Nowadays, one of the most important government services such as elections has become a severe pressure on people (candidates and voters) involved in the process due to several constraints. Voting is an efficient method for the public to express their opinion about a given topic or issue. In other words, voting is the key to democracy. The traditional election is normally held under the supervision of the government, which ensures the right administration of acknowledged electoral practices, and also that only eligible voters are permitted to join the election process avoiding any kind of forgery and the attempts of bogus voting. One of the most famous violations of any government is vote buying, which is too difficult to control. In addition, the process of human supervision over the election process requires a lot of efforts and money in order to achieve the desired level of privacy, security and trust. Moreover, when the election process is completed, another problem that surfaces is of vote checking and counting. These require great efforts that are supposed to be exerted by humans and no single mistake is accepted during this process. This phase of the election is considered as a time consuming process and its accuracy is always mistrusted. These drawbacks enforce the people to think about another voting system that could overcome such problems. e-Voting systems seem to be the solution to overcome the weakness in traditional voting systems.
Spurred by the rapid usage of computers in the internal processes of day-to-day governance, the Egyptian Government is efforting to provide the first package of eDemocracy services by developing an electronic voting system, and give the much-needed fillip to e-Government in the country
The use of computer networks and modern state-of-the-art cryptography techniques to build e-Voting systems is expected to result in a voting system that would confirm the participation of only those people who have the right to vote, and are able to cast a vote emphasising that every vote cast is counted only once. In addition, the system can run in unverifiable voting mode (where the voter cannot prove his voting cast), which prevents the voters from selling their votes to candidate. An ideal e-Voting system should allow the voting process to be available on a public communication channel such as the Internet that will encourage more voters to cast their vote remotely and increase voter participation with the help of Internet voting that can be done on workdays too. Even citizens aboard can cast their votes. In general, e-Voting system can replace the obsolete traditional voting system by providing a suite of features including the privacy of the voter, the fraud detection and prevention, the security of the voting process, the ability of remote voting, and the guarantee of a fair election process. e-Voting is supposed to deliver many requirements that are needed to achieve the e-Voting system applicable over the traditional voting system. e-Voting must be easy for the beneficiaries (candidates and voters) to follow without recognising any change in the traditional system saving much time and cost. e-Voting must deliver a very high degree of security such as privacy, integrity besides accuracy to avoid the same problems faced by traditional voting by rooting them out completely. e-Voting promises to achieve the required level of security so as to be applicable to be used for holding election processes saving human effort, cost, and of course time.
e-Voting scheme components
Our online voting scheme consists of several internal and external components that interact together through the different stages of the election process (registration/ identification, votes casting, and votes counting) to provide a robust e-Voting system. Internal components (Registration Server, Privacy Server, Voting Server, and Counting Server) are those special purpose components, which we design especially to support our e-Voting system, while the external components (e-Token, Certificate Authority) are the components that already exist in our e-Government system and will interact with the internal components to complete our proposed system.
Internal Components include Registration Server (RS), Privacy Server (PS), Voting Server (VS), and Votes Counting Server (VCS). Registration Server is responsible for monitoring and controlling the first stage of the election process, which will be the registration and identification stage. The registration server allows only eligible persons to participate in the election process. Any person can participate in the election process by providing his identification data to the registration server. The registration server will be responsible to confirm the correctness of the identification data, and use it to check if the person is eligible to participate in the election according to the rules of the election authority. These rules could be some restrictions, for example the age of the person, etc. Usually different kinds of elections (local people’s council elections, president elections, etc) will have its private rules and restrictions. If the person is eligible to participate in the election the registration server will generate an electronic voting certificate to that person and send it to the person. This voting certificate will allow its holder to cast his vote, and he will use it to prove that he is an eligible voter. The registration server records the identification data of the voter and his voting certificate.
Privacy Server plays a principle role in the election process by allowing eligible voters to create an anonymous identity (anonymous voter ID) for themselves so that they can freely cast their votes. The privacy server authenticate the voter identity by confirming his election certificate, and if the voter holds a valid election certificate the privacy server will accept and validate the anonymous identity generated by the voter himself. After the privacy server validates the anonymous identity of the voter, the voter can easily use it to cast his vote with a high level of privacy and guarantee that it is impossible for any other party to trace his vote or figure his identity.
Voting Server is responsible for the second stage of the election process. The voting server manages the vote casting stage. It receives the voters’ anonymous ID validated from the privacy server, and use it to authenticate the legality of voter, but not the voter identity, which means that the voting server can only check if the voter has the right to cast a vote or not, but it will be never able to figure the real identity of the voter who cast the vote in the time of the voting or after the end of the voting session. The voting server also keeps tracking the voting process to ensure that each eligible voter will vote only once.
Votes Counting Server is responsible for the last and final stage of the election process, which is votes counting (also known as election post). The counting server collects the voting ballots,
counts the votes, and finally declares the election result.
External components include e-Token and Certificate Authority (CA). e-Token is a national public key infrastructure (National PKI) based on smart card and USB technologies. e-Token includes a full suite of security and authentication methods. Voters will use e-Token for authentication purpose in the registration stage and also to store their election certificate, and to execute other security and cryptology computing required by the e-Voting system. The use of e-Token provides a high level of security, and introduces a new feature, which is the mobility of the scheme that allows voters to cast their vote from any place and on any computer (it slides into a common USB port). Certificate Authority is responsible to confirm the person identification data received by the RS in the registration and identification stage, and to provide personal information about the voter where the RS can use this information to take a decision about the state of the voter whether he/she is eligible or not.
e-Voting scheme interactions
Different components in the scheme are interacting together in order to provide a secure modern e-Voting system that satisfies the needs of the public and democracy. The scenario of these interactions runs through three main stages — registration/identification, votes casting, and votes counting. In the Registration and Identification stage, normally the election committee would start the election process by defining the time interval for the registration phase, and start accepting people to register and participate in the election. Each person wishing to participate in the election must hold a national digital certificate assigned by the Certificate Authority and stored on his e- Token (smart USB token). A person will need to register himself in the election process on the Registration Server. The registration phase can be summarised in the following steps: A person sends his public key (the public key of his digital certificate stored on e-Token) to the registration server (RS); the RS authenticate that the person who send this public key is the real owner of the key by using challenge/response message (if the sender of the key fail to pass the challenge/ response message test, or his public key was found in the ineligible list the registration session will be ended, otherwise the session will continue to the next step). The RS contacts the CA to request the persons’ credentials; the CA replies the RS with the voters’ credentials; the RS review and check the current rules of the election process to figure weather the person is an eligible and can become a voter or not (if the person is not an eligible voter the RS end the session and records this person in the Ineligible list). The RS issues the voter a valid election certificate and records the voter as eligible registered voter in the registered list; the RS sends the voter his/her certificate (the most important information in the election certificate are the certificate serial number, unique pair of public/private keys, digital stamp of the current election, and the public key of the election committee); and, the person who becomes an eligible registered voter will store the received election certificate on his e-Token.
The beginning of the voting stage is directly after the end of the registration and identification stage. The most important process in the voting stage is the generation of the voters’ anonymous ID, which allows him/her to cast his/her vote in untraceable voting system, while at the same time the voting system guarantees that a voter can cast his/her vote only once. The voting phase continues after the registration and identification phase in the following steps: The voter using his e-Token security suite and some data found in his/her stored election certificate to generate a unique identification number, a simple process to generate this number is by encrypting the digital stamp of the election certificate by the voter private key and hashing the result with one way hash function (the digital stamp is a public information stored in each election certificate generate by the RS); the voter uses blind signature to blind his unique identification number and, sign the output with the private key of his election certificate; the voter encrypts the output of the preview step by the public key of the election committee, and sends it to the privacy server (the voter uses his election certificate to authenticate his identity to the PS); the PS decrypts the received message using the election committee private key and blindly signs the voters’ unique identification number using the election committee private key; the PS then encrypts the signed voter’s unique identification number by the voter’s election certificate public key; the PS sends the encrypted signed unique identification number to the voter, and records the voter as authentic voter so he/she can’t request another blind signature; the voter receives the blindly signed unique identification number and decrypts it using his private key and reverse the blinding signature to obtain his signed unique identification number, which he will use as his anonymous ID (now we can see that the voter hold an authentic an valid ID from the PS and in the same time no one can link his real identity to this ID); the voter contacts the voting sever, and authenticate him/herself by his/her anonymous ID; the VS check if the received anonymous ID is a valid ID, by decrypts it using the election committee private key, and if the voter is an eligible voter the VS allows him to cast his vote; and, finally the VS record the anonymous ID as a voted voter (so at most a voter can vote only once). The privacy server ensures that a voter can only get a blindly signed ID only once, and the voting server ensures that blindly signed ID can cast a vote only once.
Directly after the end of the voting stage, all the cast votes on VS in transferred through a secure communication channel to the votes counting server that will start decrypt the votes and counts the votes for the subject of the elections (candidates, proposed government law etc.), and tally the result of the election for the public.
Scheme implementation issues
The current implemented version of our secure e-Voting scheme is a prototype which is implemented by the Java technology including JDK 1.4 with Java Cryptography Architecture (JCA) and Java Cryptology Extension (JCE) libraries to support required encryption/ decryption and other security required to the e-Voting system, and Java cards to support smart card cryptology algorithms. The current version has the following limitations. First, the system uses only the following algorithms. For symmetric key encryption, we use advanced encryption standard (AES) with 128 bit key size and a modified version of AES for smart card, and the RSA for digital signature purpose, and MD5 as hashing algorithm, and D as Chum blind signature algorithm. The time performance of the system was however not taken into account. Finally, the proposed system does not cover the issue of bribe and coercion.
e-Voting systems received a great interest in the last few years as a normal result of the huge growth in electronic and digital communications. An ideal e-Voting scheme must at least meet four main characteristics —security, privacy, accuracy and mobility. The time performance of the system is also an important issue. The system should be able to serve any number of voters connected to the system in concurrent sessions with reasonable processing time for each user. In fact, there is an intrinsic need to develop a secure, anonymous, democracy, and mobility e- Voting system that could be considered as an ideal e-Voting system. Further, the success of the e-Voting system also depends on the need to work on the security suite of the system that includes different algorithms and protocols for making it more flexible. Besides, the system be modified in such a way as to provide an accepted solution to bribe and coercion problem. Finally, a real time and practical testing outside the lap for the released version of the system to report the performance and reliability of the system, would determine the success of the e-Voting system.