Improving Remote Voting Security with CodeVoting

Joaquim, Rui; Ribeiro, Carlos; Ferreira, Paulo

doi:10.1007/978-3-642-12980-3_19

Cited by 10 publications

(7 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In this case, any form of security devised for the overall online voting system, finally, will be defeated by the user's PC . Accordingly, some solutions have been proposed for better security in online voting : In the first approach that is unique to electronic voting (not practical for Internet voting); voters are required to cast the ballet from a private voting booth.In the second approach , a combination of public key cryptography, smart cards, and financial transactional IC card reader (FINREAD) terminal readers are employed with the purpose of implementing a trusted computing environment within the voter's insecure system. According to financial transactional IC card reader framework, security is ensured through three components: a secure display, a secure pin pad, and a card reader authentication function .…”

Section: The Internet Voting Leading Challenge: Client‐side Insecure mentioning

confidence: 99%

See 1 more Smart Citation

A new secure Internet voting protocol using Java Card 3 technology and Java information flow concept

Mohammadpourfard

Doostari

Ghaznavi‐Ghoushchi

et al. 2014

Security Comm Networks

View full text Add to dashboard Cite

Recently, there has been a spate of interest in Internet voting systems because of advantages such as participation, efficiency, accuracy, and transparency. However, challenges for having a secure i‐voting system are considerable. Unless these systems are designed and implemented carefully, citizens might lose their trust on the whole voting process. This paper introduces a novel online voting protocol, which satisfies the desired security requirements of i‐voting as collusion resistance, fairness, coercion\bribery, and secure voting platform. Although Internet voting systems provide convenience for voters by requiring just a PC and an Internet connection, they might be subject to some drawbacks as PCs are very susceptible to malware and sophisticated attacks. To clarify, voter side insecure platform is one of the biggest challenges in Internet voting, which would breach voter's privacy and also affect the integrity of election. In this paper, we present an alternative to the voters' insecure PCs. Java Card 3 is the latest version of Java Card, which could be considered as voter's portable secure Web server. It can obtain an IP address and communicate with other network nodes with hypertext transfer protocol secure (HTTPS). Therefore, regardless of utilizing a trusted device at the client side, end‐to‐end security is guaranteed. This means that Java Card 3 can resolve challenges, which are posed by insecurity of the vote casting PC. Furthermore, to enhance the security and guarantee the confidentiality and integrity of the data, which are stored in the card during the voting process, we have used Java information flow. An implementation of this protocol is proposed on the basis of Java Card 3 servlet container and Web server technology in which the card and electoral servers communicate on a machine‐to‐machine basis. Copyright © 2014 John Wiley & Sons, Ltd.

show abstract

Section: The Internet Voting Leading Challenge: Client‐side Insecure mentioning

confidence: 99%

“…The greatest challenge for securing the entire voting protocol (process) is the insecurity of client‐side PCs that may be infected with many types of programs and malicious codes (or botnet network) . In many of the existing protocols, there is a false assumption that client systems are secure .…”

Section: Our Proposed Internet Voting Schemementioning

confidence: 99%

A new secure Internet voting protocol using Java Card 3 technology and Java information flow concept

Mohammadpourfard

Doostari

Ghaznavi‐Ghoushchi

et al. 2014

Security Comm Networks

View full text Add to dashboard Cite

show abstract

“…[JRF10,HS07,HRT10]. The central idea has also been further explored for online voting systems, such as Pretty Good Democracy (PGD [HRT10]).…”

Section: Code Voting and Pretty Good Democracymentioning

confidence: 99%

Privacy and verifiability in voting systems: Methods, developments and trends

Jonker¹,

Mauw²,

Pang³

2013

Computer Science Review

View full text Add to dashboard Cite

One of the most challenging aspects in computer-supported voting is to combine the apparently conflicting requirements of privacy and verifiability. On the one hand, privacy requires that a vote cannot be traced back from the result to a voter, while on the other hand, verifiability states that a voter can trace the effect of her vote on the result. This can be addressed using various privacy-enabling cryptographic primitives which also offer verifiability.As more and more refined voting systems were proposed, understanding of first privacy and later verifiability in voting increased, and notions of privacy as well as notions of verifiability in voting became increasingly more refined. This has culminated in a variety of verifiable systems that use cryptographic primitives to ensure specific kinds of privacy. However, the corresponding privacy and verifiability claims are not often verified independently. When they are investigated, claims have been invalidated sufficiently often to warrant a cautious approach to them.The multitude of notions, primitives and proposed solutions that claim to achieve both privacy and verifiability form an interesting but complex landscape. The purpose of this paper is to survey this landscape by providing an overview of the methods, developments and current trends regarding privacy and verifiability in voting systems.

show abstract

“…In the code sheets, candidates are assigned to random, unique codes, thus voters cast codes rather than candidates. Code voting has been extended in [16], [19], [17], [18], [20], [13], [14], [15] and [26]. The schemes in [6], [16], and [19] assume the voter to be honest in order to ensure secrecy.…”

Section: Related Workmentioning

confidence: 99%

“…The schemes in [6], [16], and [19] assume the voter to be honest in order to ensure secrecy. Other extensions of code voting, [17], [18], [20] assume a trustworthy voting-and voterspecific smart card for secrecy and integrity. All these schemes do not satisfy our security model, because one entity (either voter or smart card) can violate secrecy or integrity.…”

Section: Related Workmentioning

confidence: 99%

Pretty Understandable Democracy - A Secure and Understandable Internet Voting Scheme

Budurushi

Neumann

Olembo

et al. 2013

2013 International Conference on Availability, Reliability and Security

View full text Add to dashboard Cite

Abstract-Internet voting continues to raise interest. A large number of Internet voting schemes are available, both in use, as well as in research literature. While these schemes are all based on different security models, most of these models are not adequate for high-stake elections. Furthermore, it is not known how to evaluate the understandability of these schemes (although this is important to enable voters' trust in the election result). Therefore, we propose and justify an adequate security model and criteria to evaluate understandability. We also describe an Internet voting scheme, Pretty Understandable Democracy, show that it satisfies the adequate security model and that it is more understandable than Pretty Good Democracy, currently the only scheme that also satisfies the proposed security model.

show abstract

Improving Remote Voting Security with CodeVoting

Cited by 10 publications

References 19 publications

A new secure Internet voting protocol using Java Card 3 technology and Java information flow concept

A new secure Internet voting protocol using Java Card 3 technology and Java information flow concept

Privacy and verifiability in voting systems: Methods, developments and trends

Pretty Understandable Democracy - A Secure and Understandable Internet Voting Scheme

Contact Info

Product

Resources

About