S ECURITY ANALYSIS OF E - VOTING SYSTEM

6.3 Security analysis of e-voting system

This section will use the following five properties to analyze the security of e-voting system:

(1) Eligibility: at registration phase, 𝑅𝑆 will verify the identity of 𝑉_𝑖, only the one who passed the identity verification can get the certificate of vote 𝐶𝑒𝑟𝑡(𝑉_𝑖).

(2) Non-repeatability: When voters vote, they need to offer their own certificate of vote 𝐶𝑒𝑟𝑡(𝑉_𝑖), 𝑅𝐶 will first test the certificate which is legal or not. If it’s legal, the storing process of ballot will be completed and mark this certificate as voted. When voters try to repeat voting, 𝑅𝐶 will refuse to repeat voting to prevent the occurrence of ballot stuffing. Under the premise that 𝑅𝐶 is semi-honest, the stored 𝐶𝑒𝑟𝑡(𝑉_𝑖) will not be tampered and faked. Therefore, when voters try to repeat voting, 𝑅𝐶 can inspect effectively and send the result to 𝑉𝑊𝑒𝑏.

(3) Rationality: Voter's ballot information is written directly into the smart contract via the voting website and related applications for access and inquiry. Anyone cannot try to tamper the ballot information because blockchain is undeniable and cannot be tampered to ensure the rationality of voting process not being destroyed.

(4) Completeness: During ballot opening phase, all voters can verify the ballot information by themselves, the ballot information stored in the server at decentralized environment can be restored to the candidate number 𝜆 which voters vote and ballot signature value ℎ(𝑐_𝜆)^𝑑. Compared with the information of

‧

ballot signature, voters can verify that if all ballots are correctly recorded. If the result is not correct, then report to the verifying process for further verification.

(5) Fairness: Because of the key pairs of voters (𝑝𝑘_𝑉𝑖, 𝑠𝑘_𝑉𝑖) were issued by 𝑅𝑆, if the

ballots were encrypted only by these keys then 𝑅𝑆 will pre-known the result of election before the opening phase.

Therefore, once after encrypting by using voter's public key 𝑝𝑘_𝑉𝑖, there exist a second encryption by using 𝑅𝐶's public key 𝑝𝑘_𝑅𝐶 to save the ballots information from decrypting by attackers then reach the goal of pre-known the result of

election.

When voter's complete the polling process, the ballot ℎ(𝑐_𝜆)^𝑑|| 𝜆 will first be encrypted by his public key 𝑝𝑘_𝑉𝑖 then save to distributed data servers via (k,n) secret-sharing. After receiving the ballots in crypto, the 𝐷𝐷𝑆 servers then encrypt the ballots again by using 𝑅𝐶's public key 𝑝𝑘_𝑅𝐶 and publish E_{𝑝𝑘𝑅𝐶}(𝑃𝐶_(𝑖,𝑘)) onto smart contract to let voters query.

Based on oblivious transfer protocol and privacy-protection cryptography, both internal and external attackers can not pre-known the result of election by decrypting the ballots or sniffing the data from servers side so that can preserve the fairness of election.

(6) Anonymity: When voter creates their personal identity, he will combine his social security number with a random number he selected to generate the only identity 𝑃𝐼𝐷_𝑖 = ℎ(𝑆𝑆𝑁_𝑉𝑖||𝑡), 1 ≤ 𝑖 ≤ 𝑛₁. No one can connect the 𝑃𝐼𝐷_𝑖 to real person 𝑉_𝑖 because he has no idea about t so that the anonymity of voters can be protected.

‧

In recent years, at the most widely known US presidential election [4], some states use e-voting system. The e-voting mechanism in the US uses Electronic Voting Machine (EVM), all voters using e-voting must personally go to polling station to vote. At first, confirm whether the voter's eligibility is valid by hand, voters who passed the identity confirmation will get a personal password which will be entered in voting machine by voters themselves. Once the voters finish the password entering, they can start to vote. Then, voters can use the information of candidates on electronic voting machine to vote, and the ballot information will store in the voting machine.

Hackers cannot attack the voting machine or tamper the ballot information via internet because the machine is offline, unless hackers install malware on voting machine. However, there are exist scrutineers beside voting machine to monitor.

Therefore, using electronic voting machine to store the ballot information is fair and safe.

Although the e-voting mechanism in the US can satisfy most of the security properties, but the utility rate is only 29% to 31%, which means the reliability of voters on

e-voting is still low. If it can let voters participate in the process of opening phase in the future, we believed that the utility rate would greatly improve.

Nair and other scholars proposed a program [7] using secret sharing scheme as the core structure of e-voting mechanism, and used secure multiparty computation to improve the efficiency at opening phase. This program converts the binary value, which is generated from the candidate number voted by voters to a decimal value, and

‧

this decimal value will become the secret value of the vote. The voting machine will scatter the secret value into five point coordinates by secret sharing, and store it on five data servers at distributed environment. After starting the opening phase, any three of the five servers will do the secret information restoration, and will get a multinomial of total votes. Take out the constant of the multinomial and convert it to binary value, the actual number of votes for each candidate can be told directly, greatly improved the efficiency at ballot opening phase.

However, this program only consider the process of voting and ballot opening with secret sharing, it does not consider the completeness and non-repeatability of ballot information in real e-voting, and it doesn’t verify the identity of voters. Therefore, it does not qualify for voting.

Although the e-voting mechanism [25] proposed by Chen and other scholars also can satisfy most of the security properties, it mainly has two defects. One is that still possible to know the result of the election in advance because the ballots only use single public key for encryption, the one who own the corresponding private key has the chance to decrypt the ballot information in advance, leads to the fairness of the election cannot be met. Another is that when getting the signature of ballot, the signer cannot confirm whether the documentation sent by voters is correct or not. If the documentation that voters sent is not relevant to election and voters try to bilk signer of the signature, the signer will still sign for the documentation and cannot resist so that it will not be able to protect the privacy of the signer

‧ 國

立 政 治 大 學

‧

N a tio na

l C h engchi U ni ve rs it y

73

Smart contract is an application using blockchain technique as core technique. The nodes on blockchain network participate in verifying and calculating to enhance the anonymity of voters, the privacy of data transmission, and the reliability and

verifiability at ballot during the opening phase. Comparison table of the study and related e-voting mechanisms are as follow.

Table 6- 1 Security properties comparison