Beruflich Dokumente
Kultur Dokumente
Group Members:
Irfan Farid Sabri (irfan.farid@seecs.edu.pk) Muhammad Umer (m.umer@seecs.edu.pk) 2007-NUST-BIT-20 2007-NUST-BIT-131
Advisor:
Mr. Qasim Rajpoot
Co-Advisor:
Dr. Awais Shibli Dr. Amir Hayat
APPROVAL
This report has been submitted with the approval of the following Supervisors. 1. Signed.................................................................... Date................................ Mr. Qasim M Rajpoot Dept. of Computing School of Electrical Engineering and Computer Sciences National University of Sciences and Technology, Pakistan 2. Signed.................................................................... Date................................ Dr. Awais Shibli Dept. of Computing School of Electrical Engineering and Computer Sciences National University of Sciences and Technology, Pakistan 3. Signed.................................................................... Date................................ Dr. Amir Hayat Dept. of Computing School of Electrical Engineering and Computer Sciences National University of Sciences and Technology, Pakistan
1|Page
DEDICATION
This Project Report is dedicated to my dear mother, who is always behind my academic struggles and success. This work is dedicated to my dearest teacher without their guidance I may not be able to complete my work. I also dedicate this thesis to my best friend who has always helped me and believed that I could do it.
Muhammad Umer
I dedicate this report to my best friend who has always helped me and believed that I could do it.
2|Page
ACKNOWLEDGEMENT
My special thanks go to Mr. Qasim M Rajpoot, my Senior Supervisor, assisted by Dr. Awais Shibli and Dr. Amir Hayat, for their tireless technical support and guidance offered to me who have propelled this work to completion. Without reservations, I take this opportunity to thank my supervisors for allowing me to be one of their students. I am especially grateful to Dr. Awais Shibli for his all moral and technical guidance and for providing technical equipments. I cannot forget to thank Mr Abdul Ghafoor who provided the initial professional focus and direction on this work. In a very special way, I am grateful to Mr. Shane Farmer who was always willing to share his experiences, knowledge and guidance towards my journey to completion. And without his guidance I may not be able to succeed.
3|Page
Contents
Chapter No. 1 .......................................................................................................................................... 6 Introduction ............................................................................................................................................ 6 1.1) Project Description ........................................................................................................................... 6 1.2) Problem Statement .......................................................................................................................... 7 Chapter No. 2 .......................................................................................................................................... 8 Literature review ..................................................................................................................................... 8 2.1 2.2. Manual Voting ............................................................................................................................ 8 Computer-based Voting System ................................................................................................... 9 Computer-based (e-voting) Voting ...................................................................................... 9 Electronic Voting at polling stations...................................................................................... 9 Direct Recording Electronic Machines (DRE) ......................................................................... 9 Advantages of DRE Machine ........................................................................................... 10 Disadvantages of DRE Machine ................................................................................... 10 Optical Scan ...................................................................................................................... 10 Advantages of Optical Scan Method .............................................................................. 10 Disadvantages of Optical Scan Method .......................................................................... 11 Punch Cards ...................................................................................................................... 11 Remote Voting Methods ........................................................................................................... 11 Remote Internet Voting Method ....................................................................................... 11 Postal Ballot Method .......................................................................................................... 12 Internet Voting and Democracy .......................................................................................... 12 Comparative Analysis of Manual Voting System with E-Voting System ...................................... 12 2.3.1 2.3.2 2.4 2.4.1 2.5 2.6 2.7 Advantages of Manual System over E-Voting Systems................................................... 12 Disadvantages of Manual System as compared to E-voting Systems ............................... 13
2.2.1 2.2.2 2.2.3 2.2.3.1 2.2.3.2 2.2.4 2.2.4.1 2.2.4.2 2.2.5 2.3 2.3.1 2.3.2 2.3.3 2.3
Countries having Internet-Voting method for voting process..................................................... 14 Estonia .............................................................................................................................. 14 Effect of Internet-Voting on Democracy .................................................................................... 16 Significance and Target Market ................................................................................................. 17 Key Words: ............................................................................................................................... 17 ActiveX controls: ....................................................................................................................... 20
Methodology......................................................................................................................................... 21 3.1 3.2 3.2.1 3.2.2 3.2.3 3.2.4 3.3 3.4 3.5 Main Principles .......................................................................................................................... 21 Major Assumptions ................................................................................................................... 21 Trustworthy Voters Computer ........................................................................................... 21 Voting Requirements ......................................................................................................... 21 Voters Registration ............................................................................................................ 22 Voters Smart Card ............................................................................................................. 22
Chapter No. 4 Design and Implementation30 4.1 4.2 4.3 Tools and Technology ................................................................................................................ 29 Components .............................................................................................................................. 30 Classes ....................................................................................................................................... 30
4.3.1 Voter Applications: ................................................................................................................... 30 4.3.2 Admin Application: ................................................................................................................... 31 4.3.3 Server Application:.................................................................................................................... 31 4.4 Use Case Diagram ............................................................................................................................ 33 4.5 System Interface .............................................................................................................................. 33 Chapter No. 5 Results.42 5.1 Results ............................................................................................................................................. 42 Chapter No.6 Discussion, Conclusion and Recommendation.43 6.1 Discussion and Conclusion ............................................................................................................... 43 6.2 Recommendations ........................................................................................................................... 44 References ............................................................................................................................................ 45
Appendix-1: Generating Self Signed Certificates 46 Appendix-2: SSL Configuration with Wamp Server.50 Appendix-3: Code Snaps 61
5|Page
6|Page
anywhere in the world where internet facility is available. Voter will not need to go to the Polling Station. He/she can vote sitting in his/her office, in Drawing room, travelling, in Railway Stations or Air Ports or anywhere else he/she will want to vote. Every voter registered with NADRA will be given a Smart Card. What he/she will need to do is only to open the site and insert his/her Smart Card in Smart Card Reader. Then voter will download a java application and run it. And then cast a vote.
7|Page
2.1
Manual Voting
Manual voting is also called paper-based voting. It is the most transparent and secure voting system known among all other voting methods. In manual voting everything is done by hand. That is from creating the ballots up to the result everything is done by hand. Its process is very simple and can be very easily understood by a common citizen. Voters get the paper-ballot at Polling station just before casting their vote on the voting day. Voters cast their vote by marking their choice on the ballot paper and dropping that ballot in the specific ballot box. Now as we know Pakistan is a democratic country, so according to the law the government of Pakistan should be elected by its citizens through transparent elections. In Pakistan currently deployed electoral system is paper based-voting system. People go to the polling stations and by using a physical ballot paper they cast their vote. One man-one-vote is made possible by using their unique computerized national identity card. Polling stations are opened for nine hours without having break.
8|Page
Paper-voting were the leading medium for voting twenty years ago, but now it has been replaced by other methods.
2.2.
2.2.1
In the voting process if computer is involved then it is known as computer-based voting. Computer involvement can be expressed as the collecting and counting of votes via computer. Electronic Voting further has two major categories, one is voting via computer at polling stations and the other is voting via computer on the internet (via web) which can be either from a public place for example at polling station or can be at private place for example at home. Both of these systems have been adopted in many modern countries successfully.
9|Page
1.
DREs are used by the countries mostly to increase the turnover of votes by providing convenient way of voting process. It is the only system known today that allows a truly secret ballot for the blind. They can even be set up so that the voter can choose one of a large number of languages right in the booth. They can save time. Results can be calculated efficiently with less time. DRE machines can easily be configured to handle different candidates.
Disadvantages of DRE Machine
2. 3.
4. 5. 6.
2.2.3.2
1.
DREs are very expensive devices especially for developing countries like Pakistan. DREs have a very shorter life span. DREs batteries must be recharged repetitively between elections. DREs serve few voters per machine, creating a bottleneck and long lines. DREs can lose votes, which cannot be recovered. DREs prevent ordinary citizens from observing the counting of votes.
2. 3. 4. 5. 6. 7.
2.2.4
Optical Scan
After the voter completes his ballot for voting by making choice and marking the ballot on the ballot paper the ballot is inserted into a machine (optical scanner) which uses light as a sensor. A light is beamed on the voting locations and the quality of the beam light tells the machine if a mark is present or not. Optical Scan method is very easy and convenient to the users and also adopted in many countries. Optical scan voting system can be set in such a way that voter will see a little difference with the traditional voting system. Its major advantages and disadvantages are discussed below:
2.2.4.1 Advantages of Optical Scan Method
1.
10 | P a g e
2. 3.
In this method voter has an option to revote. Voters need not to wait for machines to become available to mark ballot. And also submitting the ballot is very easy; paper can be submitted on either side up.
Disadvantages of Optical Scan Method
2.2.4.2
1.
2.
Ballots need to be printed and its a slow, expensive and inflexible process. There is no process in place with hand counting for those ballots that remain unreachable by the machine.
2.2.5
Punch Cards
A punch card is a piece of stiff paper which contains digital information represented by the presence or absence of the holes in predefined positions. Punch cards were the first method for utilizing the computer and technology. They were firstly designed and used by USA in 1964. In this method voter requires to punch holes in the specific location on the paper ballot to cast his/her vote. The ballot is then inserted into a machine (punch card reader) and records the vote.
2.3
In remote voting method voter cast his/her vote from a remote location either from his/her home or office. Remote voting method includes remote internet voting method and absentee (postal) ballot method. We will discuss here only the remote internet voting (RIV) method in detail. In RIV method internet is the back bone of the system. RIV is very different from other evoting because voter can use general purpose computer for voting instead of specially designed expensive system like DRE. In this system Votes are collected at central location and need not to carry votes from every polling station manually. RIV method gives the voter more convenience and flexibility for voting that is he/she can vote at anytime from anywhere in the specified election days whenever he/she is free.
11 | P a g e
2.3 System
To achieve good democracy we need to secure our voting process. To do so we must have many available options. A comparative study of such common systems is discussed below:
2.3.1 Advantages of Manual System over E-Voting Systems
Most of the democratic countries use the manual voting system that is paper-based voting system. The advantages of this system are discussed below: 1. All voters use an identical ballot
In paper-based voting all voters use the identical ballot. Therefore votes at polling station and by postal can be counted by using same kind of equipment (machine). 2. System cost is very low
It is very inexpensive system and is easily affordable for poor countries like Pakistan. No special expensive equipments are used in this system. 3. Paper ballots are easily understood by voters
Using paper ballot for voting is the easiest way to cast a vote. Any voter can cast his/her voter without having any prior qualification. 4. Paper ballots are inherently voter verified
It is because the vote is marked directly by the voter himself/herself and put in ballot box physically with his/her own hands, therefore this improves the confidence of the voter on voting process. 5. Paper ballots allow each voter to vote only once
12 | P a g e
Each voter is given a single paper ballot which is marked by the user on the basis of national identity card. 6. Conflicts between electronic ballots and paper ballots are eliminated
In this system there are only paper-based votes i.e. paper ballots can be counted without any mix-up and confusion. 7. Paper ballot system easily accommodates additional voters at low cost
In paper ballot system only one marking device or marking pen is required in a polling station if some additional polling stations are required immediately. But with other systems, like DRE, this is not possible at such low cost. 8. No threat of vote loss due to equipment failure
Paper based voting is safe in a sense that there is no hardware or software component whose failure can cause the damage to the valuable votes. Like in the case of DRE system, DRE,s have batteries associated with them which should be powered up during election day and there is a chance that the machine can crash and if this happens then all the votes will be damaged/lost. 9. It is the most transparent electoral system.
As long as transparency is concerned it is the most transparent system among all the systems as vote is cast by the voter himself/herself. In other systems like DREs and Remote Internet Voting transparency is a big issue so far. 10. Voter privacy
All votes are pure anonymous as there is no link between the vote and the voter after the vote has been cast.
2.3.2 Disadvantages of Manual System as compared to E-voting Systems
Although majority of the countries use manual voting system and it is very easy to run but it also have many advantages which are discuss below: 1. Paper-based electoral system is very inefficient
Paper-based voting system is very slow and needs days to manipulate votes to announce result. It is because all work is done via hand so it requires enough time to finish. 2. Requirement of huge staff and large number of polling stations
To run this system huge staff and large number of polling station are required especially for a populated country like Pakistan. 3. Paper-based system is not fault proof
As, all work is done by humans so there is a chance of human error in counting the votes. 4. Non convenience for overseas
13 | P a g e
For overseas this system is very inconvenient. First the election authority has to send the absentee ballots to them and then they fill these and send these ballots back to them. Most of them receive after time and discarded thus a lot of valuable votes are vanished in this way and thus turnover ratio is reduced. 5. Many voters reluctant to spare time to cast their vote
In a populated country like Pakistan long lines are seen during the polling day and large number of voters does not want to waste their valuable time just for lining up thus many of the voters does not use their voting right. It is not a healthy sign for the democracy. System should be designed to increase the turnout to support democracy rather than decreasing it. So far we have seen almost all the possible methods for voting process but we will focus upon the Internet-Voting only in detail. Internet Voting is a very crucial option for voting as it involves so many security risks. Also it is very difficult to maintain the vote secrecy and voter privacy. So this kind of voting option can result in a corrupt democracy. But keeping in view all these threats that Internet Voting has, many countries have implemented Internet Voting for their voting process for example Estonia, Switzerland, Canada, Austria, USA etc.
2.4
Many countries have already implemented Internet-Voting method for their election process. One of the major reasons of their implementation of I-voting system is to increase the turnover of votes by providing a convenient and easy way to vote for election process. Some of these countries implemented this system partially that is for their some of the states and some implemented fully. One common thing which is observed in all these countries is that while they implemented Internet-Voting they also allowed paper-based voting. Usually I-Voting lasts about 3-weeks before the election-day and just before the election-day the I-Voting is closed and then the manual (traditional) voting system starts. But we have found RIV as the best solution of our problem. Many countries have already implemented Internet-Voting method for their election process. One of the major reasons of their implementation of I-voting system is to increase the turnover of votes by providing a convenient and easy way to vote for election process. We have studied the system of the countries (Estonia and Switzerland) that have deployed Internet Voting System in their voting process. Estonia is one of the countries that have Internet Voting System as their voting process.
2.4.1
Estonia
Estonia is a country whose population is 1.35 million. More than 54% of the population uses internet every day. Estonias Internet Voting system is based upon some basic principles and
14 | P a g e
they tried to follow all the major principle for paper based voting. Some major principle which paper-based kept in view in the implementation of the new system is given below: All major principles of paper paper-voting are followed. Internet Voting has been introduced as advance polling that is Internet Voting is allowed before the Voting Day. The user uses ID-card (smart card) also called e-card for his/her ID card e authentication for voting process. System authenticates the user based on the e-card. e Voter confirms his his/her choice with digital signature. Voter can revote, only the last vote is considered in the vote counting process. Voter can also cast his/her vote via paper and if so then the e-vote is discarded. Voting System of Estonia is basically dependent on the Smart Card. Therefore in the following picture main features of the Smart Card are shown.
To cast vote, voter must register him/herself in Central Population Register (CPR). The voters registered with the CPR are eligible to vote. Then to cast vote using Internet Voting System, a voter must have a Smart Card with Smart Card Reader, a Computer and Internet Connection. User needs to open the site to cast the vote. When site is opened, voter must enter his/her site smart card into smart card reader. After the Pin confirmation, smart card is ready to use. Credentials of the voter are sent to the server for authenticity. If user is valid, he/she can select any candidate. Vote of the user is encrypted by the public key of the voter and is digitally signed by the smart card of the user. At the web server, both digital signature and the encrypted vote are separated to maintain the anonymity. When the vote is cast by the voter, a mess message of
15 | P a g e
confirmation is displayed on the user screen to give him/her satisfaction that his/her vote have been cast and has been counted. But at the server side, at the end of the voting process, all votes are collected, sorted, eligibility is checked, duplications are removed, digital signs are removed from the encrypted votes and at the end they are taken to the Vote Counting Application which counts the votes and gives the result. Architecture Diagram of the Estonias System is shown below:
2.5
From last 10 years, Internet-voting (I-voting) has been moved from the field of fundamental research to practical application. The European Convention on Human Rights emphasizes that votes should remain secret and also the privacy of the voter should be granted. But unfortunately this is not being done so easily because it is almost impossible to secure each persons computer during the election time. Family voting cannot be prevented and vote buying and selling could be a major threat for democracy. Also, we the voters computer can be infected that is it can contain viruses or Trojan horses. Therefore, it cannot be insured that the vote going to the voting server is the one chosen by the voter. Peoples motivation to vote is decreasing continuously. In most countries people are not willing to vote for example in Switzerland the turnout at the polls is constantly decreasing. As it was 80% in 1919 and about 45% in 2003. Almost all other Western Countries have the same situation. Now they think that the voting system should be change and made modernized and convenience to the voters should be given, especially for youth to increase the turnout ratio. One of the major reasons to support internet voting for voters is to increase the voters turnout to improve the democracy but the voters are reluctant to adopt this new system as
16 | P a g e
in traditional systems they can verify their ballot is taking into account but now in this system there is no mean to confirm that his/her vote is actually counted. Thus to improve democracy and the voters confidence on the new system the administration should provide at least such verification. There should be verification mechanisms by which a voter can verify his/her vote and he/she should be confident that the program he/she is using is working as it is supposed to be.
2.6
Our project is beneficial for overseas voters and later for the voters inside Pakistan. It is also beneficial for Pakistan. Because more people participate in voting process, right people will be elected and better will be the Govt. for next tenure resulting in progress of Pakistan. So far there are only few of the countries who actually have tried to make an Internet Voting System for their people. So, our system will be flexible enough so that it could be customized and deployed for any country according to their needs so we can sell out our system for other countries also. Thus this is a product which will not only create a value for each and every citizen of the Pakistan by making its voting process easy and convenient but also the other nations too. Our project also can be used for internet voting system for an organization. So it is very dynamic and useful project.
2.7
Key Words:
Smart Card: Smart Card or Integrated Circuit Card is a plastic card containing a microprocessor that enables the holder to perform operations requiring data that is stored in the microprocessor; typically used to perform financial transactions. Smart cards may also provide strong security authentication for single sign-on within large organizations. It has two categories 1. 2. Memory Cards: It has non-volatile memory storage components. Microprocessor Cards: It has volatile memory storage and microprocessor components. Voters application (VA): It is an application at the client side which encrypts the credentials of voter and vote of the voter at the client side and signs the encrypted vote. Voters application operates in the voters computer.
17 | P a g e
Vote-Forwarding server (VFS): It is a server, authenticating the voter by means of the ID card and supplies voters with the application and supporting data, receives given votes and transfers them to the VSS. VFS also acts as a Web server. Vote storage server (VSS): It is a server which stores the votes given by the voters and enables to sort, delete and forward them to the VCA. Vote counting application (VCA): It is a separate application which sums up digitally unsigned e-votes and delivers the results of the e-voting. The computer running the VCA is called VCA server. Audit System: It is a Component of the Central System dealing with gathering audit data and working with audit application. Database: It is a central Database which has list of eligible voters. Time-stamping service: It is a service which keeps track of the each vote. That is when the vote was cast by which user. This track is kept as the reference for the future, so that any dispute, if it comes, can be solved. Digital Signature: It is A digital code that can be attached to an electronically transmitted message that uniquely identifies the sender.6The message which is being sent is passed from the hash function and the result is called Digital Signature. This result is appended with the message and is transmitted over the network. At the receivers end, the digital signature is removed and the rest of the message is again passed from the hash function. The result achieved from this process is again compared with the digital signature. If both are same, then data is not changed while it was on the network.
18 | P a g e
Digital Certificate: A Digital Certificate is a defined data structure with a Digital Signature. The data represents who owns the certificate, who signed the certificate. It also has public key and the validity of the certificate with the serial number and other relevant information.
Certification Authority(CA): A certification authority (CA) is an authority in a network that issues and manages security credentials and public keys for message encryption.7 Secure Socket Layer (SSL): The Secure Sockets Layer (SSL) is a commonly-used protocol. It manages the security of a message transmitted on the Internet. SSL uses a program layer which is located between HTTP and TCP
7
19 | P a g e
layers. It uses Public-Private key encryption system from RSA including digital certificates to increase the security. ActiveX: ActiveX is a framework for defining reusable software components in a programming language independent way.8 These reusable components can also be combined to perform certain tasks. However each component can perform its task independently. These are mainly supported by the Windows. But it also has gain support in Linux. It is also supported by Netscape, Mozilla and other browsers. One just needs to download its Plugin for respective browser. ActiveX controls: Active controls are small programs which are used to create distributed applications.
20 | P a g e
3.1
Main Principles
All major principles of paper-voting are followed. Internet Voting has been introduced as a concept of advance polling that is Internet Voting is allowed before the Voting Day. The user uses ID-card (smart card) also called e-card for his/her authentication for voting process. System authenticates the user based on the e-card. Voter can revote, only the last vote is considered in the vote counting process.
For the proper working of the system every voter who wants to cast his/her vote via internet must have an e-card, a computer and the computer must be connected to the internet. Basically these are the assumptions we are taking.
3.2
Major Assumptions
21 | P a g e
There are some pre-voting processes for the internet voting which are completed before the voting day. These processes are necessary and should be completed because without these processes internet voting is not possible. These are given below:
At the vote count the voter's digital signature is removed and at the final stage the members of the National Electoral Committee can open the anonymous I-Votes and count them.
3.3
Security is insured by public-private key concept. System generates public private key pairs. All the votes are encrypted at the voters end by their (system) public keys and they are decrypted at the server by the systems private keys. The encryption at the voters end is the responsibility of the voters application which resides at the voters computer. To have a better understanding of this scheme let us look it as Envelope Scheme:
22 | P a g e
Voters application encrypts the votes by the systems public key and the vote is then signed by the smart card. In the above figure pink envelope represents encrypted votes and the yellow envelope represents the digital signature or in other words the voters identity. Now after the signing-of the votes, all votes are collected at a central location. Here few important processing is performed: All the votes are Collected All the votes are Sorted Voters eligibility is verified Duplicate votes are discarded And envelopes are separated from each other, that is digital signatures are removed from the encrypted votes.
Pink envelopes (encrypted votes) are sent to the administration for counting; the administration enables the private key, decrypts the votes and counts them. Yellow envelopes (voters list) are sent to another location and at the end of the internet voting period this list is printed and is sent to the paper-based voting stations just to avoid the double votes. Voters privacy is ensured in this system as before counting the votes there is no link between the voter and vote. At the vote counting end all the received votes are totally anonymous and no one can figure out that who votes for whom.
23 | P a g e
3.4
Architecture:
First of all user will get his/her smart card from the smart card issuing authority, say NADRA. The card issuing authority will be an independent third party. When the user receives his/her smart card for voting, the smart card will contain all the necessary certificates signed by the CA (Certification Authority). Now currently there is no CA as an entity in the system rather we are assuming that the certificates loaded in the smart card are signed by external entity CA and also our web server will have the CA s certificates in its repository which is used for the user authentication.
NADRA
User will enter the URL to open the voting website.A secure connection between Web server and users Web Browser is established using SSL Protocol. Web Browser will get the Web Server certificates to verify that it is the intended web server. This will prevent Man in the middle attack.
24 | P a g e
Web Browser
HTTPS
Web Server
User will insert his/her smart card in a smartcard reader and will connect it to the computer. To cast vote user will be asked to download an application stored on the web server. When user will run JAVA application(Client Application), this will ask for PIN of smart card, to verify the user.
Verify PIN
SC
Voter App
After the user has verified him/herself with the smart card, this JAVA applicationwill fetch certificates of voter stored in the smart card to make a secure connection between user and Vote Storage Server(VSS), and will exchange these certificates using FIPS196. In FIPS196, both the client( Voter ) and server(VSS) exchange their certificates with each other, and verify each other. This protocol is used to prevent the user from "Masquerading Attacks".
SC
Voter App
VSS FIPS196
VSS will then perform the following two actions: 1. Validate the users certificates with the certificates of the CA which will present in the VSSs repository.
25 | P a g e
2. Check that weathers the user is a valid voter by checking DN (Distinguish Name) from the IDMS (Identity Management Server). IDMS will have the entire valid voters list.
VSS
IDMS
After the user has been verified, the candidate list of the candidates in the voters area is shown in the client application. This list of candidates is sent by the VSS.
VSS
Then user will select a desired candidate and then will cast vote. Voter application will encrypt the vote and will send to the smart card. Smart card will sign the vote with its private key and hand it over to the java application. Java application will send the encrypted and signed vote to the VSS, which will remove users sign and will store the vote in its Database.
SC
Voter App
Candidate List
VSS
Voters privacy is ensured here as VSS will remove the voters signature in this point and then this sign will be sent, which represents the voters, to a different database and the encrypted data, which represents the votes, to another database. After this step the correspondence between voter and the vote will not be made.
26 | P a g e
VSS
Voter's Sign
Vote
Encrypted Votes
At the end of voting period, the encrypted votes will be sent to Vote Counting Server(VCS), which will decrypt the votes by using its private key and will count the votes and will produce a report.
27 | P a g e
3.5
Flow Chart:
28 | P a g e
Hardware used is: Smart card reader Precise Biometric 250 Java Compliance smart card (64K, 8bit)
29 | P a g e
4.2
Components
Key components of the system are: Voter Application Smart Card and Smart Card Application Server Application Admin Application Vote Counting Application Certification Authority (In this version, we are using Java keystores and self signed CA,s certificates)
4.3
Classes
4.3.1 Voter Applications:
Verif y Certif icate PersonalInf o image Liv ingCountry expiry Date birthPlace PersonalInf o( ) getFacialImage( ) getFirstName( ) display ( ) RemoteAuthentication cert certData clientSocket NID serv erRand md channel serv erHash serv erCertData key RemoteAuthentication( ) getPK( ) getCertLength( ) getCertif icate( ) connectToServ er( ) v erif y User( ) getCNIC( ) getPreparedData( ) sendToServ er( ) receiv eHelloReply ( ) sendHashCert( ) receiv eHashCert( ) getCertHash( ) getSenderId( ) encry ptHash( ) v erif y ( ) sendRand( ) getCandidateList( ) Encry ptVote channel areaNo encry ptedVote_env elop encry ptedVote digitalSign_env elop packet Encry ptVote( ) prepareEnv elop( ) getEncry ptVote( ) getAreaNo( ) getSignData( ) v erif y Certif icate( ) ProgressThread animate( ) Key getPriv ateKEy ( ) getPublicKey ( )
CardAuthentication terminals terminal f actory card rAPDU channel resetAll( ) getCardChannel( ) getTerminals( ) connectToTerminal( ) connectToCard( ) selectAppletAPDUs( ) doPinVerf icaton( ) v erif y PIN( ) getRemainingTries( ) v erif y InputKey Formate( ) remoteVerif icationStart( )
RemoteThread RemoteThread( )
VoterApplication personalInf o_MenuItemActionPerf ormed( ) more_PIN_LabelMouseClicked( ) jMenuItem1ActionPerf ormed( ) CandidateList table_rows cand_inf o selected Utility reset( ) papolate( ) setList( ) getVoteSy mbal( ) ShowCardAuthentication ShowPersonalInf o
30 | P a g e
31 | P a g e
utility conv ertHex ToString( ) by teArray ToHexString( ) getRandomNumber( ) intToBy teArray ( ) by teArray ToInt( )
Reques tHandler caCertif icate v otingCert md clientID serv erID randNo clientRandomN o clientHash certData serv erH ash cipher RequestHandler( ) getNId( ) run( ) receiv eHelloMessage( ) receiv eHashCert( ) reply H elloMess age( ) getClientID( ) getClientRand( ) getCertHash( ) v erif y ( ) generateHas h( ) getRand( ) sendHashCert( ) getPreparedData( ) encry ptHash( ) getPK( ) sendCandidateList( ) receiv eEnv elope( ) getCaPK( )
Serv er connectionSocket : ty pe = initv al welcomeSocket : ty pe CaPublic Key : ty pe key store : ty pe userCertif icate : ty pe getCaPublicKey ( ) getKey store( ) setCaCertif icate( ) startServ er( ) openKey Store( )
DBClass getConnection( )
32 | P a g e
When user will download the Voter Application and executes it, it will get the following main screen: After selecting the terminal (card reader), application will ask the user to insert his/her PIN code.
33 | P a g e
Figure 1
Figure 2
34 | P a g e
Figure 3
In case of wrong PIN entry voter application will display the following error message on the
35 | P a g e
screen:
Figure 4
If voter will enters a valid PIN code then application will show the progress screen as shown below:
36 | P a g e
Figure 5
Application will reads the voters credentials from smart card and sends to the server. If server validates the voter then it sends the list of candidates corresponding to the voter.
37 | P a g e
Figure 6
When user clicks on the vote button, the application will ask for confirmation:
38 | P a g e
Figure 7
If voter will select yes and vote is casted successfully a message will be displayed on the casted application:
39 | P a g e
Figure 8
And in any stage if the connection between the voters computer and the server will terminates then system will show the appropriate error message like:
40 | P a g e
Figure 9
41 | P a g e
42 | P a g e
43 | P a g e
6.2 Recommendations
The objective of the project was achieved: to develop and implement a secure internet based voting system. To practice the system in low resourced countries, additional works have to be done. Appropriate sets of legislations must make by the concerned country to ensure results from the system are usable and trusted. Secondly, the overall systems security must be enhanced to address known vulnerabilities. The population needs also to be educated on how to use the computer-based voting application.
44 | P a g e
References
1. http://www.prb.org/pdf10/10wpds_eng.pdf,
http://www.trueknowledge.com/q/population_of_pakistan_2011
2. 3. 4. 5.
http://en.wikipedia.org/wiki/Voting_age#P
http://en.wikipedia.org/wiki/List_of_political_parties_in_Pakistan
http://www.overseaspakistanis.net/node/17
http://www.overseaspakistanis.net/node/19,http://en.wikipedia.org/wiki/Pakistani_diaspor a
6. http://www.google.com.pk/url?sa=t&source=web&cd=2&ved=0CB4QFjAB&url=http% 3A%2F%2Fwww.researchcollective.org%2FDocuments%2FHerald_March_2008_Articl e_1.pdf&ei=LvJpTYDoG4fIrQfWuI3DCw&usg=AFQjCNHXrXcTL1SWFOMYXyOawNi6h4 XpVg 7. http://www.webopedia.com/TERM/D/digital_signature.html 8. http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci213831,00.html 9. http://en.wikipedia.org/wiki/ActiveX 10. http://en.wikipedia.org/wiki/Estonia 11. http://www.id.ee/public/The_Estonian_ID_Card_and_Digital_Signature_Concept.pdf 12. http://www.google.com.pk/url?sa=t&source=web&cd=4&ved=0CCEQFjAD&url=http %3A%2F%2Fsiteresources.worldbank.org%2FEXTEDEVELOPMENT%2FResources%2F Martens_Estonia.ppt&rct=j&q=estonia%20envelope%20scheme&ei=k4JzTLPsC43Wv QOqiqHyBQ&usg=AFQjCNG3E0xBdGqeXoFd4IR-qzjRSX-2bg&cad=rja 13. http://www.valimised.ee/windows.html 14. http://www.vvk.ee/public/dok/e-voting_security.pdf 15. http://en.wikipedia.org/wiki/Smart_card 1. Java Card Technology for Smart Cards: Architecture and Programmer's Guide Author: Zhiqun Chen
Source: SEECS Libray 16. http://forums.oracle.com/forums/forum.jspa?forumID=991 17. http://www.ecp.gov.pk/content/ERSYS.html 18. http://en.wikipedia.org/wiki/E-democracy 19. Implementing electronic voting in the UK http://www.communities.gov.uk/index.asp?id=1133596 20. Electronic voting and counting http://www.elections.act.gov.au/Elecvote.html 21. How E-Voting Threatens Democracy http://www.wired.com/politics/security/news/2004/03/62790 22. Literacy in Pakistan http://pakistantimes.net/2004/07/15/national4.htm 23. http://download.oracle.com/javase/6/docs/api/java/security/spec/RSAPublicKeySpec.html 24. Digital Certificate DER Encoding http://homepages.dcc.ufmg.br/~coelho/nm/asn.1.intro.pdf 45 | P a g e
46 | P a g e
Appendix-1: Generating Self Signed Certificates In IVSOP project we need CAs root certificate which could sign users certificate. To generate CA certificate we are using OpenSSL and by using keytool we can further configure the keystore properties. The problem I faced during certificate generation is that certificate is generation successfully but when we certificate add it to the keystore then by default its private key is not added. So we have to do this task explicitly. I am saying that it is problem as keytool does not have option of moving private key of a certficate into keysore. To solve this problem I had to convert (export) the private key and certificate into PKS 12 formate, and then by using keytool I had imported it into JKS formate. The whole procudure is shown below: Step-1: Generatekeys using openssl.
>>openssl ssl
genrsa
-des3
-out out
server.key
1024
47 | P a g e
>>openssl rsa -in server.key.org -out server.key >>openssl x509 -req -days 365 -in server.csr signkey server.key -out server.crt
48 | P a g e
Step-3:Now export into PKS 12 formate >>openssl pkcs12 -export -in server.crt -inkey server.key -certfile server.crt -name IVOSP out keystore.p12
Step-4: Import it back to JKS formate >>keytool -importkeystore -srckeystore keystore.p12 -srcstoretype pkcs12 -destkeystore keystore.jks -deststoretype JKS
49 | P a g e
Appendix-2: SSL Configuration with WAMP Server Requirements: Installed and properly functioning WAMP server (PHP5, Apache, MySql).
Note: The configuration is tested with: wamp server version: 2.0 Apache verison: 2.2.11 PHP version: 5.3.0
Steps: For Localhost: To configure WAMP+SSL on localhost, we have to perform the following steps: Step-01
Create SSL Certificate and Key
i.
First of all you have to reach the the bin directory of Apache server, which is by default installed when you install WAMP Server.
50 | P a g e
ii.
Create a server private key with 1024 bits encryption. You should enter this command without quotes: openssl genrsa -des3 -out server.key 1024
iii.
It'll ask you to enter a pass phrase(password), just enter any password you like.
iv.
Remove the pass phrase from the RSA private key (while keeping a backup copy of the original file). Enter this command without quotes:
copy server.key server.key.org
and then enter the following. It'll ask you the pass phrase, just type it.
openssl rsa -in server.key.org -out server.key
51 | P a g e
Note: There is a warning here, please do not be confused with this. We will set the path of apache config file in the later command which will fix the problem at all.
A. Create a self-signed Certificate Create a self-signed Certificate (X509 structure) with the RSA key you just created. Enter the command:
openssl req -new -x509 -nodes -sha1 -days 365 -key server.key -out server.crt -config C:\wamp\bin\apache\apache2.2.8\conf\openssl.cnf
52 | P a g e
After this command he program will ask you to enter the necessary information needed for the certificate formation. You have to fill this information and your name means that your server name, which here is local host. The result will be look like this,
Note: You might combine above steps into one step by using this command, no quotes: "openssl req -new -x509 -nodes -out server.crt -keyout server.key" if you have trouble following through.
B. Creating a real Certificate that is CA compliant To create a real SSL server certificate create a server RSA private key for your Apache server (Triple-DES encrypted and PEM formatted): Type command:
53 | P a g e
You might keep the backup of server private key in a maximum secure place and guard it well (e.g your digital wallet). Create a Certificate Signing Request (CSR) for public (output will be PEM formatted). A CSR is a file containing your certificate application information, including your Public Key. Generate your CSR and then copy and paste the CSR file into the webform in the enrollment process at your certificate authority website: Type the command:
openssl req -new -key server.key -out server.csr config C:\wamp\bin\apache\apache2.2.8\conf\openssl.cnf
You will now be asked to enter details to be entered into your CSR. What you are about to enter is what is called a Distinguished Name or a DN. For some fields there will be a default value, If you enter '.', the field will be left blank. Use the name of the webserver as Common Name (CN). If the domain name (Common Name) is mydomain.com append the domain to the hostname (use the fully qualified domain name). Depending on a specific certifying authority (CA) you might have to enter the details as specified by them. Normally, the CA authority will provide specific instructions for you. C. Now all you have to do is sending this Certificate Signing Request (CSR) to a Certifying Authority (CA) to be signed. A trusted CA means all major web browsers recognize it without giving you a warning when you install your CA-signed SSL certificate on your webserver. Once the CSR has been openssl x509 -noout -text -in server.crt.
54 | P a g e
signed, you will have a REAL Certificate, which can be used by Apache. You can have a CSR signed by a commercial CA (fees are required). Then they will send you the signed certificate which you can store in a server.crt file. Once, your CSR certificate has been signed and returned to you, you can view the details by using this command:
55 | P a g e
56 | P a g e
i. In the conf folder of apache2.2.11 folder, create two folders named as ssl.key and ssl.crt ii. Copy the server.key file to ssl.key folder and server.crt file to ssl.key and ssl.crt folders from the /bin directory of apache Step-03: Edit the httpd.conf file and php.ini i. In httpd.conf file, remove the comment '#' at the line which says: LoadModule ssl_module modules/mod_ssl.so
ii. In httpd.conf, remove the comment '#' at the line which says: Include conf/extra/httpd_ssl.conf Then move that line after this block <IfModule ssl_module>.... </IfModule> iii. Open the php.ini file located in apache2.2....\bin folder, remove the comment ';' at the line which says: Extension=php_openssl.dll
57 | P a g e
Step-04 Edit the httpd_ssl.conf file in the folder name, extra i. Find the line which says "SSLMutex...." and change it to "SSLMutex default" without quotes ii. Find the line which says: <VirtualHost _default_:443>. Right after it, change the line which says "DocumentRoot ..." to DocumentRoot "C:/wamp/www/" with quotes. Change the line "ErrorLog...." to Errorlog logs/sslerror_log. Change the line "TransferLog ...." to TransferLog logs/sslaccess_log. iii. SSL crt file: Change the line "SSLCertificateFile ...." to SSLCertificateFile "conf/ssl.crt/server.crt" iv. SSL key file: Change the line "SSLCertificateKeyFile ...." to SSLCertificateKeyFile "conf/ssl.key/server.key" v. Change the line which says: <Directory "C:/Program Files/Apache Software Foundation/Apache2.2/cgi-bin">or something similar to <Directory "C:/wamp/www/">and add the following lines inside those <Directory ... >...</Directory> tags: Options Indexes FollowSymLinks MultiViews AllowOverride All Order allow,deny allow from all iv. Make sure the line CustomLog "logs/ssl_request_log" \ is uncommented (remove the #). Step-05
Check the systex: enter httpd -t In the previous DOS Command (means in the /bin directory of the apache)windows, enter httpd
58 | P a g e
-t . If it displays Syntax is OK, then go to Step 6. If not, then correct the wrong syntax and redo step 5.
Restart the WAMP Server in order to reflect the changes you have applied so far. If restart fails then please repeat the steps again and try to find the error you have done. Step-07 Restart the Apache server, and Browse HTTPS
If restart is successful, then open the browser and enter "[localhost"]; without quotes.
______________________________________________________________________________ ____________
59 | P a g e
If you want to allow world wide web access to your HTTPS secure server, then in the httpd_ssl.conf file, change the line which says 'ServerName localhost:443' to 'ServerName www.yourwebsitename.com:443' without quotes. yourwebsitename is your registered internet domain name. If you don't have it, then just use your WAN IP address. For example 'ServerName 99.238.53.105:443'. Make sure these setups are correct to allow outside access to secured www server. i. The DocumentRoot should points to the correct website folder on your
computer. ii. If your computer's connected to the router, setup the router to allow port 443 forwarding to your
60 | P a g e
computer. iii. If your computer has a firewall enabled or behind a network firewall, set up the firewall to allow incoming port 443 connection. References: http://www.wampserver.com/phorum/read.php?2,32986,page=1 Appendix-3: Code Snaps Following function is used to get the totals terminals connected with the computer,
/**************************************************************************** ********/ //function to get the terminals list publicvoid getTerminals() { try { // Display the list of terminals factory = TerminalFactory.getDefault(); terminals = factory.terminals().list(); System.out.println("Terminals: " + terminals); } catch(Exception exception) { System.out.println("Error, could not get card reader(s)"+" "+exception.getMessage()); } } /**************************************************************************** ********/
To get the public key of the user from the smart card following function is doing its job,
/**************************************************************************** ********/ publicbyte[] getPublicKey() { byte mod[] = null; try { channel = card.getBasicChannel(); byte[] getPublicKeyModCommand = { (byte) 0x08, (byte) 0x31, (byte) 0x00, (byte) 0x00, (byte) 0x00 }; byte[] getPublicKeyExpCommand = { (byte) 0x08, (byte) 0x30, (byte) 0x00, (byte) 0x00, (byte) 0x00 }; rAPDU CommandAPDU(getPublicKeyModCommand)); = channel.transmit(new
61 | P a g e
if (rAPDU.getSW() != 0x9000) { System.out.println("Could not get the modulus"); } if (rAPDU.getSW() == 0x9000) { // System.out.println("modulus getting from is:"); mod = rAPDU.getData(); modulus = new BigInteger(rAPDU.getData()); // arrayPrint(rAPDU.getData()); }
card
rAPDU = channel.transmit(new CommandAPDU(getPublicKeyExpCommand)); if (rAPDU.getSW() != 0x9000) { System.out.println("Could not get exp"); } System.out.println(); if (rAPDU.getSW() == 0x9000) { exponent = new BigInteger(rAPDU.getData()); // System.out.println("Exponent is :"+exponent); // arrayPrint(rAPDU.getData()); } } catch (Exception exception) { exception.printStackTrace(); } return mod; } /********************************************************************** ***************/
To connect with the java keystore we are using the following key function,
/********************************************************************** ***************/ publicvoid getKeyStore() { try { String keystoreFilename = "D:\\keystore\\keystore.jks"; file = new File(keystoreFilename); password = "keystore".toCharArray(); alias = "my certificate"; fIn = new FileInputStream(keystoreFilename); keystore = KeyStore.getInstance("JKS"); keystore.load(fIn, password); } catch (Exception exception) { exception.printStackTrace(); } }
62 | P a g e
/********************************************************************** ***************/
The most difficult part of the code called chaining is handled by the following function:
/********************************************************************** ***************/
publicvoid send(int cla, int ins, int p1, int p2, byte[] data, int le) { try { byte[] buffer = newbyte[261]; // 5 byte header 255 byte data 1 byte // Le int totalSent = 0; int totalLength = data.length; int remain = totalLength; while (remain > 0) { // set the header buffer[0] = (byte) (cla & 0xff); buffer[1] = (byte) (ins & 0xff); buffer[2] = (byte) (p1 & 0xff); buffer[3] = (byte) (p2 & 0xff); int send = (remain >MAX_APDU_LENGTH) MAX_APDU_LENGTH : remain; remain -= send; // take this many byte off the total left buffer[4] = (byte) (send & 0xff); System.arraycopy(data, totalSent, buffer, 5, send); int apduSize = 5 + send; // check if this is the last APDU if (remain == 0) { buffer[0] = (byte) 0x00; // last one so add the le if not -1 if (le != -1) { buffer[send + 5] = (byte) (le & 0xff); apduSize++; } } else { buffer[0] = (byte) 0x10; } ResponseAPDU CommandAPDU( buffer, 0, apduSize)); System.out.println("TOTAL SENT: " + totalSent + ": This this time: " + send response :" + Integer.toHexString(response.getSW())); response = channel.transmit(new
"
63 | P a g e
totalSent += send; if (response.getSW() != 0x9000) { System.out.println("could not card: " + response.getSW() + "::" + Integer.toHexString(response.getSW())); } if (response.getSW() == 0x9000) { // System.out.println("cert is store"); } } } catch (Exception exception) { exception.printStackTrace(); System.out.println("Could not send cert to SC, exception is: " + exception); } }
store
cert
to
the
/********************************************************************** ***************/
User Facial image is being store with the help of following function,
/********************************************************************** ***************/ publicvoid loadFacialImage() { try { InputStream fis = newFileInputStream("images.jpg"); byte[] buffer = newbyte[fis.available()]; fis.read(buffer); System.out.println("size of the image is: " + buffer.length); int cla = 0x00; int ins = 0xDA; int p1 = 0x01; int p2 = 0x02; // instruction to tell the applet that image data is // coming in this command // System.out.println("CA certificate from key store is: \n"+cert); System.out.println("\nCA certificate Endoding before sending: \n"); arrayPrint(buffer); System.out.println("\ntotal size of the facial image is: " + buffer.length); int le = 0x00; send(cla, ins, p1, p2, buffer, le); } catch (Exception ex) { ex.printStackTrace(); } }
64 | P a g e
/********************************************************************** ***************/
The End
65 | P a g e