CodeVoting Protection Against Automatic Vote Manipulation in an Uncontrolled Environment

  • Rui Joaquim
  • Carlos Ribeiro
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4896)

Abstract

One of the major problems that prevent the widespread of Internet voting is the vulnerability of the voter’s computer. A computer connected to the Internet is exposed to virus, worms, spyware, malware and other threats that can endanger the election’s integrity. For instance, it is possible to write a virus that changes the voter’s vote to one predetermined vote on election’s day. It is possible to write such a virus so that the voter would not notice anything wrong with the voting application. This attack is very dangerous because it may pass undetected. To prevent such attack it is necessary to prevent automatic vote manipulation at voter’s computer. Here we present CodeVoting, a technique to create a secure communication channel to a smart card that prevents vote manipulation by the voter’s PC, while at the same time allows the use of any cryptographic voting protocol to protect the election’s integrity at the server side of the voting application.

Keywords

Internet voting vote manipulation 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation. In: CCS 2004: Proceedings of the 11th ACM conference on Computer and communications security, NewYork, USA, pp. 132–145 (2004)Google Scholar
  2. 2.
    California Internet Voting Task Force: A report on the feasibility of Internet voting (January 2000), http://www.ss.ca.gov/executive/ivote
  3. 3.
    Chaum, David: SureVote. September 2007.// International patent WO 01/55940 A1 (02 August 2001), http://www.surevote.com/home.html
  4. 4.
    Clarkson, M., Myers, A.: Coercion-Resistant Remote Voting Using Decryption Mixes. In: Workshop on Frontiers in Electronic Elections, Milan, Italy (September 2005)Google Scholar
  5. 5.
    Estonian Internet Voting System (July 2007), http://www.vvk.ee
  6. 6.
    Hirt, M., Sako, K.: Efficient Receipt-Free Voting Based on Homomorphic Encryption. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 539–556. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  7. 7.
    Internet Policy Institute: Report of the National Workshop on Internet Voting: Issues and Research Agenda (March 2001), http://www.diggov.org/archive/library/dgo2000/dir/PDF/vote.pdf
  8. 8.
    Jefferson, D., Rubin, A., Simons, B., Wagner, D.: A Security Analysis of the Secure Electronic Registration and Voting Experiment (SERVE) (January 2004), http://www.servesecurityreport.org/paper.pdf
  9. 9.
    Juels, A., Catalano, D., Jakobsson, M.: Coercion-Resistant Electronic Elections. In: Workshop on Privacy in the Electronic Society, Alexandria, Virginia, pp. 61–70 (November 2005)Google Scholar
  10. 10.
    Kutylowski, M., Zagórski, F.: Coercion-Free Internet Voting with Receipts. In: Workshop on e-Voting and e-Govrnment in the UK. Edinburgh (February 2006)Google Scholar
  11. 11.
    Lee, B., Kim, K.: Receipt-Free Electronic Voting Scheme with a Tamper-Resistant Randomizer. In: Lee, P.J., Lim, C.H. (eds.) ICISC 2002. LNCS, vol. 2587, pp. 389–406. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  12. 12.
    Okamoto, T.: Receipt-Free Electronic Voting Schemes for Large Scale Elections. In: Security Protocols Workshop, Paris, France, pp. 25–35 (April 1997)Google Scholar
  13. 13.
    Rubin, A.: Security Considerations for Remote Electronic Voting Over the Internet. Communications of the ACM 45(12) (2002)Google Scholar
  14. 14.
    Sadeghi, A., Selhorst, M., Stüble, C., Wachsmann, C., Winandy, M.: TCG Inside? - A Note on TPM Specification Compliance. In: STC 2006: Proceedings of the 1st ACM Workshop on Scalable Trusted Computing, Virginia, USA (November 2006)Google Scholar
  15. 15.
    Sako, K., Kilian, J.: Receipt-Free Mix-Type Voting Scheme A Practical Solution to the Implementation of a Voting Booth. In: Guillou, L.C., Quisquater, J.-J. (eds.) EUROCRYPT 1995. LNCS, vol. 921, pp. 393–403. Springer, Heidelberg (1995)CrossRefGoogle Scholar
  16. 16.
    UK’s National Technical Authority for Information Assurance: e-Voting Security Study. July (2002), http://www.ictparliament.org/CDTunisi/ict_compendium/paesi/uk/uk54.pdf
  17. 17.
    Volkamer, M., Alkassar, A., Sadeghi, A., Schulz, S.: Enabling the Application of the Open Systems like PCs for Online Voting. In: FEE 2006: Proceedings of the Frontiers in Electronic Elections Workshop, Germany ( September 2006)Google Scholar
  18. 18.
    Zúquete, A., Costa, C., Romao, M.: An Intrusion-tolerant e-Voting Client System. In: WRAITS 2007: 1st Workshop on Recent Advances on Intrusion-Tolerant Systems, Lisbon, Portugal ( March 2007)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Rui Joaquim
    • 1
  • Carlos Ribeiro
    • 1
  1. 1.ISEL / INESC-ID 

Personalised recommendations