INTERNATIONAL JOURNAL OF ADVANCED SCIENTIFIC RESEARCH AND TECHNOLOGY

ISSUE 2, VOLUME 2 (APRIL 2012) ISSN: 2249-9954

Highly Secure Online Voting System with Multi Security using

Biometric and Steganography
B. Swaminathan#1, J. Cross Datson Dinesh#2

Assoc. Prof. Dept of Computer Science and Engineering

Rajalakshmi Engineering College
Chennai, India
E-mail: swamikb@gmail.com

Dept of Computer Science and Engineering

Rajalakshmi Engineering College
Chennai, India
E-mail: datson.dinesh@Yahoo.in

______________________________________________________________________________
ABSTRACT
In this paper an online voting system is proposed with secure user authentication by
providing biometric as well as password security to voter accounts. The basic idea is to merge
the secret key with the cover image on the basis of core image. The result of this process
produces a stego image which looks quite similar to the cover image. The core image is a
biometric measure, such as a fingerprint image. The stego image is extracted at the server side to
perform the voter authentication function. This system greatly reduces the risks as the hackers
have to find both the secret key and template which makes the election procedure to be secure
and robust against a variety of fraudulent behaviors.

Keywords: Online Voting, Data hiding, Biometric, Stego image, Steganography.

______________________________________________________________________________
Corresponding Author: J. Cross Datson Dinesh

INTRODUCTION
It has always been an arduous task for the election commission to conduct free and fair polls in
our country, the largest democracy in the world. Crores of rupees have been spent on this to
make sure that the elections are riot free. The most important aspect of the democracy is the
ability of the people to choose their ruler by vote. Integrity of the election process will determine
the integrity of democracy itself. So the election system must be secure and robust against a
variety of fraudulent behaviors, should be transparent and comprehensible that voters and
candidates can accept the results of an election. A voting system must be usable by the entire
voting population, regardless of age, infirmity or disability.
Electronic Voting Machines ("EVM") are being used in Indian General and State Elections to
implement electronic voting in place of ballot papers and boxes which were used earlier in
conventional voting system. It may be vulnerable to fraudulent activities like impersonation of
voters, booth capturing and so on. My aim is to present a new online voting system employing

Page 195
 INTERNATIONAL JOURNAL OF ADVANCED SCIENTIFIC RESEARCH AND TECHNOLOGY

ISSUE 2, VOLUME 2 (APRIL 2012) ISSN: 2249-9954

biometrics in order to avoid rigging and to enhance the accuracy and speed of the process so that
one can cast his vote irrespective of his location. As online voting is risky, it is difficult to come
up with a system which is perfect in all senses. Once we are sure that a voter is genuine, we can
easily address other issues like anonymity and tamper resistance. The system uses thumb
impression as well as password for voter authentication as we know that the thumb impression of
every human being has a unique pattern. Thus it would have an edge over the present day voting
systems.

RELATED WORK
Subba Rao et al., [1] proposed a steganography technique that is based on randomizing the
sequence of cipher bits. Advantage of this technique is there is no one-to-one mapping between a
given cipher text and an image.
Constantinos Patsakis and Evangelos Fountas [2] proposed Fibonacci LSB Data Hiding
Technique to more integer bases. In this work, a new embedding method, which generalizes the
idea of Fibonacci decomposition, enabling more data to be embedded in an image with good
statistical properties was presented.
Namita Tiwari and Dr.Madhu Shandilya [3] evaluated the LSB based Methods of Image
Steganography on GIF File Format. This paper focused on hiding the message in the least
significant bits of the colors of the pixels of a GIF image.
Hanan Mahmoud Hanan et al., [4] proposed a Novel Technique for Steganography in
Fingerprints Images. This paper describes the design and implementations of a project
concerning the hiding of messages in images specifically fingerprint images. The policy of this
project is to keep the confidential messages hidden inside the drawing of the fingerprints.
Sanjay Saini and Dr. Joydip Dhar [5] proposed an eavesdropping proof secure online voting
model. In this paper an online voting framework was formulated which ensures that the voter is
able to vote in a public environment without his vote being eavesdropped on by a neighbor.
E.S. Shameem Sulthana and Dr.S.Kanmani [6] presented the Evidence based Access Control
over Web Services scheme using Multi Security. This paper explains about voting through
internet, with facial detection integrated with finger print authentication and automated load
balancing, fused with data hiding security.
Alok Kumar Vishwakarma and Atul Kumar [7] proposed a Novel Approach for Secure
Mobile-Voting using Biometrics in Conjunction with Elliptic Curve Crypto-Stegano Scheme.
This paper describes a secure mobile-voting system using cryptography and steganography.
Nabin Ghoshal and J. K. Mandal [8] proposed a Steganographic Scheme for Colour Image
Authentication. This paper deals with a novel steganographic technique which demonstrates the
colour image authentication technique in frequency domain based on the Discrete Fourier
Transform(DFT). Experimental results confirmed that this algorithm performs better than
discrete cosine transformation (DCT), Quaternion Fourier Transformation (QFT) and Spatio
Chromatic DFT (SCDFT) based schemes.
Masoud Afrakhteh and Subariah Ibrahim [9] presented an Enhanced Least Significant Bit
Scheme robust against Chi-Squared attack. Among the steganographic techniques and
particularly in conventional least significant bit (LSB) insertion method, there is a challenging
issue and that is how to embed desired secret bits in a cover medium in a way not to be seen by
human vision. This paper proposes a method that utilizes more surrounding pixels unlike BPCS,
PVD and MBNS methods which use 3 or 4 immediate neighbors of each pixel and finally, it is
proved that the method is robust against Chi-squared attack.

Page 196
 INTERNATIONAL JOURNAL OF ADVANCED SCIENTIFIC RESEARCH AND TECHNOLOGY

ISSUE 2, VOLUME 2 (APRIL 2012) ISSN: 2249-9954

Guo-Shiang Lin et al., [10] a framework for Enhancing Image Steganography with Picture
Quality Optimization and Anti-Steganalysis based on Simulated Annealing Algorithm. In this
paper, a closed-loop computing framework was proposed which iteratively searches proper
modifications of pixels/coefficients to enhance a base steganographic scheme with optimized
picture quality and higher anti-steganalysis capability.

PROPOSED METHODOLOGY

Using the proposed system voting can be done through internet with the concept of
Steganography and biometrics. User PIN and the secret key are transmitted to the server securely
using Steganography. Steganography is the idea of hiding private or sensitive data within
something that appears to be nothing out of the normal. If a person views the digital object, he or
she will have no idea that there is any hidden information, and therefore the person will not
attempt to decrypt the information. The general model of Steganography says if you want to send
some secret message then choose a cover image, find its redundant bits and replace these bits
with data bits of the message. The message can be easily extracted by doing some operations on
the other end.
Least significant bit insertion is a common approach to embed information in a cover file.
This process overwrites the LSB of a pixel value with a message bit. If we choose a 24-bit image
as cover, we can easily store 3 bits in each pixel. Human eye will not be able to find the
difference in any case. Unfortunately, this process of LSB modification changes the statistical
properties of the cover image, so eavesdroppers can detect the distortions in the resulting stego
image. This is quite viable that we can’t embed anybody’s personal information in this manner.
So, what we can do is that, we can encrypt the message before embedding, or we can perform
steganography providing strong encryption at the same time.
Fingerprint images are chosen as keys for encrypting the secret key. Fingerprint recognition is
used for user authentication because it is the most deployed biometric technique, both in civil
and criminal applications, because of its high maturity and cost-effective capture and processing.
Some information about the voter should be collected to support such a system. Firstly, each
and every individual in the country should be provided with a Personal Identification Number.
This is needed for maintenance of voter accounts in the database. Secondly, we need Thumb
Impressions (fingerprint images) of all the individuals. Thirdly, during the account creation every
individual will be provided with a system generated Secret key which he/she should not disclose
to anybody. This will be needed to cast the vote. The voter account creation process is shown in
fig 1.1:

Fig 1.1 Secret Key Generation

Assuming all voters’ information in a country is securely collected, biometric reader available
for voting, the system is online during the election period only, the methodology is as follows.

Page 197
 INTERNATIONAL JOURNAL OF ADVANCED SCIENTIFIC RESEARCH AND TECHNOLOGY

ISSUE 2, VOLUME 2 (APRIL 2012) ISSN: 2249-9954

To cast a vote, a voter logs into the system by entering the personal identification number and
secret key. Along with this voter has to give the thumb impression on the fingerprint sensor.
The system will generate the cover image and embed the secret key into it according to the
predefined procedure to generate the stego image as shown in fig 1.2:

Fig 1.2: Stego Image Creation

Now this stego image will be sent securely to the server for voter authentication. Fingerprint
forgery may be restricted by using advanced fingerprint readers which employ Ultrasonic and
Capacitance.
At the server side, Optical Character Recognition technique will be used to read the personal
identification number represented on the image. After reading it, the server will find out the
details of that individual from the database. These details will be his/her fingerprint image and
secret key. Using these details, the image can be decoded to find out the embedded message
which should be the secret key of that individual. Once authentication is complete, the voter will
be allowed to vote. In this next page, all the details regarding the voting boundaries of that
individual will be shown. Here voter can select the desired candidate and finalize the vote. After
casting the vote, the account will be closed and in the database the voted bit will be set to one for
that voter.
A. CREATION OF RANDOM COVER IMAGE
Every voter should have a 16-digit personal identification number. This number will be
automatically written over a base image in predefined font style & size. Let us use 256*256
pixels bitmap cover image. The base image should be clear so that the text written over it is
machine readable. This image will be finally modified into a stego image and sent over insecure
channel. The base image is chosen randomly among a set of images in the system. Cover image
is a simple inscription of personal identification number over the base image. So, the cover
image for each voter is different which will reduce the chances of predicting the image by an
attacker during transmission.
B. SECRET KEY EXPANSION USING SHA 256 HASHING ALGORITHM
The secret key plays very important role in the whole process. It should not be compromised
in any case. It should be short enough to be remembered by everybody. Let us assume it to be a
4-digit number, similar to ATM PIN. This 4-digit PIN can easily be represented using 2 bytes.
But 2 byte data looks very much vulnerable in terms of length as an attacker can easily predict
the secret data by Steganalysis. So, to increase the complexity of analysis, the 2 byte secret key is
expanded to 32 byte key by applying SHA 256 hashing algorithm. Now these 256 bits will
become a part of the actual secret message. When the secret message is embedded in the cover
image, its statistical properties will not remain same. The stego image will remain more complex

Page 198
 INTERNATIONAL JOURNAL OF ADVANCED SCIENTIFIC RESEARCH AND TECHNOLOGY

ISSUE 2, VOLUME 2 (APRIL 2012) ISSN: 2249-9954

to be analyzed because more features of the key image are utilized in this case. So, it would be
more difficult for the attackers to predict the embedded data.
C. GENERATION OF THE SECRET MESSAGE
In this phase of the methodology, we will get a 288 bit secret message from a 16 bit secret
key. Firstly, the secret key is concatenated with the time-stamp value. The timestamp is a 32 bit
value which represents the current date. Now we will apply SHA 256 algorithm to get a 256 bit
hash code for that key. Now the same time-stamp is concatenated with this hash code to get the
secret message. So, our secret message will be of 288 bit length. As the actual secret key is never
embedded in the stego image, there will be no chance of predicting secret key from it. The
mechanism is shown in fig 1.3:

Secret Key Concatenate Timestamp

(16 bits) (32 bits)

Timestamp Concatenate Hash code

(32 bits)
(256 bits)

Secret Message
(288 bits)

Fig 1.3: Secret Message Generation

D. STEGO IMAGE CREATION ALGORITHM
The output of this algorithm is a stego image S and the inputs are expanded secret key
concatenated with time-stamp, i.e. secret message, a cover image and the core image. In this
embedding process we are going to modify the 256*256 pixels cover image given by the array
Cover[] of 3*216 of size. In terms of cryptography, performing permutations on input data
increases the level of confusion. More is the level of confusion, more it will become
unpredictable. In this phase we distribute the bits of secret message throughout the image in a
random manner.
As we need to embed 288 bits of secret message SM[] into cover image, we need to determine
the bytes of cover image which we are going to modify. These are determined by random
function with secret key as seed. Here, we have a Random Number RN[] array of size 288 with
values ranging from 1 to 3*216. We have a core image array Core[] of 3*216 bytes. So, in order to
yield stego image Stego[] we are going to use the following algorithm.

Stego Image Creation Algorithm:

Input: Cover [], Core [], RN [], SM []
Output: Stego []
Begin
for every bit of Secret Message SM [i] do
if SM [i] = 1 then
if Cover[RN[i]] and Core[RN[i]] both odd then
Stego[RN[i]] = Cover[RN[i]] – 1

Page 199
 INTERNATIONAL JOURNAL OF ADVANCED SCIENTIFIC RESEARCH AND TECHNOLOGY

ISSUE 2, VOLUME 2 (APRIL 2012) ISSN: 2249-9954

else if Cover[RN[i]] and CI[RN[i]] both even then

Stego[RN[i]] = Cover[RN[i]] +1
end
else
Stego[RN[i]] = Cover[RN[i]]
end
else if SM[i] = 0 then
if Cover[RN[i]] and Core[RN[i]] both either even or odd
then Stego[RN[i]] = Cover[RN[i]]
else
Stego[RN[i]] = Cover[RN[i]] + 1
end
end
End
According to the algorithm, if secret message bit is one and both cover image and key image
byte values are odd we are making stego image byte value one less than cover image byte value,
else one more than that. If secret message bit is zero and both cover image and key image byte
values are even or odd we are keeping stego image byte value same as cover image byte value,
else one more than that. We should notice that during extraction we have to apply the same
random function with the same seed.
For example,
1) Cover image array of size 10: Cover[] = {4, 20, 25, 32, 14, 09, 26, 35, 77, 46}
2) Core image array of size 10: Core[] = {17, 15, 07, 05, 64, 98, 74, 58, 38, 14}
3) Random number array of size 10: RN[] = {7, 4, 2, 8, 6, 1, 9, 0, 5}
4) Secret Message of size 10 bits: SM[] = {1, 0, 1, 1, 0, 0, 1, 1, 0, 0}
The resulting stego image is shown in Table I:
Cover[RN[i]] Core[RN[i]] Stego[RN[i]]
SM [i]
1 Cover[7] = 35 Core[7] = 58 Stego[7] = 35
0 Cover[4] = 14 Core[4] = 64 Stego[4] = 14
1 Cover[2] = 25 Core[2] = 07 Stego[2] = 24
1 Cover[8] = 60 Core[8] = 38 Stego[8] = 61
0 Cover[6] = 32 Core[6] = 74 Stego[6] = 32
0 Cover[1] = 20 Core[1] = 15 Stego[1] = 21
1 Cover[9] = 46 Core[9] = 14 Stego[9] = 47
1 Cover[0] = 04 Core[0] = 17 Stego[0] = 04
0 Cover[5] = 09 Core[5] = 98 Stego[5] = 10
0 Cover[3] = 32 Core[3] = 05 Stego[3] = 33
Table I: Creating Stego Image
From the above algorithm, final stego image is: Stego [] = {04, 21, 24, 33, 14, 10, 32, 35, 61,
47}
E. DECRYPTION ALGORITHM FOR AUTHENTICATION
In the extraction process, firstly the personal identification number from the Stego image is
read using OCR. Now, from the matching entry in the voter database, we read the core image
and Secret key of that individual. The key to successful comparison is the time-stamp value. The
timestamp (e.g. Date) delivers the security from replay attacks, so that the same stego image

Page 200
 INTERNATIONAL JOURNAL OF ADVANCED SCIENTIFIC RESEARCH AND TECHNOLOGY

ISSUE 2, VOLUME 2 (APRIL 2012) ISSN: 2249-9954

cannot be used again in future. Using the secret key as seed we are generating the array RN[] of
size 288. From the stego image we are forming the array Stego[]. Also, we have array Core[]
given by key image. Using these we can extract the SM[] by applying the algorithm given
below.
Decryption Algorithm
Input: Stego [], Cover [], RN[], Secret Key
Output: Authentic Voter/ Not an Authentic Voter
Begin
𝑆𝑒𝑐𝑟𝑒𝑡𝑀𝑠𝑔[], 𝐷𝑎𝑡𝑒[], 𝑆𝑒𝑐𝑟𝑒𝑡𝐾𝑒𝑦𝐷𝑎𝑡𝑒, k = 0
for i=0 to 287 do
if Stego[RN[i]] and Core[RN[i]] both either even or odd then
SM[i]= 0
else SM[i] = 1
end
end
for i = 256 to 287 do
Date [k++] =SM[i]
end
𝑆𝑒𝑐𝑟𝑒𝑡𝐾𝑒𝑦𝐷𝑎𝑡𝑒 = 𝐶𝑜𝑛𝑐𝑎𝑡𝑒𝑛𝑎𝑡𝑒(𝑆𝑒𝑐𝑟𝑒𝑡𝐾𝑒𝑦,𝐷𝑎𝑡𝑒)
if 𝐶𝑜𝑚𝑝𝑎𝑟𝑒(𝑆M[], 𝑆𝐻𝐴256(𝑆𝑒𝑐𝑟𝑒𝑡𝐾𝑒𝑦𝐷𝑎𝑡𝑒))
then Return: Authentic Voter
else
Return: Not an Authentic Voter
end
End
In the above algorithm, we are checking bytes of stego image and key image, if both are odd
or even we are taking the secret message as one otherwise zero. Using the Date value contained
in the secret message and Secret Key we can verify the authenticity.
Previous example is continued,
1) From the above embedding algorithm we have:
Stego[] = {04, 21, 24, 33, 14, 10, 32, 35, 61, 47 }
2) From Database we have:
Core[] = {17, 15, 07, 05, 64, 98, 74, 58, 38. 14}
Extraction of secret message is shown in Table II:
Core[RN[i]] Stego[RN[i]] SM[i]
Core[7] = 58 Stego[7] = 35 1
Core[4] = 64 Stego[4] = 14 0
Core[2] =07 Stego[2] = 24 1
Core[8] = 38 Stego[8] = 61 1
Core[6] = 74 Stego[6] = 32 0
Core[1] = 15 Stego[1] = 21 0
Core[9] = 14 Stego[9] = 47 1
Core[0] = 17 Stego[0] = 04 1
Core[5] = 98 Stego[5] = 10 0
Core[3] = 05 Stego[3] = 33 0
Table II: Retrieving the Secret Message

Page 201
 INTERNATIONAL JOURNAL OF ADVANCED SCIENTIFIC RESEARCH AND TECHNOLOGY

ISSUE 2, VOLUME 2 (APRIL 2012) ISSN: 2249-9954

F. VOTING PROCEDURE
Once any individual passes the authenticity criteria, he/she will be logged into his/her voting
account. We can easily restrict a voter from logging into his/her voting account more than once
during elections. Once a particular voter is authenticated by the system, a secure channel will be
established using https and then he/she will be able to cast the vote. The vote will remain secret
in every sense, i.e., it will not be reflected anywhere in the database that which user has voted for
whom. Finally, the account will be closed and that user will not be able to log back in by any
means again. This completes the voting process. The methodology of the voting process is
described in the fig 1.4:
Cover Image
PIN Creation

Voter Secret Key Encryption

Fingerprint Stego Image

Update
Server

PIN Extraction

Compare
Decryption
(Extract Secret Msg)
Database
Secret Key Verification

Caste Vote
Fig 1.4: Online Voting System Flowchart
CONCLUSION
In this paper we have enforced a method for integrating Cryptography and Steganography to
present a highly secure Online Voting System. The security level of our system is greatly
improved by the new idea of random cover image generation for each voter. The user
authentication process of the system is improved by adding both biometric and password
security. The Steganography portion of the system is secured by random distribution of message
bits into the cover image. This system will preclude the illegal practices like rigging. Thus, the
citizens can be sure that they alone can choose their leaders, thus exercising their right in the
democracy.

REFERENCES
[1] Subba Rao, Brahmananda Rao, Rukma Rekha, ”Secure image steganography based on
randomized sequence of bits”, eighth international conference on information technology
2011.

Page 202
 INTERNATIONAL JOURNAL OF ADVANCED SCIENTIFIC RESEARCH AND TECHNOLOGY

ISSUE 2, VOLUME 2 (APRIL 2012) ISSN: 2249-9954

[2] Constantinos patsakis, Evangelos Fountas,”Extended fibonacci LSB data hiding technique
ti more integer bases”3rd international conference on advanced computer theory 2010.
[3] Namita Tiwari and Dr.Madhu Shandilya, “Evaluation of Various LSB based Methods of
Image Steganography”, International Journal of Computer Applications Volume 6– No.2,
September 2010.
[4] Hanan Mahmoud Hanan Saad Al-Hulaibah Sarah Ahmad Al-Naeem Suha, “Novel
Technique for Steganography in Fingerprints Images: Design and Implementation” Sixth
International Conference on Information Assurance and Security 2010.
[5] Sanjay Saini and Dr. Joydip Dhar, “An eavesdropping proof secure online voting model”
International Conference on Computer Science and Software Engineering 2008.
[6] E.S. Shameem Sulthana and Dr. S.Kanmani, “Evidence based Access Control over Web
Services using Multi Security International Journal of Computer Applications March 2011.
[7] Alok Kumar Vishwakarma1 and Atul Kumar “A Novel Approach for Secure Mobile-
Voting using Biometrics in Conjunction with Elliptic Curve Crypto-Stegano Scheme”
International Journal of Technology and Engineering Systems, March 2011.
[8] [8] Nabin Ghoshal, J. K. Mandal “A Steganographic Scheme for Colour Image
Authentication (SSCIA)” IEEE-International Conference on Recent Trends in Information
Technology, June 3-5, 2011.
[9] [9] Masoud Afrakhteh and Subariah Ibrahim “Enhanced Least Significant Bit Scheme
Robust Against Chi-Squared Attack” Fourth Asia International Conference on
Mathematical/Analytical Modeling and Computer Simulation 2010.
[10] [10] Guo-Shiang Lin, Yi-Ting Chang, and Wen-Nung Lie “A Framework of Enhancing
Image Steganography with Picture Quality Optimization and Anti-Steganalysis Based on
Simulated Annealing Algorithm” IEEE Transactions on Multimedia, August 2010.

Page 203