Beruflich Dokumente
Kultur Dokumente
ON
In Partial Fulfillment of
T.E. Computer Engineering
T.E. Semester II
BY
( Dr.M.G.JADHAV )
Principal
Place:
Pune Date:
Acknowledgments
It is our proud privilege and duty to acknowledge the kind of help and guidance
received from several people in preparation of this report. It would not have been possible
to prepare this report in this form without their valuable help, cooperation and guidance.
First and foremost, we wish to record our sincere gratitude to our beloved Principal,
Dr. M. D. Jadhav, Principal, Jayawantrao Sawant College Of Engineering ,Pune for
his constant support and encouragement in preparation of this report and for making
available library and laboratory facilities needed to prepare this report.
We express our sincere gratitude to our guide, Asst. Prof. Ishwar Kalbandi,
Depart-ment of Computer Science and Engineering, JSCOE, Pune for guiding us
in investiga-tions for this seminar and in carrying out experimental work. Our
numerous discussions with his were extremely helpful. We hold his in esteem for
guidance, encouragement and inspiration received from his.
The seminar on Global Wireless E-Voting was very helpful to us in giving the
necessary background information and inspiration in choosing this topic for the
seminar. Our sincere thanks to Prof. A.S.Devare , Seminar Coordinator for having
supported the work related to this project. Their contributions and technical
support in preparing this report are greatly acknowledged.
With significant U.S. federal funds now available to replace outdated punch-
card and mechanical voting systems, municipalities and states throughout the
U.S. are adopting paperless electronic voting. systems from number of dif-ferent
vendors. We present a security analysis of the source code to one such machine
used in a significant share of the market. Our analysis shows that this voting
system is far below even the most minimal security standards appli-cable in other
contexts. We identify several problems including unauthorized privilege
escalation, incorrect use of cryptography, vulnerabilities to network threats, and
poor software development processes. We show that voters, with-out any insider
privileges, can cast unlimited votes without being detected by any mechanisms
within the voting terminal software. Furthermore, we show that even the most
serious of our outsider attacks could have been discovered and executed without
access to the source code. In the face of such attacks, the usual worries about
insider threats are not the only concerns; outsiders can do the damage. That
said, we demonstrate that the insider threat is also quite considerable, showing
that not only can an insider, such as a poll worker, mod-ify the votes, but that
insiders can also violate voter privacy and match votes with the voters who cast
them. We conclude that this voting system is unsuit-able for use in general
election. Any paperless electronic voting system might suffer similar flaws,
despite any certification it could have otherwise received. We suggest that the
best solutions are voting systems having a voter-verifiable audit trail,where
computerized voting system might print a paper ballot that can be read and
verified by the voter.
Contents
Acknowledgement I
Abstract II
1 INTRODUCTION 1
1.1 E-VOTING . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
2 DISSERTATION PLAN 5
3 E-VOTING 6
3.2 E-VOTING . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
4.1 WORKING . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
III
4.4 FEATURES OF E-VOTING . . . . . . . . . . . . . . . . . . . . . . . 20
5 CONCLUSION AND FUTURE SCOPE 22
BIBLIOGRAPHY 23
Chapter 1
INTRODUCTION
1.1 E-VOTING
Elections allow the populace to choose their representatives and express their preferences
for how they will be governed. Naturally, the integrity of the election process is fundamen-
tal to the integrity of democracy itself. The election system must be sufficiently robust to
withstand variety of fraudulent behaviors and must be sufficiently transparent and com-
prehensible that voters and candidates can accept the results of an election. Unsurprisingly,
history is littered with examples of elections being manipulated in order to influence their
outcome.
The design of good voting system, whether electronic or using traditional paper bal-
lots or mechanical devices, must satisfy a number of sometimes competing criteria. The
anonymity of a voters ballot must be preserved, both to guarantee the voters safety when
voting against a malevolent candidate, and to guarantee that voters have no evidence that
proves which candidates received their votes. The existence of such evidence would allow
thwart a wide range of attacks, including ballot stuffing by voters and incorrect tallying by
insiders.
1
GLOBAL WIRELESS E-VOTING
Another factor, as shown by the so-called butterfly ballots in the Florida 2000 presiden-
tial election, is the importance of human factors. A voting system must be comprehensible
to and usable by the entire voting population, regardless of age, infirmity, or disability. Pro-
one where, if other security is done well, electronic voting could be great
improvement
over current paper systems. Flaws in any of these aspects of voting system,
however, can
ELECTRONIC VOTING SYSTEMS. There have been several studies on using computer
technologies to improve elections [4, 5, 20, 21, 25]. These studies caution against the risks
of moving too quickly to adopt electronic voting machines because of the software engi-
neering challenges, insider threats, network vulnerabilities, and the challenges of auditing.
As result of the Florida 2000 presidential election, the inadequacies of widely-used punch
card voting systems have become well understood by the general population. Despite the
opposition of computer scientists, this has led to increasingly widespread adoption of direct
recording electronic (DRE) voting systems. DRE systems, generally speaking, completely
eliminate paper ballots from the voting process. As with traditional elections, voters go to
their home precinct and prove that they are allowed to vote there, perhaps by presenting an
ID card, although some states allow voters to cast votes without any identification at all.
After this, the voter is typically given a PIN, a smartcard, or some other token that allows
them to approach a voting terminal, enter the token, and then vote for their candidates of
choice. When the voters selection is complete, DRE systems will typically present a sum-
mary of the voters selections, giving them final chance to make changes.
Subsequent to
this, the ballot is cast and the voter is free to leave. The most fundamental problem with such
a voting system is that the entire election hinges on the correctness, robustness, and security
of the software within the voting terminal. Should that code have securityrelevant flaws, they
include election officials, the developers of the voting system, and the developers of the em-
bedded operating system on which the voting system runs. If any party introduces flaws into
the voting system software or takes advantage of pre-existing flaws, then the results of the
election cannot be assured to accurately reflect the votes legally cast by the voters.
Although there has been cryptographic research on electronic voting , and there are new
approaches such as , currently the most viable solution for securing electronic voting ma-
chines is to introduce voter-verifiable audit trail [10, 20]. A DRE system with a printer
attachment, or even traditional optical scan system (e.g., one where a voter fills in a
printed
bubble next to their chosen candidates), will satisfy this requirement by having a piece of
paper for voters to read and verify that their intent is correct reflected. This paper is stored
in ballot boxes and is considered to be the primary record of a voters intent. If, for
some reason, the printed paper has some kind of error, it is considered to be a spoiled
ballot and can be mechanically destroyed, giving the voter the chance to vote again. As
a result, the correctness of any voting software no longer matters; either a voting terminal
prints correct ballots or it is taken out of service. If there is any discrepancy in the vote
tally, the paper ballots will be available to be recounted, either mechanically or by hand. (A
verifiable audit trail does not, by itself, address voter privacy concerns, ballot stuffing, or
Many government entities have adopted paperless DRE systems without appearing to
have critically questioned the security claims made by the systems vendors. Until recently,
such systems have been dubiously certified for use without any public release of the anal-
yses behind these certifications, much less any release of the source code that might allow
independent third parties to perform their own analyses. Some vendors have claimed secu-
rity through obscurity as defense, despite the security communitys universally held belief
Indeed, the CVS source code repository for Diebolds AccuVote-TS DRE voting system
recently appeared on the Internet. This appearance, announced by Bev Harris and discussed
in her book, Black Box Voting , gives us a unique opportunity to analyze a widely used,
paperless DRE system and evaluate the manufacturers security claims. Jones discusses the
origins of this code in extensive detail . Diebolds voting systems are in use in 37 states, and
they are the second largest and the fastest growing vendor of electronic voting machines.
version 4, tree in the CVS repository . This tree has entries dating from October 2000 and
culminates in an April 2002 snapshot of version 4.3.1 of the AccuVote-TS system. From
the comments in the CVS logs, the AccuVote-TS version 4 tree is an import of an earlier
AccuTouch-CE tree. We did not have source code to Diebolds GEMS back-end election
management system.
This topic is generally belongs to global wireless evoting.How we implement the e-voting
in world and how it is helpful. The Objective and Aim of this report is to improve voting
This will help to solve social issues of voting. Considering the all disadvantages of the
present system,we proposed the sysyem Global Wireless Evoting. This system is Remote
5
Chapter 3
E-VOTING
Voting is one of the most critical features in our democratic process. By casting a vote
we hold previous politicians to account and express our hopes for the future. Of course
democracy is more than votes - it’s debate, letter writing, campaigning, consultation - but
the vote is how every single citizen can wield real and immediate power. In addition to pro-
viding for the orderly transfer of power, it also cements the citizens trust and confidence in
an organization or government when it operates efficiently. It’s incredibly important that ev-
eryone can vote without interference, safe in the knowledge that it will be counted. Through
the long history of democracy we have learnt that in the pursuit of power some groups are
willing to threaten voters to make sure they vote ’the right way’. But if the vote is secret
then there is no way for intimidators to know whether someone has voted for them or not -
threats become useless. So votes are a vital expression of the people’s power, which need to
3.2 E-VOTING
Electronic voting is a term used to describe any of several means of determining people’s
collective intent electronically. Electronic voting includes voting by kiosk, Internet, tele-
6
GLOBAL WIRELESS E-VOTING
phone, punch card, and optical scan ballot (a.k. . mark-sense). Voting is done for many
reasons and in many situations, ranging from determining the next garden club officers to
be required to meet differing needs depending on the circumstances. One hopes that in this
way the voting process becomes faster, cheaper, more convenient, and also more secure.
admitted. Uniqueness no voter may cast his vote more than once.
Verifiability and audit ability it should be possible to verify that all votes have been
correctly accounted for in the final tally, and there should be reliable and verifiably
Election has been used to decide various questions for at least 2000 years. In an-
cient Greece, people voted by putting white or black stone in bucket. Early methods
including Shouting out Aye or Nay, raising hands or depositing objects to be counted.
Paper Ballot
The first Known use of the paper ballots in an election in the U.S. was in 1629 to
1] Invented By
ballots are printed at government expenses, given to voter at polling places, and peo-
ple are required to vote and return the ballot on the spot. The Australian government
comes up with this procedure, which is now the most widely used system in the world.
The paper ballot system employs uniform official ballots of various stock weights on
which the names of all candidates and issues are printed. Voters record their choices,
in private; by marking the boxes next to the candidate or issue choice they select and
3] Current Usage
As of 1996, paper ballots were still used by 1.7 percent of the registered voters in
the United States. They are used as the primary voting system in small commu-
nities and rural areas, and quite often for absentee balloting in other jurisdictions.
It may take long time to get hand count under the current system. (Counting
Problem)
A small portion of the disabled may lose the ability to vote privately.
4.1 WORKING
Radio waves representing scanned retina pattern and vote to Mobile tower.
Radio waves representing scanned retina pattern and vote to remote server.
10
GLOBAL WIRELESS E-VOTING
The voting machine is actually a device which generate the different voltages for different
votes these voltages are fed to the (ADC) which is then converted to digital bits then can be
The eye retina machine be simple web cam or device which can capture the images
effectively .the captured image will be represented in the form of a matrix where each pixel
represents 24-bit (RGB, 8+8+8 format) let us see and understand Here for e.g.
This is an electronic kit which converts the input digital signals such as (retina pattern
Whenever voters enter to voting booth then he will be instructed to directly look at retina
scanning machine at this time the machine scans the retina. once retina scanning properly
confirmed then it sent signal to the voting machine as to accept the vote it will be powered
on .then voter is made to vote. Now the whole data including the retina pattern is sent to
interfacing device which convert into radio waves of mobile frequency range and these radio
waves are sent to mobile tower and then to the remote server, where the authentication and
voters identification is stored into a secured database. The received data is first converted
into digital format from the radio waves through the interface device kept at the server
side, and then retina pattern and vote separated . Next the retina pattern is matched against
the existing database .If match is found then flag is check which indicates its voting status
i.e if the voter is not voted yet then +ve ack is send to the mobile tower and then to the
corresponding voting machine. This ack is recognized by the receiver kept at the voter side
and machine is made to scan next retina pattern and vote , otherwise if ve ack then alert
There are several more issues that we have to consider along the Implementation such as
Security
Efficiency
Geographical Problems
Security
The radio waves of mobile frequency consist of Retina pattern and vote can be
Generated by means of external source .Thats why we need to provide some sot of
security to avoid this problem . One of the idea to solve this problem is CDMA
(which will be explained later ) and another technique is inserting security bits at
regular interval of time during the transmission of radio waves (Ex.2 msec) .At the
server side after the given interval (2 msec ) security bits are checked (ex 1001) .
In case of positive confirmation we can accept as valid vote, other wise simply re-
jected. Another problem is that one may trap the radio waves in between and can
determine the person and the vote, this may disclose the result of the election be-
fore the completion of the voting process. To avoid this problem we can go for
applying the efficient and complex encryption algorithm so that the transparency of
data can be hidden and the server side the encrypted data can be again decrypted
and original data can retrieved this make the trapping of wave meaningless .The en-
3] Add the corresponding Characters from the given string and random values.
The final encrypted data is formed in such a way that the random data at the even
place and rest at odd place. This makes Decryption very easy. Simply subtract the
Efficiency
Whenever the data which is sent from the voter (client) side, it is in the large
amount, this delays a bit a voting system and the data that is received at server side is
in the multiple access mode i.e more than one client is sending the data . To over come
1] Applying compression Algorithms at the Client and server side so that to decrease
the data transfer. Compression technique such as JPEG compression or any other
Compression.
2] Instead of using single server PC we will go for distributed Operating system envi-
ronment with multiple servers. This makes the job sharing and processing faster which
Here the key values are orthogonal to each other i. k1*k2=0 and k1*k1=1 i.e if any
tries to decode the information with any other key the data will be vanished as the
data will be in the form d1*k1. If you try to decode with K2 then effect will be as
d1*k1*k2=0. this will vanish the data .And if correct decoding key i. k1 is used
controlling concurrency for multiple access the data from all the nodes is accepted as
k1*d1+k2*d2 +k3*d3+k4*d4.In this case if you want the data corresponding to the
second node then simply multiply the whole equation with the k2. This will give d2
of nodes are allowed to send the data, the server will accept all the data and which
ever has to be extracted will be just multiplied with corresponding key. This gets the
Geographical problem
This is the problem regarding the area where technical facilities like mobile tower or
Internet service is not present. In this case will convert the vote and retina pattern into
the electrical information and pass it through the electrical conductors until we can
reach the area where the technical facilities like internet or mobile tower is available,
and if only internet facility is available is then we can convert this electrical informa-
tion to digital means and with these data using computers connected to internet we
can pass the vote and retina pattern. Here the eye scanner will be web cam.
Internet voting.
Increased accessibility, for example by audio ballot papers for blind voters,
with In-ternet voting as well for housebound voters and voters from abroad.
Reduction of spoilt ballot papers as voting systems can warn voters about any invalid
votes (although consideration should be given to ensuring that voters are able to cast
Potential long-term cost savings through savings in poll worker time, and
Cost savings by using Internet voting: global reach with very little logistical overhead.
Compared to postal voting, Internet voting can reduce the incidence of vote-selling
and family voting by allowing multiple voting where only the last vote counts and
prevent manipulation with mail-in deadlines through direct control of voting times.
Lack of transparency.
Increased security requirements for protecting the voting system during and
above.
This paper describes some of the technological activities we have been carrying out within
the ProVotE project, which has the goal of introducing -voting systems for the next provin-
cial elections.
larly cautious towards new technologies in the polling stations requires a multi-disciplinary
approach that allows to take into account not only the usability requirements of the voters,
but also those non-functional requirements that help guaranteeing security and build trust on
The technological actions described above, together with the sociological, communica-
tion, and normative actions planned for the second phase will gradually broaden the size
22
Bibliography
[1] M. Bellare, R. Canetti, and H. Krawczyk. Keying hash functions for message
[5] H. Krawczyk. The order of encryption and authentication for protecting commu-
CRYPTO 2001, volume 2139 of Lecture Notes in Computer Science, pages 310331.
23
[6] R. Mercuri. Electronic Vote Tabulation Checks and Balances. PhD thesis,
http://news.findlaw.com/cnn/docs/voting/ nsfe-voterprt.pdf.
Report on the Development of the Advanced Encryption Standard (AES), Oct. 2000.
[10] RABA Innovative Solution Cell. Trusted Agent Report: Diebold AccuVote-TS
http://www.dbm.maryland.gov/SBE.
[14] D. L. Dill, R. Mercuri, P. G. Neumann, and D. S. Wallach. Fre-quently Asked
http://www.verifiedvoting.org/drefaq.asp.
http://fecweb1.fec.gov/ pages/vss/vss.html.
Germany, 2003.
[18] B. Harris. Black Box Voting: Vote Tampering in the 21st Century. Elon
[20] D. W. Jones. Problems with Voting Systems and the Applicable Standards,