt or by any other means that a voter voted to such and such candidate, which could force a coercer in advance that means before the election gets started, to intimidate the voter with threat to vote in a particular way.
As in the case of SERVE internet / electronic voting system, we analysed as below,
Strong Coercers’ Intimidation. Coercers’ force would make voter abstain himself / herself from voting. In case of SERVE there is a problem where if a voter does not vote from his own machine over internet but from coercers’ machine or any other machine which might have installed some hacking software and might get the details recorded of the voter.
Coercer can hack or affect hundreds of votes cast through SERVE. SERVE does not have coercion resistance which is a flaw in this type of system.
In SERVE internet / electronic voting analysis, there is no coercion detection methods or remedies to handle it, which could hamper the democracy. As the Man- In- The – Middle attack could make it achievable for any coercer to see the contents of the ballot as who voted whom.
Our proposed system is receipt free. That means there is no way to know whether a voter has voted for the first time or second time or how many times.
This is because we give a fool proof secrecy to the ballot as there is no way to check the ballot as who voted to whom due to encryption.
Estonian voting system does make it possible to vote multiple times and only the last vote will be counted for the final tally and rest all the votes/ballots would be discarded.
In our proposed model we assumed that voter can vote multiple times but only the first vote / ballot will be counted for the final tally and rest of the votes / ballots would be discarded.
Whoever voter is being under threat from the coercer can vote through any device without the knowledge of coercer. And nobody would know as the voter voted from any particular device. Then if coercer wants the voter shall vote in front of him then voter can do that without any hesitation and there would be a message from the Server that “ YOUR VOTE HAS BEEN ACCEPTED OR THANK YOU FOR VOTING “.
Our proposed model achieves the coercion resistance through this means.
We obtained and assumed the following assumptions
i) By obeying the coercers’ instructions and vote from any device before coercer can come to the voters’ place.
ii) Proposed system give receipt freeness internet / electronic voting system which does not even guess anyone as whom the voter voted or might have voted.
iii) Multiple voting option is in proposed system but with only one input will lock its voting rights to read only choice.
iv) Privacy of voter has been maintained and adversaries cannot see the contents of the ballot using strong encryption methods used.
4.5 COMPARE SECURE, COERCION-RESISTANT AND VERIFIABLE INTERNET / ELECTRONIC VOTING SYSTEM WITH THE EXISTING INTERNET / ELECTRONIC VOTING SYSTEM
We presented some proposed internet / electronic voting protocols in the methodology chapter regarding with security, coercion-resistance and verifiability in internet / electronic voting system. With many security issues identified in the present voting methods being used, a thorough comparison has been made and the identified problems have been categorized in the Table 4.1 below:
Table 4.1: Differences between Proposed and Existing Internet / electronic voting systems.
S.No. Objectives and Problems Identified Estonian Internet / electronic voting System SERVE Internet / electronic voting System Proposed Internet / electronic voting System
1. Verifiability Yes but with many issues like 1. Failed Verifications 2. The threat of False verification failure claims etc. Yes but only with voter verified paper ballot. Yes (With Blind Signatures etc.)
Yes (But Weak)
None Exist Yes (Receipt Freeness, One time Vote acceptance etc.)
3. Security (Cryptography) Yes (Strong) Yes (Very Weak) Yes (Very Strong)
4. Time Limit of Voting Internet / electronic voting is commencing before the election day starts. Internet / electronic voting is commencing a day before and ends on the day of voting. Internet / electronic voting commences as per the instructions of Election Commission.
5. Registration Process and Authentication of Voter No Registration Process of Voter (uses only National Public Key Infrastructure) Yes and Authentication is based on Password only Yes (Using Voter Card Number and Unique Identification Number e.g. Aadhaar in India), One more Authentication protocol proposed and that is Kerberos Authentication protocol
6. Digital Signature Method Used Yes No Yes (Using Blind Signatures )
7. How votes are being stored in the Database of Storing server Votes are stored in Encrypted form Votes are stored in a non-encrypted mode for a certain period. Votes are stored on distributed servers and in an encrypted form.
8. How votes are being stored in the Database of Counting server In an Offline mode and using a DVD disc In an online mode In an online mode
9. Log server Independent Log file No Independent Log file. Independent Log file.
10. Multiple Voting Yes multiple voting can be done, but only last vote will be counted for. No Yes, but only the first vote will be counted for.
4.6 METHODS USED FOR SECURITY IN SERVE AND PROPOSED INTERNET / ELECTRONIC VOTING MODEL
Now, an analysis of proposed voters’ authorization and authentication is as follows:
SERVE is practically not safe for large-scale elections, as large-scale votes theft can occur as below,
• Non-eligible voters are able to vote from any machine;
• Eligible voters can vote more than one time; and
• More votes can be received by the votes storing server.
Using secured socket layer we can attack by creating a packet of man in the middle attack, forwarding voters private data and other information including encrypted vote between voters’ web application and network server.
Votes counting server are online servers in SERVE that download the whole list of eligible voters and encrypted votes from votes storing server. To analyse, adversaries are able to read and add votes and modify the votes so that the final tally would get affected.
This whole problem arises because ballots / votes are decrypted in Votes Storing Server and they could be accessible to the insider administration. And the insider could breach the protocol and sell them to the coercer for award of money.
Confidentiality and Integrity will be damaged and large-scale loss would occur during election day.
In overall analysis, votes / ballots are not secret in SERVE internet / electronic voting system.
In our proposed model, we gave security, the prime function in our proposed internet / electronic voting protocol.
In particular, the following three threats exist:
• A user may gain access to a particular workstation and pretend to be another user operating from that workstation.
• A user may alter the network address of a workstation so that the requests sent from the altered workstation appear to come from the impersonated workstation.
• A user may eavesdrop on exchanges and use a reply attack to gain entrance to a server or to disrupt operations.
Access to a restricted internet / electronic voting application shall be authenticated only when a good authentication protocol is used at the right session. We used Kerberos authentication protocol, which has multi-factor authentication property. Kerberos gets its name from Greek mythology. Cerberus, also known as Kerberos, was a three headed beast that guarded the Underworld and kept the living from entering the world of the dead. Kerberos protocol design began in the late 1980s at the Massachusetts Institute of Technology (MIT), as part of project Athena. It is a secure authentication mechanism designed for distributed severs, which assumes the network is unsafe. It enables a client and a server to mutually authenticate before establishing a connection. The first public release was Kerberos version 4, which leads to the actual version (v5) in 1993 after a wide public review. It followed the IETF standard process and its specifications are defined in Internet RFC 1510. Originally designed for UNIX, it is now available for all major operating systems, freely from MIT or also through commercial versions.
An unauthorized person may be able to gain access to services and data that he or she is not authorized to access. Rather than building in elaborate authentication protocols at each server, Kerberos provides a centralized authentication server whose function is to authenticate users to servers and servers to voters. This protocol uses symmetric encryption.
It’s typically used when a user on a network is attempting to make use of a network service, and the service wants assurance that the user is who he says he is. To that end, the user presents a ticket that is issued by the Kerberos authentication server (AS), much as a driver’s license is issued by the RTO. Identity of the user is verified after checking the credentials.
Along these lines, this ticket must contain data connecting it in a way that is authentic to the client. Since the client and the administration don’t meet vis-à-vis, a photograph is of no utilization. That is why; the ticket must demonstrate that the bearer knows something only its intended user would know, such as a password. Furthermore, there must be safeguards against an attacker stealing the ticket, and using it later.
Kerberos resolves another problem by introducing a new agent, called the ticket granting server (TGS). The TGS is logically distinct from the AS, although they may reside on the same physical machine. (They are often referred to collectively as the KDC–the Key Distribution Center.
Process of ticket granting server is as below;
Using the ticket , user first wants a ticket from TGS, just as if it were any other service. This ticket is called the ticket granting ticket (TGT).
Conventional verification strategies are not reasonable for use in PC systems where aggressors screen arrange traffic to block passwords. The utilization of solid validation strategies that don’t unveil passwords is basic. The Kerberos verification framework is appropriate for validation of clients in such situations.
This thesis does not only remained conclusive on Kerberos Authentication system, but one more robust authentication system is introduced in our proposed internet / electronic voting model and that is Unique Identification Number and the use of One Time Password method during authentication, e.g. Aadhaar service in India.
Number of e-services are being authenticated by the Aadhaar enabled authentication server. We also proposed the same, as we trusted a third party authentication system and that is not from a non-government organization but from a trusted government agency which is used by the banks, public distribution services etc… for authenticating every user who is using a unique number which is a 12-digit number.
Our proposed authentication system works on a two-way authentication system that involves e.g. an individual’s 12-digit Aadhaar number, Voter Number and OTP (One Time Password) on the individual’s Aadhaar-enabled mobile device. This helps secure an individual’s identity electronically and remotely using voter services. Aadhaar is becoming a mandatory document that every individual must have to access basic services and Public infrastructure. Aadhaar is used to authenticate the identity of an individual in the issuance of PAN, passport, DL, telecom sim, etc., and is a secure and trusted system.
Aadhaar based 12 digit number is used for authentication in India.
Our proposed model strictly stresses the use of this 12-digit unique number. Upon successful authentication of an individual using biometric or OTP verification, voting network server enables generation of keys, and the public key based certificates and digital signature for the electronic document. Only pk is used for one time, after a one-time use, the private key is deleted. The Digital Signature Certificate is generated is valid for 30 minutes and expires later to maintain security. The user should have 12-digit Aadhaar Number and a mobile number registered with it for OTP-based authentication.
4.7.1 AUTHENTICATION, AUTHORIZATION AND ACCOUNTABILITY
Another strong Authentication, Authorization and Accountability protocol proposed for internet / electronic voting model is DIAMETER based protocol.
We have proposed internet / electronic voting which is based on Internet so we proposed a DIAMETER based internet / electronic voting protocol which is an Authentication, Authorization and Accountability protocol. This protocol not only provides authentication of voters, authorization and accounting but this protocol has been proposed as internet / electronic voting resolution which needs internet protocol addresses on the fly.
We have proposed an internet / electronic voting methodology in which voter can use any mobile device which has the internet connection and DIAMETER suits it better.
This protocol is a client to client centred protocol and any device can start sending packets on its own. It uses a reliable transmission control protocol for sending data packets.
Network Access Identifier or NAI is used as a voters’ identity which is used to identify the voter during authentication or authorization. DIAMETER protocol uses sessions between client and server.
Using three entities within DIAMETER, which are Client, Server and Agent.
Client is a node which performs right of entry as it produces diameter packets for the voter.
Diameter protocol based server functions the actually for the voter.
Agents are nodes that does not authenticate or authorize messages.
• Relay agent onwards a packet to a fitting goal. It can total solicitations from various domains/areas to an explicit one. This wipes out the overhead of system access for each server change.
• Another intermediary specialist like a transfer, in that it advances messages, yet an intermediary can alter the substance for example implement neighborhood rules, administrator undertakings and so on.One more divert specialist an incorporated setup storehouse for other diameter hubs. It diverts demands dependent on the directing data it stores. This is valuable as different hubs can use a divert hub to discover different hubs and hence not have to store data locally.
• Another operator which is known as interpreter specialist a specialist, its motivation is to decipher AAA messages from one arrangement for example Range, to another for example Distance across. This is helpful for the coordination of client databases of various application spaces, while keeping unique authorisation , authentication and accountability conventions..
Internet / electronic voting Experiences Intervention on capability of node
If the node is capable after establishing the connection then this capability is checked by exchanging messages between client and servers about the workstation’s individuality etc.. Only those nodes are checked for capability which advertises the diameter protocol based commands based on diameter application.
Attribute Value Pairs
Attribute Value Pairs send the basic information about the authentication and authorisation of the voter / user. Attribute value pairs also checks the resource usage by the voter / user at any point of time.
This Diameter protocol functions on the top layers of Transmission Control Protocol and stream control transmission protocol. We can choose either transmission control protocol or stream control transmission protocol. Some application messages in Diameter proactively respond to any failures and send alerts. Messages are fired time to time when a network remains idle or when any acknowledgement gets delayed.
If a detection of failure within any network system is recorded, a new route is being detected by the diameter protocol which is done by sending messages through any other device peer. But simultaneously this protocol checks whether the system has been rectified or not by sending alarms and messages for establishing the loss connection.
Organising and managing the sessions,
Accountability is not linked with the organisation of sessions but separate authentication and authorisation is being done which is managed by session organisation.
To send accounting messages, different servers are set for sending these messages and different servers are set for sending authentication packets.
Following is a table, which displays the comparison of threats between the proposed internet / electronic voting system and presently used internet / electronic voting systems.
Table 4.2: Comparison of threats to existing and proposed internet / electronic voting systems
S.No Threats to Internet / electronic voting System Traditional DRE / EVMs HELIOS Estonian Internet / electronic voting system Our Proposed Internet / electronic voting system
1. Integrity No No Protection (Weak Privacy) No YES
2. Confidentiality Weak YES No Very Strong
3. Availability No No Protection Yes YES
4. Verifiability Weak (Using Voter Verified Paper Audit Trial) VVPAT YES- Partially YES
5. Coercion No No Protection No Yes
6. Authentication YES Helios server could impersonate as voter . YES (strong)
e.g. Smart Card Based YES (strong)
Unique Identification Number Based
FINAL ANALYSIS Old system and without functional requirements of internet / electronic voting system & often given ample malfunctioning reports by officials . Not Suitable for Real Political Elections Suitable but with modifications and transformations New Proposal and improved all the objectives mentioned with cryptography and Data privacy.
4.8 Conclusion and Summary
As we have identified and analysed broader areas like, Coercion-resistance, Verifiability and Security in internet / electronic voting systems available and have proposed the new internet / electronic voting model which overcomes all the cons of other internet / electronic voting systems.
We analysed a rational method in order to propose security methods for the internet / electronic voting systems and to compare objectively their security levels. We showed the two available internet / electronic voting systems, Estonian and SERVE internet / electronic voting systems and their working and compared it with proposed internet / electronic voting model.
The analysis of the work can be arguable but we proposed a strong authentication namely DIAMETER protocol which is fundamentally being used for mobile networks.
Analysis of different methods have been analysed and proposed to be used in internet / electronic voting such as Aadhaar based 12 digit unique number for authentication used in India.
Finally after comparing various proposed and working internet / electronic voting systems, we proposed that our internet / electronic voting proposed model is efficient well enough to prove verifiability , coercion resistance and the authentication problem using cryptographic means by solving the identity of the voter by the third party application i.e. Aadhaar based unique identification number of every voter.
CHAPTER – 5
CONCLUSION AND FUTURE RESEARCH
In this final chapter, we have given the reviews of proposed internet / electronic voting model which are fundamentally centred on security, verifiability and coercion resistance in internet / electronic voting. Not only proposals of robust security algorithms but also how to check verifiability with anonymity is proposed. Some internet / electronic voting systems did not have the functionality of coercion resistance, which is a very serious problem from voters’ point of view who cast their ballot using electronic device without knowing the repercussions of this serious issue. This reason underlines the importance of understanding the internet / electronic voting with verifiability, security and coercion resistance. That is why we have focused and addressed the following issues precisely related to internet / electronic voting model:
b) Verifiability; and
c) Coercion resistance.
Apart from these aforementioned identified issues, we proposed algorithms for coercion resistance, verifiability with anonymity and voters’ authentication, which can be checked and verified using cryptographic means. During the exhaustive literature review, we found that the complex issues, which could be solved first, are the above-mentioned objectives.
In the initial chapter, it is shown, how many millions of Internet users around the world are increasing year-by-year, which gave the importance for electronic voting through internet. Some countries including India are using standalone EVMs, which have multiple problems and security risks, too. After elaborating the basic issues in internet / electronic voting, next step is to outline the broad field of information and study from various literatures existing on internet / electronic voting. The internet / electronic voting primary concepts starting from the fundamentals of authentication, verifiability, coercion resistance and their requirements were discussed. A number of advantages of internet / electronic voting, EVMs/DRE were reviewed. Fundamental Public and Private cryptography applications were also discussed.
Several methods of cryptography were presented with Blind signatures , unique identification and Diameter protocols for the first time were discussed in addition to one more protocol for the large scale voting and that is Simple Network Management Protocol.
After elaborating the fundamentals and literature review on internet / electronic voting system, details of proposed algorithm were discussed. Objective of verifiability is being achieved by proposing solution for verifiability with anonymity of the e-voter using blind signature protocol.
For transferring of messages / communication between e-voter and the election server is being done by encrypting the messages / communication and using RSA algorithm.
Authentication of e-voter is being verified by the third party, which has been proposed by using unique identification number that is Aadhaar number.
Proposal has also been given in terms of security and authentication by using the Kerberos protocol. Diameter protocol has also been proposed, which helps to do the work of AAA (Authentication, Accounting, and Authorization) functionality.
Finally, we proposed an algorithm for coercion resistance, which is a unique one, wherein e-voter can cast a vote multiple times but only the first vote will be counted and stored in the final log. This system can stop coercer’s dominance over voters.
We have also achieved the following points by proposing the solution for the coercion resistance and that is by a) obeying coercer’s instructions; b) receipt freeness; c) multiple voting options; and d) privacy of voter.
Proposal for managing a large voting network by using decentralised servers, which can be managed by implementing a protocol namely S.N.M.P . S.N.M.P stands for simple network management protocol. NMS is based on simple network management protocol which is known as network management system. NMS can help to achieve fault management, performance management, security management, configuration management and accounting management .
Multiple proposals have been found to improve the internet / electronic voting model in this thesis work, which were never proposed in any work before. These proposals will give a new dimension to improve the internet / electronic voting system.
Next, we have identified and analysed broader areas like, Coercion-resistance, Verifiability and Security in internet / electronic voting systems available and have proposed the new internet / electronic voting model, which overcomes all the cons of other internet / electronic voting systems.
As the security aspect in internet / electronic voting process, which is referred as one of the most important factors apart from Verifiability and Coercion-resistance, we adopted an information systems security approach to identify the needs of such a complex internet / electronic voting system.
We analysed a rational method in order to propose security methods for the internet / electronic voting systems and to compare objectively their security levels. Next, the working of two available internet / electronic voting systems -Estonian and SERVE – has been shown, and compared them with the proposed internet / electronic voting model. The analysis of the work can be arguable but we proposed a strong authentication through DIAMETER protocol, which is fundamentally used for mobile networks.
Finally, after comparing various proposed and working internet / electronic voting systems, it is concluded that proposed internet / electronic voting model is efficient as compared to SERVE and Estonian internet / electronic voting systems.
5.2 Future work
Many steps in the proposed work have different security features, which continues to be a challenge for future study.
Following points mentioned, are the recommendations to carry out research work on the issues, which have not been studied deeply in any literature studied until now:
Special mass voter surveys on internet / electronic voting responses using internet based voting;
Managing the large scale networks using different voting servers across different states by the network management system (NMS);
Practical evaluation of Aadhaar-based authentication and its trade-offs;
Multiple use of smart card, which can be used for casting vote, withdrawing money etc.;
Comparing the time taken by the RSA algorithm and other algorithms for encryption and decryption of the data sent and received between e-voter and voting server;
RFID-based voter card.
...(download the rest of the essay above)