Abstract
Electronic polling systems promise benefits to voters such as accessibility and convenience that enable them to cast their votes at any time, from any Internet-connected computing device anywhere in the world. However, unlike traditional paper-based voting systems, an e-polling system introduces several security risks such as privacy of vote, unlinkability of a voter, voter coercion, secrecy of partial election results, verifiability, and poll integrity. The authenticity of a voter is another security concern, i.e., a voter must be identified through an authentication mechanism that prevents voting of unauthorized voters or multiple voting from authorized voters. Another security concern is the manipulation of votes by an infected (e.g., virus, malware, and so on) voting device. Since the voters use their personal devices to cast votes in an unsupervised environment, a malware-hosted device could make unauthorized modifications to the voter's voting choices. Many e-voting systems have been proposed, however, to date, all these schemes either fail to provide all the required security properties or are not practically feasible on light-weight computing devices. In this paper, we present a secure and verifiable polling system, SeVEP, that employs well-known cryptographic primitives to provide vote and voter's privacy, and poll integrity, confirms the identity of voters through a multifactor authentication scheme, enables multiple voting within the allowed polling period, prevents double voting, and achieves verifiability and uncoercibility in the presence of untrusted voting device. The security, performance, and comparative analysis in terms of security properties and cryptographic costs show that SeVEP is secure, verifiable, and practical e-polling system.
Highlights
A poll is a measurement tool that enables citizens to express their opinions on various issues ranging from public policies to public affairs and private businesses by giving their nod of approval or rejection
In SeVEP, we have considered three possible scenarios of voters based on the results of device fingerprinting: (1) a voter uses his/her mobile phone to cast votes; (2) a voter has a smartphone or a tablet to cast his/her votes; and (3) a desktop PC is used as a voting device by the voter
1) VOTER COERCION RESISTANCE In SeVEP, coercers are unable to determine if the coerced voter has obeyed his/her instructions or not due to the fact that SeVEP allows multiple voting within tp, i.e., only the last ballot cast by the voter is considered valid
Summary
A poll is a measurement tool that enables citizens to express their opinions on various issues ranging from public policies (e.g., health care, immigration, education, etc.) to public affairs (e.g., election campaign, approval of a political party, etc.) and private businesses (brand management, consumer-focused marketing, etc.) by giving their nod of approval or rejection. SeVEP provides tallied-as-recorded verifiability to the voter, who can check whether the random 3-digit code he/she has chosen himself/herself when casting his/her ballot appears in the poll result along with his/her voting choice on the Bulletin Board. The polling phase of SeVEP assumes that the voter has two computing devices, i.e., one to cast his/her vote (a voting device), and another to open an email containing return and confirmation codes (a validation device). During the first step of registration, the voter must choose his/her credentials (username and password), inputs a graphical password (either through a touch-screen interaction or with a mouse), and records a voice sample (a passphrase chosen by the voter) and a typing pattern (a word typed either through a mobile keypad or a desktop keyboard) All these factors along with the mobile number of the voter are registered with CI, who sends him/her a link of a login page, where he/she can input these credentials (in three levels) to gain access to the polling site of SeVEP. Till the publishing of the final results on the BB, the hashes of the ballots remain hidden from the voters
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
