STRATEGIES, DESIGN AND IMPLEMENTATION OF ONLINE VOTING SYSTEM

Abstract

Electronic voting systems can make the voting process much more convenient. However, in such systems, if a server signs blank votes before users vote, it may cause undue multivoting. Furthermore, if users vote before the signing of the server, voting information will be leaked to the server and may be compromised. Blind signatures could be used to prevent leaking voting information from the server; however, malicious users could produce noncandidate signatures for illegal usage at that time or in the future. To overcome these problems, this paper proposes a novel oblivious signature scheme with a proxy signature function to satisfy security requirements such as information protection, personal privacy, and message verification and to ensure that no one can cheat other users (including the server). We propose an electronic voting system based on the proposed oblivious and proxy signature scheme and implement this scheme in a smartphone application to allow users to vote securely and conveniently. Security analyses and performance comparisons are provided to show the capability and efficiency of the proposed scheme.

1. Introduction

In recent years, network transactions for applications such as Internet auctions and banking have increased greatly. Network and mobile security technologies [1–6] play important roles in protecting users’ privacy. In this regard, digital signatures have attracted considerable attention. By using public-key cryptography, a signer can sign a message using his or her private key, which is owned only by the signer, to create a digital signature for the message. Then, any verifier can validate the correctness of this signature by using the signer’s public key.

However, it is necessary to protect the privacy of signature receivers in some situations, such as the contents of signed message in a digital cash system or the choices from candidates in an e-voting situation. In 1983, Chaum [7] introduced a blind signature scheme to offer blindness which protects the signee’s privacy. In 2013, Nayak et al. [8] proposed a blind signature scheme based on an elliptic curve discrete logarithm problem. In 2005, Rabin [9] introduced the concept of oblivious transfer. In 1994, Chen [10] proposed the concept of oblivious signatures and considered two types of oblivious signature schemes. In 2008, Tso et al. [11] provided formal definitions and security requirements for an oblivious signature scheme. In 2012, Chou [12] proposed a more efficient and secure -out-of- oblivious transfer scheme.

In 1996, Mambo et al. [13] proposed the concept of proxy signature. Various proxy signature schemes have been proposed [14, 15]. In 2000, Lin and Jan [16] proposed the first proxy blind signature scheme that combines the functionalities of both proxy signatures and blind signatures. In 2002, Tan et al. [17] proposed a proxy blind signature scheme; however, in 2003, Lal and Awasthi [18] showed this scheme to be insecure and further proposed a new scheme that is secure and more efficient than Tan et al.’s scheme. In 2013, Yang and Liang [19] proposed a new proxy blind signature scheme that allows revocation.

For electronic voting systems, in 2001, Ray and Narasimhamurthi [20] introduced an online anonymous electronic voting protocol that allows a voter to cast his or her ballot anonymously by exchanging untraceable authentic messages. In 2013, Pan et al. [21] proposed an electronic voting scheme that is based on the ring signature and is resistant to a clash attack. Several schemes with delegated voting functionality have been proposed. In 2013, Zwattendorfer et al. [22] proposed a proxy voting scheme that allows a voter to delegate his or her voting power to a proxy who actually casts the ballots for all represented voters. Norway has used an Internet-based voting protocol for some years, and the vote privacy and correctness of this scheme have been demonstrated [23]. In 2016, Kulyk et al. [24] proposed a new coercion-resistant proxy voting scheme by extending the coercion-resistant JCJ/Civitas theme, aiming to prevent direct voter coercion, delegation coercion, and proxy coercion. They also proposed a new proxy voting scheme [25] to extend the Helios voting system [26] with delegated voting functionality. In 2017, Cohensius et al. [27] considered a social choice problem and demonstrated that the mechanism using proxy voting better approximates the optimal outcome.

1.1. Motivation

Compared with a blind signature scheme, a oblivious signature scheme used in e-voting provides one more property: ambiguity in selected messages. A signer cannot find out which message a voter has selected while signing the messages, but the signer can be certain that the message the voter chooses is one of the predetermined messages; otherwise, the signature would not be accepted by a verifier. Therefore, in oblivious signature systems, which differ from blind signature schemes, the limited signed contents can prevent potential malicious users from obtaining valid signatures of some candidates for unauthorized purposes.

In addition, because each unit of a group (such as each state of a country, each county of a state, each campus of a school, or each approved bank of a group) may use different methods to authorize their members (using different keys), polling booths with proxy ability are required. Additional benefits include reducing the load at voting centers and avoiding network jams. Moreover, the mobility of the voting functionality allows people to vote from anywhere using their mobile devices, thereby making the electronic voting system more convenient.

The goal in this research is a design of novel schemes which combine oblivious and proxy signatures and extend the designed schemes to an electronic voting system which provides the following properties: mobility, instant voting, proxy signer, completeness, unforgeability, unlinkability, undeniability, accuracy, distinguishability, ambiguity, nonduplication, eligibility, verifiability, fairness, and privacy, where fairness means that no one can know the current total number of votes received by every candidate before the end of the voting period.

1.2. Our Contribution

In this paper, based on the Schnorr signature [28], we propose two novel 1-out-of- blind (oblivious) and proxy signature schemes that combine the advantages of oblivious signatures and proxy signatures and satisfy the security properties of these two signature schemes. One of the proposed proxy oblivious schemes is of the proxy-unprotected type and the other is of the proxy-protected type. Based on our schemes, we also propose an anonymous electronic voting system with proxy signer. By using the concept proposed in [29], we conduct security analyses and performance comparisons. The results showed that our scheme has good performance and is efficient. Finally, we implement the voting system on Android mobile phones to prove that our scheme is workable. This paper extends the research [30], which presents the concept of 1-out-of- oblivious and proxy signature schemes of proxy-unprotected type without the voting system application, security analyses and formal proofs, and mobile phone implementation.

2. Related Works

In this section, we present two representative protocols that are relevant to our scheme: oblivious signature and proxy signature.

2.1. Oblivious Signature

In 1983, Chaum [7] introduced a blind signature scheme. Compared with a normal signature, a blind signature offers an additional property, blindness, that provides it with the ability to protect the signee’s privacy. In a blind signature scheme, a signee could get a message’s digital signature signed by a signer without revealing any information about the message. This is vital in some applications such as electronic payment systems and secure voting systems [31–35], because the requester’s messages may be sensitive. Nayak et al. [8] also proposed a blind signature scheme based on an elliptic curve discrete logarithm problem.

In 2005, Rabin [9] introduced the concept of oblivious transfer. In this protocol, a sender sends some subsets of some messages but does not know what the receiver has received. Thus, the receiver can get the particular message he or she wants without revealing any information about the message to the sender. In 2012, Chou [12] proposed a more efficient and secure -out-of- oblivious transfer scheme.

In 1994, Chen [10] proposed the concept of oblivious signatures. He considered two types of oblivious signature schemes. The first one comprises  keys and one message; the receiver can get a message signed with one of  keys that are chosen by him or her while the signers cannot know which key has been used for the signature by the receiver. The second one comprises  messages and one key; a signee can choose one predetermined message to get signed while not revealing any information about the selected message to the signer. In contrast to blind signatures, oblivious signatures can guarantee that the signed message is actually one of the predetermined messages; therefore, if the receiver were to submit some additional messages, the signature would not be accepted by the scheme.

In 2008, Tso et al. [11] noted that Chen’s proposal does not crisply formalize the notion and security properties of the scheme. Consequently, they provided formal definitions and security requirements for an oblivious signature scheme, including completeness, unforgeability, and ambiguity, and proposed a 1-out-of- oblivious signature agreement based on Schnorr’s blind signature [28]. They also improved the scheme’s performance. The preceding properties render oblivious signatures very suitable for electronic voting applications.

In their scheme [11], it first creates a normalized definition for the oblivious signature agreement and proposes the following properties to ensure security:

(1)    Completeness: as long as the recipient and the signer can implement the agreement honestly, once the agreement is completed the recipient can obtain the signed message.

(2)    Unforgeability: despite the algorithm being publicly published, attackers still have difficulty creating a forged signature within an acceptable time frame.

(3)    Ambiguity in selected messages: the signer is unable to determine the recipient’s selection.

This system provides for three roles, namely, the signer, the recipient, and the verifier. The operation proceeds through three phases, namely, initiation, signing, and verification. Figure 1 shows their scheme and the steps in this scheme are as follows.