Professional Documents
Culture Documents
Online E-Voting Prototype With PTC Web Services v1
Online E-Voting Prototype With PTC Web Services v1
Version 1.00
Evecek / Page 1 of 37
_______________________________________________________
Dr. C. Edward Chow, Chair
_______________________________________________________
Dr. Richard Weiner
_______________________________________________________
Dr. Xiaobo Zhou
Date
Evecek / Page 2 of 37
Table of Contents
Online E-Voting System Project Documentation
Abstract
1. Introduction
2. E-Voting System Related Literature
2.1. Public Key Cryptography
2.2. Homomorphic Encryption
2.3. Zero Knowledge Proofs
2.4. Threshold Cryptography
2.5. Cryptographic Voting Protocol
2.6. Issues in secure e-voting system
2.7. Completely Automated Public Turing test to tell Computers and Humans Apart
(CAPTCHA)
2.8. Chinese Remainder Theorem (CRT)
3. Online E-Voting System Project Description
3.1. Paillier Threshold Crytosystem Web Services Architecture and Design
4. Online E-Voting Prototype System
4.1. E-Voting System Overview
4.1.1 User Login
4.1.2. Election Set-Up
4.1.3. Creating Ballots
4.1.4. Vote Format
4.2. Voting
4.2.1. Creating the Vote
4.3. Tally the Vote
5. PTC Web Services Efficiency Improvement
5.1 Pre-Computation
5.2 Chinese Remainder Theorem (CRT)
5.3 Paillier Scheme Pre-computations for Decryption
6. Results
6.1 Pre-Computation Performance Evaluations
6.2. Defects Found
6.3. Conclusion
6.5. Future Suggestions
7. References
Evecek / Page 3 of 37
4
6
7
9
9
10
10
10
11
12
13
14
17
17
22
22
23
24
25
26
27
27
28
29
29
29
30
31
31
32
34
34
36
Evecek / Page 4 of 37
applied in the code and according to the results that will be explained, it has
improved.
o Paillier ThresholdCryptoService_UserGuide_Updated.doc: This document that is
the user guide for the PTC web services. Source files for the code is placed in the
link below:
http://cs.uccs.edu/~gsc/pub/master/hevecek/src/
Evecek / Page 5 of 37
Abstract
The purpose of this masters project is to develop an Online E-Voting prototype
system utilizing the Paillier Threshold Cryptosystem (PTC) web services and applying
MESE processes to it in an attempt to find possible solutions to further improve existing
PTC web services.
Online voting (e-voting) would be more convenient, relatively secure and utilize
fewer resources. To be able to access e-voting system from a personal, business or even a
public library computer may be more convenient for many people needing to vote. This
could potentially be a solution for the low voter turnout at the polls. However, it is still
questionable whether elections can be conducted online or over the internet due to the
high level of concern over security.
Systems considered to be apart of e-voting are Machine readable (create, read,
count) ballot systems, Direct Recording Electronic (DRE) systems, voting using mobile
devices and internet voting [1]. As part of this project, an online e-voting prototype
system has been constructed using the demonstration windows application tool created
for PTC web services. A pre-computation process is applied due to efficiency
improvements. The details of this optimization and improvement in the web services
process will be explained in the subsequent sections.
In addition to the application of the pre-computation to the process, the Chinese
Remainder Theorem can be applied during the decryption process. This change might not
be as noticeable as the pre-computation, however it will make it more efficient as the
calculation gets easier.
Evecek / Page 6 of 37
1. Introduction
In traditional elections, a voter usually goes to the voting stations. After direct
person-person verification with some IDs, the voter is allowed to vote. The voter is then
given a ballot which allows a single vote. Once the ballot is used, it cannot be used again.
However, this ballot must also be anonymous. The ballot must identify the voter as being
permitted to vote, but not reveal their actual identity, and the voter must also be given
assurances of this. Traditional polling methods trust a lot of parties during the election.
The current methods require an attacker interact directly with the voting process to
disrupt it. There is a greater chance of getting caught as there will be physical evidence in
the traditional polling.
On the other end, internet is harder to control and manage the security as Network
and internet related attacks are more difficult to trace. In the traditional polling, you know
who is in the election room. Also with the internet or network related voting, from all
around the world you will have attackers, not only by the few people in the room [3].
Figure 1 shows the hierarchy of the voting schemes just discussed [17].
Evecek / Page 7 of 37
Evecek / Page 8 of 37
Evecek / Page 9 of 37
a copy. In this e-voting prototype shared keys will be used for the users encryption in our
tests.
2.2. Homomorphic Encryption
The encryption algorithm E ( ) is homomorphic if given E(x) and E(y), one can
obtain E(x y) without decrypting x; y for some operation .
In that case, homomorphic encryption is a special type of cryptography in which
the sum of two encrypted values is equal to the encrypted sum of the values. In simple
mathematics, this is equivalent to the communicative property of multiplication. For a
majority of cryptographic algorithms, this does not hold true.
It is one of the schemes that can be used in e-voting especially to be able to tally
the votes even though the results are encrypted. There are few cryptosystems which uses
homographic encryption. They will be discussed in the next section.
Evecek / Page 10 of 37
participants in such a way that only through cooperation of a specified subset of the
participants can the operation be performed. In addition, if less than the required number
of participants attempts to perform the action, no useful information can be constructed
or obtained. The threshold value is typically denoted by the letter t. In a threshold
system as defined here, only t+1 cooperating authorities can perform the desired
cryptographic operation.
The essential components of a threshold cryptography system are a key
generation algorithm, an encryption algorithm, a share decryption algorithm, and a
combining algorithm [5]. First, the key generation algorithm generates the public key
parameters, a set of secret key shares, and a set of verifier keys. The secret key
shares are distributed to the participants in a secure manner. The encryption algorithm
provides encryption services for an appropriately-sized message m by applying the public
key parameters and an encryption algorithm to generate the ciphertext c. The share
decryption algorithm is used by each participant with a secret key share to partially
decrypt the encrypted message c.
corresponding to the secret key share to generate a proof of correct encryption. The
combining algorithm takes all of the partial decryptions or decryption shares, verifies
their corresponding proofs, and combines the decryption shares to reveal the original
message m. The combining step only succeeds if t+1 valid decryption shares are used.
Evecek / Page 11 of 37
participants can be tolerated. In other words, the system must be able to tolerate to certain
faulty conditions and must be able to manage these situations.
Universal Verifiability any party can verify the result of the voting
coercer.
There are four main approaches to efficient and fully secure elections:
Heterodox schemes
election authorities.
Evecek / Page 12 of 37
Evecek / Page 13 of 37
Theorem Statement:
Suppose n1, n2, , nk are integers which are pairwise coprime. Then, for any
given integers a1,a2, , ak, there exists an integer x solving the system of simultaneous
congruences
Evecek / Page 14 of 37
Furthermore, all solutions x to this system are congruent modulo the product
N = n1n2nk.
Sometimes, the simultaneous congruences can be solved even if the ni's are not
pairwise coprime. A solution x exists if and only if:
All solutions x are then congruent modulo the least common multiple of the ni.
In that case,
We can perform 2 operations mod p and mod q like below.
x a mod p,
x b mod q,
The Chinese Remainder Theorem can be used to efficiently reduce the decryption
workload of the cryptosystems [21]. To see this, one has to employ the functions Lp and
Lq defined over
By
Evecek / Page 15 of 37
With pre-computations
Evecek / Page 16 of 37
Evecek / Page 17 of 37
changing the underlying cleartext and without changing the ability to decrypt the
ciphertext using the original keypair[15]. Probabilistic property of Paillier will help to
protect voters privacy since none of the votes will be encrypted to the same ciphertext.
Paillier has described three different methods in his research. PTC Web services
that will be used in this project are using one of these three methods. Below are the
schemes invented by Pascal Paillier [21] and
PTC web services used. n and g are public parameters and (p, q) or remains private.
Encryption:
plaintext m < n
randomly select r < n
ciphertext c =
Decryption:
ciphertext c < n2
Evecek / Page 18 of 37
plaintext m = m1 + n m2
Table 3.2 Pailliers Scheme 2 [21]
Scheme 3: Third scheme is the variant with fast decryption. As this is a fast
decryption, this scheme can be applied to improve the efficiency. In the following
sections this scheme will be re-visited and it will be recommended for efficiency
improvements in the current web services.
Encryption:
plaintext m < n
randomly select r < n
ciphertext =
Decryption:
ciphertext c < n2
Table 3.3 Pailliers Scheme 3 [21]
It is assumed that g
Evecek / Page 19 of 37
Below are the steps for the key generation, encryption and decryption used [22].
Key generation
1.
2.
3.
4.
multiplicative inverse:
2.
3.
Decryption
1.
Ciphertext
2.
Compute message:
It is the same as the scheme 1 described above. This computation takes some time
due to the large prime numbers used. The secret key is SK = (n) = lcm((p-1),(q-1)).
Evecek / Page 20 of 37
SDS
document
are
all
created
and
they
can
be
downloaded
from
http://www.cs.uccs.edu/~gsc/pub/master/hevecek/doc/ folder.
parameters. The administrator requests the Paillier threshold encryption parameters from
the PTC Web Service during the initial election set-up. The administrator submits the
election parameters to a VotingService web service, and saves the election parameters
(including the cryptosystem parameters) to an XML file. Voters then load the election
parameters by opening the XML file, make their selection(s), and cast their encrypted
vote(s) to the VotingService web service. During the tally phase, the votes are multiplied
together, and, due to the homomorphic properties of the Paillier cryptosystem, the
product can be decrypted to reveal the sum total of all the votes [15].
Evecek / Page 21 of 37
Evecek / Page 22 of 37
Evecek / Page 23 of 37
transfer the returned parameters to the Election Builder form and close automatically.
The election crypto parameters are displayed at the bottom of the Election Builder form.
Lastly, on the same election page ballots can be added for the election. If the
ballots are created prior to the election creation page, the list will appear in the window
for administrator to choose from the list. They can be added to any election by
highlighting from the list and clicking to theAdd Ballots button. If the ballot is valid, it
will be imported into the election and displayed in the Election Summary textbox in the
form.
After all the users, ballots and Administrator details loaded from the election
form, the Administrator will need to save and post the election to be able to initialize
election voting. The election will be saved as an XML file. First save the election by
clicking to the Save Election button.
Evecek / Page 24 of 37
Builder form. A new ballot will be created and the random ballot id displayed in the
form. Administrator will need to put ballot issue/ problem, and then enter all of the
available choices, one at a time by using the Add Choices button and the text box.
Each choice is entered by typing the appropriate text. A choice can be deleted by
selecting the choice in the list, and clicking Delete Candidate button. When the ballot
is complete, the ballot should be saved by clicking Save ballot button. This button will
get all the details entered and save the ballot in XML format in the web server
App_Data\XML Files\Ballots folder. The Ballot Builder Form must be closed and then
re-opened in order to create another ballot. Ballot creation page is also accessible from
the Administrator menu.
Due to the
homomorphic property of the Paillier cryptosystem, the multiplication carried out in the
ciphertext space corresponds to addition in the cleartext space, and thus the decryption of
Online E-Voting Prototype System
Evecek / Page 25 of 37
the product will contain the summed votes for each candidate. Each candidates bit field
can then be extracted and evaluated to determine the total number of votes for that
candidate [15].
4.2. Voting
4.2.1. Creating the Vote
Once an election has been created, saved, and posted to the election web service,
voters can create and cast votes. After the user login page user logs in either as an
Administrator or a voter. If the user logs in as an Administrator, he will have a link from
the menu for the voting page. If the user has logged in with voter credentials, then he will
be connected to the voting page automatically. When connected to the voting page, a list
box will have all the elections available for the voters. This list is the list of the elections
in the elections folder. After highlighting the election and clicking to the button to load
the election, election details will be loaded for voters to vote. The ballots from the
election will be loaded, with each issue being loaded into the issue text box, and its
corresponding choices loaded into the textbox to the right (the choices textbox). The
voter can make his/her choice simply by clicking on the desired choice. That issues
choices will then be displayed in the choices textbox. Again, select the desired choice by
clicking on it in the choices textbox. Once a choice has been selected, the ballot issue
and the selected choice will appear in the Current Votes textbox. To the right of the
issue question and the selected choice is the hex value of the vote to be cast. Once all
choices have been made, the voter can submit his/her vote by selecting Submit Vote
button at the bottom of the page. This button will cal the web services and save the vote
into the database. Once the vote is submitted, no changes can be made.
Online E-Voting Prototype System
Evecek / Page 26 of 37
At any time after submitting his/her vote, a voter can check the posted values of
his/her vote by selecting Check Submitted Vote button. This invokes a web service call
to the voting web service which retrieves the encrypted vote values posted for that
election [15].
Administrator to collect all the registration details from the user to be able to create the
users. He/she will assign the right certificates so that there wont be any issues in the
future process like tally / decrypt vote process. The product of the votes for each ballot
is then calculated and displayed both encrypted and decrypted, and the candidates tallies
are extracted from the decrypted bit field and displayed.
Evecek / Page 27 of 37
Evecek / Page 28 of 37
With pre-computations:
These constant pre-computations can be done with the same methods used in this project.
Evecek / Page 29 of 37
6. Results
6.1 Pre-Computation Performance Evaluations
Pre-computations results are put into both the text file and the Pre-Computation
tables created in the SQL Server. Both the text file and the database solutions have
increased the performance in other words response time more than 80% in average for
both 256 and 128 bit key sizes. Unfortunately this test failed with 1024 and 512 bit key
sizes due to time out issues.
There is a parameter setup in the settings to use the random prime number
generator either real time or text file or database. As a default it will set to the real time.
XML solution also needs some improvements and this will be suggested in the future
improvements section of the project.
Evecek / Page 30 of 37
Algorithm
Regular
Avg
Max
Min
With Pre-Computation
Change %
128 bit
128 bit
128 bit
0.283
0.368
0.203
1.937
2.804
0.329
86%
38%
85%
Evecek / Page 31 of 37
Algorithm
Regular
Avg
Max
Min
With Pre-Computation
Change %
256 bit
256 bit
256 bit
0.381
0.542
0.291
2.133
2.926
0.306
82%
81%
5%
Evecek / Page 32 of 37
DefectID 1: When the election is created, it can not save title and username
details in the xml file.
Solution: _election parameter stored in the session was not initialized in the
beginning of the function. After initializing it is fixed.
DefectID 3: Outside the compiler application was not able to respond to the
certificate assignment for the users.
Solution: This is fixed by assigning ports each time we run the application. A
dedicated port needs to be used by the administrator.
DefectID 4: XML output for the pre-computation does not work properly and
need to be fixed. Only real time computation and DB computations work which is
enough to show the efficiency improvements in the code.
Solution: This need to be fixed in the future releases.
DefectID 5: User Login page does not hide the password text.
Solution: This is fixed by changing the text box property.
Evecek / Page 33 of 37
DefectID 6: User Name is the same as the certificate issued name used in the
certificate. If these names do not match, certificate can not be used and this will throw an
error. To minimize the issues, user name from the login page will be passed to the voting
page automatically. This enhancement needs to be applied as this is an additional
requirement.
Solution: This is done by using Sessions in ASP .Net. username session is created
and the username is passed to the next form which is voting form.
6.3. Conclusion
Online E-voting system is a prototype developed by using PTC Web services. As
the need for voting system has started to increase and some organizations or countries has
started to look for the solutions, this can be the starting point to improve and deploy in
the real world scenarios.
In this project I have tried to explain the importance of Paillier cryptosystem, , its
unique properties and its application areas especially in e-voting.
We need to keep in mind htat voting is not the only process during the whole
voting processes. There might be some other security concerns that need to be considered
when such an application is built for practical reasons.
Lastly, Paillier Cryptosystem efficiency can be improved as suggested in many
papers [1], [8]. Random numbers pre-computation is one of the ways implemented in this
project. It has increased the calculation more than one of the ways. In the next section, I
will be listing all improvements that can be done to this web service and application.
Evecek / Page 34 of 37
Evecek / Page 35 of 37
7. References
[1] http://cris.joongbu.ac.kr/publication/evoting_implementation-APIEMS2004.pdf
Implementation issues in a secure e-voting schemes, Riza Aditya, Byoungcheon Lee,
Colin Boyd and Ed Dawson.
[2]
http://www.euractiv.com/en/egovernment/estonia-country-world-introduce-internet-
Evecek / Page 36 of 37
[2] A.J. Menezes, P. C. van Oorschot, and S.A. Vanstone, Handbook of Applied
Cryptography, CRC Press, 1997.
[3] D. Naccache, Double-Speed Safe Prime Generation, Gemplus Card International.
[4] M. Wiener, Safe Prime Generation with a Combined Sieve, Cryptographic Clarity.
[5] B. Wilson, C. E. Chow, Paillier Threshold Cryptography Web Service Users Guide,
University of Colorado Colorado Springs Masters Project, 2006.
[16]http://www.cs.rit.edu:8080/ms/static/spr/2005/4/kar1141/report.pdf ,
Progress on Probabilistic Encryption Schemes, Kert Richardson, July 2006.
[17] http://www.cs.umd.edu/~jkatz/THESES/staub.pdf.gz An Analysis of
Chaums voter-verifiable election scheme, Julie Ann Staub, 2005
[18] http://www.brics.dk/RS/00/45/BRICS-RS-00-45.pdf Ivan Damgard and
Mads J.
http://www.rsa.com/rsalabs/cryptobytes/CryptoBytes_January_2002_final.pdf
http://www.gemplus.com/smart/rd/publications/pdf/Pai99pai.pdf
Public-Key
Evecek / Page 37 of 37