Secure I-voting system using QR code and biometric authentication

Abstract

ABSTRACT The Estonian i–voting system uses the PIN of the national ID card for the authentication of the voter. The vote modification malware, re-voting malware, and self-voting malware can easily record the PIN and change the vote or secretly cast a vote. The bad verification attack can easily change the encrypted ballot sent to the verification application because the public key of the server encrypts it. This study presents a secure internet voting and verification protocol that conquers the malware in the internet voting system. The proposed method uses the QR code and fingerprint biometric authentication provided by the Aadhaar card in India. The use of a parameter q modifies the voting and verification protocol. Only the parameter q display on the screen for verification, thereby, conserves the vote’s secrecy. The parameter q provides a second level of authentication in the voting protocol. The fingerprint biometric authentication exhibits better security against the vote modification malware, re-voting malware, and self-voting malware. The parameter q is digitally signed using the server’s private key before it is sent to the verification application to defend against the bad verification attack.