Designing and developing secure protocol for mobile …. Firstly, the user has to activate given...

INTERNATIONAL JOURNAL OF APPLIED ENGINEERING RESEARCH, DINDIGUL

Volume 2, No 2, 2011

© Copyright 2010 All rights reserved Integrated Publishing Association

RESEARCH ARTICLE ISSN - 0976-4259

522

Designing and developing secure protocol for mobile voting Abhishek Kumar

1,Ashok Kumar Srivastava

2

1- Junior Scientist, Computer Division, CSIR-Central Drug Research Institute, Chattar

Manzil Palace, MG Marg, Lucknow-226001

2- Senior Principal Scientist, Computer Division, CSIR-Central Drug Research Institute,

Chattar Manzil Palace, MG Marg, Lucknow-226001

CSIR-CDRI Communication Number: 8198

[email protected]

ABSTRACT

In recent years, a drastic fall down is being noticed in the Indian general election’s voting

turnaround. Problem is becoming serious with the non-availability of a way to let voters cast

votes who are residing outside their election-areas. The remote voting procedure for NRI’s

and Indian army is also not showing significant improvement. Somewhere the issues lie in

ease of usage and somewhat lack of trust of current voting procedure. This article tries to

solve this issue with the design and development of mobile voting protocol which is not only

very easy to use but is also robust, secure and trusted. In this article, we have focused on

designing a secure and globally trusted protocol to enable Indian citizens (or any other

country’s citizens who follows this protocol) to cast vote in their respective country’s election

via their GSM Mobile Phones from anywhere in the globe irrespective of their physical

location. Apart from this, the motive of author is also to extend the usage of information

technology to a scheme of Green-Election (Paperless election), addresses the issues of

voting-problem in remote, disturb and sensible areas, and to suit the requirement of today’s

generation who, due to several problems, usually finds it difficult to go for manual vote

casting.

Keywords: Mobile Voting; Protocol for Mobile voting; Secure Mobile voting.

Nomenclature

EVM = Electronic Voting Machine

NRI = Non Resident Indian

SMS = Short Message Service

UID = Unique Identification

UIDAI = Unique Identification Authority of India (AADHAR)

GSM = Global System for Mobile Communications

1. Introduction

In democratic society, voting is used to collect and reflect people’s opinion and making a

trusted and accepted committee of representatives for successfully running the country.

Currently, voting is being conducted in centralized or distributed voting booths. Voters have

to present personally at the voting booth to cast their votes under the supervision of





523

authorized election commission members. For a variety of reasons, voters may not be able to

attend voting booths physically but want to cast vote remotely. Accepted way of remote

voting is Postal Voting (for NRI) and Proxy Voting (For Army), but it lacks proper

authentication and involves a time-consuming procedure. This area needs to be explored

properly due to following reasons: The current voting procedure is not very efficient and

mostly probe to human error. Allegations keep being raised and there are enough ways for

EVM tampering (Hari K. Prasad, 2010), (Tandayoshi Kohno, 2004), booth capturing, vote

tampering, vote counting mistakes, violence and many more.

The youth and the maximum voter portions of today are moving away from voting. Reasons

are many such as: they find it difficult to manage time; out of their busy schedule for voting,

they don’t find any easy way of voting and the current way of remote voting is not very easy

to use, lacks trust and also allowed for very specific group of people. The same problem is

being faced by NRIs and Military men, the various remote voting ways were mainly targeted

for this section only; Voting Via Embassies(for NRI) and Proxy Voting (from military

persons); but they are not able to utilize it fully. The main reason remains as lack of

authentication, flexibility and ease of use of current remote voting procedures. The voters

who is residing outside their voting areas, also fails to cast their votes due to current not very

effective voting procedures. The voting in remote and sensitive area always remains a

problem and challenge. Major portion of people from this area fails to use right to vote.

Taking example of Indian state Bihar which suffers from NAXALS and seen violence in

election, the voting turnaround has decreased significally. In Bihar the Voting turnaround for

Vidhna Sabha Election has fallen from 53.7 %( 1977) to 45.9 %( 2005 Nov). Politically

disturbing areas like J&K also seeing constant reduction in voting turnaround.

The overall effect of this trend is that the voting turnaround of Indian general election keeps

falling drastically. Apart from this, there are many more reasons to look forward for a mobile

voting as Reduced Costs, Greater accessibility for the disabled, Flexibility. (Manish Kumar)

Table 1: Voting percentage in India’s Lok Sabha elections

General Election Year Male Female Total

1st 1952 - - 61.2

2nd 1957 - - 62.2

3rd 1962 63.31 46.63 55.42

4th 1967 66.73 55.48 61.33

5th 1971 60.90 49.11 55.29

6th 1977 65.63 54.91 60.49

7th 1980 62.16 51.22 56.92

8th 1984 68.18 58.60 63.56

9th 1989 66.13 57.32 61.95

10th 1991 61.58 51.35 56.93

11th 1996 62.06 53.41 57.94





524

12th 1998 1998 57.88 61.97

13th 1999 63.97 55.64 59.99

14th 2004 52.65 44.65 48.74

(Source: http://www.indian-elections.com/india-statistics.html, accessed on Oct 19, 2011)

In 2009, general election has a voting percentage of 56. 97% (Source: Wikipedia: India

General Election, 2009)

Hence, there is a great room for a remote voting protocol which is easy, transparent and most

importantly secure. In this article, we have worked on a protocol development for secure and

easy remote voting procedure via GSM mobile. Though GSM itself has inbuilt security

features (Yang Feng, 2006), (Manish Kumar), this protocol further extends it for a secure

mobile voting. We can also extend proposed protocol to define another inherent protocol/s for

a secure online voting.

1.1 Protocol Description

In current voting procedure, every valid voter has to register themselves to Election

Commission of India and get their voter ID-Card. This ID-card is used as photo identification

while casting vote. This protocol adds an extra field to the present Voter ID-Card namely:

UID (The AADHAR UID) (Unique Identification Authority of India, Planning

Commission).While registering to election commission, user will register his/her mobile

number. Firstly, the user has to activate given mobile number to enable mobile voting.

The mobile voting activation procedure for voters would be as follow:

After proper verification, a secret number will be sent on the user’s registered mobile number.

After getting this number, user has to log-in to the Indian Election Commission’s online

mobile-voting activation gateway and provide following information:

1. The Secret Number

2. The UID as on voter’s ID-card

3. The Voter ID as on voter’s ID-card

4. Mobile number on which this information is sent

This will be a single time activity which has to be done. An automated verification will be

done on back end side and on success; the number will be activated for mobile voting. Also a

secret key will be passed to the mobile user (this will be used to decrypt the secured

encrypted SMS from election commission). The user also needs to download and install a

small cryptography application (used to decrypt and view secure SMS from election

commission).The detailed description of this protocol is elaborated down onwards.

2. Voting via this protocol





525

If a user is subscribed and allowed to cast mobile vote, on election day of his/her area, user

will get an SMS from Election Commission of India, having a list of candidates’ name along

with their parties’ name and parties’ symbol’s name. User has to simply reply to this SMS to

cast the vote.

The Election commission’s SMS format would be:

<Sequel Number> <Candidates’ Name> <Candidates’ Parties’ Name> <Candidates’ Parties’

symbol’s Name>

Secret Key : <Highly robust randomly generated 12 characters length alphanumeric key>

So, On Election Day, user will get an Election commission’s SMS like:

1. Hira Yadav (INDIAN NATIONAL CONGRESS) (HAND)

2. Prabhu Lal (BJP) (LOTUS)

3. Priyanka Aggarwal (BSP) (ELEPHANT)

4. Vikash Yadav (NIRDALIYA) (AEROPLAN)

Secret key: XX8945893DFR

To cast vote, user has to simply reply to this SMS in a predefined format. The reply format is:

<SECRETKEY><SPACE>IM<SPACE><UID><SPACE>IS<SPACE><NUMERIC DIGIT>

The extended full format of this SMS is: <Secret Key> I am <UID> is selecting <Candidates’ numeric digit>

Ex: XX8945893DFR IM 98XDUIDR45T IS 4

User will get an acknowledgement SMS on the same registered number after vote acceptance.

2.1 Backend architecture and working of protocol

The backend of this protocol has one highly secured centralized database with three tables:

Database_Name: Electorate_Information_Database

Table 2: Electorate_Information_Table

UID //UID of the voter as on AADHAR UID CARD

Voter_ID //Voter ID of the voter

Voter_Name // Voter name

Father_Name //Voter’s father name





526

Permanent_Address // Voter’s registered permanent address

Registered_Mobile_Number //Voter’s registered mobile number for mobile voting

Election_Area //Voter’s election area (which area voter is allowed to vote for)

Gender //Voter’s gender

Date_Of_Birth //Voter’s Date of birth

Date_Election_Commission_Registration //Date voter registered him/her self to election commission of India

Date_Mobile_voting_registration //Date voter registered him/her self for mobile voting

Date_Mobile_voting_activation //Date on which voter mobile information is validated and voter allowed for mobile

voting

Mobile_Voting_Allowed //Whether the voter is allowed for mobile voting or not.

Usage:

This table will be used for any usual query and fetch/update voter’s basic information. This

table can be published online on log-in basis for voter’s to counter check their information.

Election Area field will be used to decide, when user has to sent voting SMS.

Table 2: Electorate_Cryptography_Key

UID // UID of the voter as on AADHAR UID CARD

Secret_Symmetric_Key //The voter’s specific symmetric key used for Election commission’s secure SMS

encryption and decryption

Usage:

This is highly secured database’s table and contains the symmetric secret key which will be

used to encrypt and decrypt the SMS which will be sent to voters for casting mobile vote.

This table’s access can be restricted to only few people for security concerns.





527

Table 3: Electorate_Voting_Status

UID //UID of the voter as on AADHAR UID CARD

Voting_Status // This is the field which provides information that whether user has yet

casted vote or not

Voting_Date_and_Time // Date and Time when user casted vote

Voting_Mode // which mode was used to cast vote “Mobile Mode” or “Polling Booth Mode (User manually casted vote by going to

polling booth)”

Secret_PRNG_Number //12 characters length secret Pseudo Random Number for carrying acknowledgment functionalities

Usage

This table will provide information regarding the current voting status of a voter and also

provide many other fields for problem shooting like at what Date/Time vote has been casted,

via which mode (mobile voting or voter casted vote from polling booth) vote has been casted,

and also keep the a secret PRNG number for acknowledgment purpose. This table will be

updated as soon as voter will cast vote via any mean and will be used by polling booth’s

officer and the mobile voting server to query/update voter’s current voting status. The 4 fields

of this table(Voting Status, Date and Time, Voting Mode, Secret PRNG number) are volatile

in nature and will be reset every time a new election helds in that area. Apart from this, this

protocol also includes a small portable device which will be given to all of the Election camp

officers’. The prototype of this small portable device is:

Figure1: Prototype of the small portable device for checking and updating voter’s voting

status





528

This portable device will be used to make a secured connection and query the centralized

election commission’s database regarding the current voting status of a user. This machine

will consist of following parts:

An alphanumeric keypad for punching voter’s UID

Three punch buttons namely: Query (query election commission’s centralized database

regarding the voting status of voter), Vote casted (to update the voting status of voter in the

centralized database after allowing for vote casting), and Reset (to reset the display of the

machine and reset its functionalities and flush any old data)

Two display panels: One for viewing the UID while punching the same and second for

viewing the output of the query

Before allowing any voter to cast vote, the pooling booth officer will punch his/her UID on

the machine and press query. If the user has casted vote by any other means previously, the

same was updated on the database and will be reflected on the machine. However if the user

has not casted any vote, the same will be shown as the output and the user will be allowed to

cast vote after carrying proper formalities. Parallel an update will also be sent to the

centralized database regarding this action via the same machine, to stop voter doing a re-

voting. If the user has already casted the vote, the output panel will show result as: YES, else

the output panel will show result as: NO and polling officer can update the database

regarding voter’s voting status by pressing button: “Vote Casted”, which will immediately

update the centralized database.

3. Challenges and Solutions

Challenges and scenarios which have to be addressed in this protocol.

3.1 Users’ should not be allowed to cast vote more than once at any cost

There are 2 scenario of this case:

Voter casts vote physically by going to Polling booth: In this scenario after doing a proper

verification via the provided machine, the polling officer will allow the user to cast the vote

and will update the same to the election commission centralized database immediately

Voter casts mobile vote: In this scenario, as soon as the vote reaches election commission’s

server, a backend checking will be done with the centralized database whether voter has

casted vote previously or not via any other mean. If found a case of re-voting, the vote will be

immediately discarded, else, the vote will be accepted and the user will get a confirmation

SMS on the registered mobile number. The backend database will be update immediately to

reflect the latest voting status of the voter

3.2 Security

This is the area which has to be put under special consideration. There are many levels of

security checks designed for making this protocol robust and secure.





529

3.2.1 Secure SMS

The SMS sent to user will be secured SMS. The SMS will be encrypted with a robust

symmetric encryption algorithm with a secret user’s specific symmetric key (which was

already passed to the user while activating mobile number) and digitally signed. The motive

is that even though if the SMS will get tapped, the intruder will never be able to decrypt the

SMS and thus would never be able to cast a fake vote. On receiving the secured SMS, voter

will open this via the application he/she downloaded from the Election commission’s web

site and after providing secret decryption key, voter will be able to see and reply to the SMS.

Either Election commission can develop own proprietary SMS cryptography application or

can use any robust third party solution.

3.2.2 Acknowledgment

This protocol will have a full functional acknowledgment feature, to ensure that the voting

has been casted via authorized person. If we see the format of the SMS: <Sequel Number>

<Candidates’ Name> <Candidates’ Parties’ Name> <Candidates’ Parties’ symbol>

Secret Key : <Highly robust randomly generated alphanumeric key>

The <SECRET KEY> is the one which is used to manage this acknowledgement. This secret

number will be a generated by a highly robust PRNG (Pseudo Random number generator

algorithm) and will be embedded in the SMS. Due to secure SMS, the message will be

decrypted once it will reach the right voter’s phone. After decryption the voter will use the

same number in voting reply:

<SECRET_KEY><SPACE>IM<SPACE><UID><SPACE>IS<SPACE><NUMERIC

DIGIT>

This ensures the acknowledgment over the voting. This also stops voter to vote until unless

an SMS is particularly sent to mobile by the election commission server. This feature can also

be extended to black-list mobile numbers in special cases, because user won’t be allowed to

SMS vote until unless he/she gets SMS with secret number on his/her mobile number.

3.2.3 Add-on checking

On receiving the mobile vote, the server will ensure that the vote has been sent from the same

mobile number on which the SMS was sent to stop any burglary in the mobile voting.

However this Add-on checking can be dropped to provide voters a flexible voting mechanism

where they would be allowed to vote from any mobile once they get voting SMS on their

registered mobile number.

3.2.4 Mobile Stolen Scenario

There are many ways to handle this scenario:

User can contact the election commission’s help center and after proper verification, request

to block the number can be accepted.





530

User can request election commission’s help center to register a new mobile number for

mobile-voting.

As the user is registered with mobile number not the SIM CARD number, as soon as the user

gets same number again from his/her respective mobile service company, he/she can do a

mobile voting. Moreover, as the mobile voting format consists UID of the user, which is

again a privately known number, the chances of using stolen mobile number for fake voting

is very less.

3.2.5 Miscellaneous checks

The mobile voting will be allowed as per Indian standard time and the voter won’t be allowed

to use mobile vote once the normal voting time of the area ended. Only the polling booth

manager will be allowed to query the election commission’s centralized database via the

provided machine and update the same (regarding the voting status of the voter). All other

users will simply cast votes and in a way simply updates the database.

Figure 2: The overview of the mobile voting protocol’s architecture

4. Working architecture of Mobile-Voting

4.1 Outside working architecture

The outside working architecture of this protocol is:





531

4.2 Flow Chart demonstration for Mobile-voting at various stages

Figure 3: Action flow chart for the automated election commission server for handling

Mobile-Voting





532

Figure 4: Action flow chart for voters casting mobile votes

Figure 5: Action flow chart for polling booth’s officer for allowing a manual voting after

checking the voter’s voting status for stopping any burglary





533

5. Conclusion

In our study we have found that there is a great scope of mobile voting in the current social

scenario and the above proposed protocol not only provides a starting milestone in this

direction but also opens a new room for further exploration and extending the proposed

protocol for practical usage.

6. References

1. Tandayoshi Kohno, Adam Stubblefield, Aviel D.Rubin, Dan S. Wallach (February

27,2004), “Analysis of an Electronic Voting System”, pp 12-14

2. Yang Feng, Siaw-Lynn Ng, Scarlet Schwiderski-Grosche ( June 26, 2006), “An

Electronic Voting System Using GSM Mobile Technology”, pp 2-3

3. Hari K. Prasad, J.Alex Halderman, Rop Gongriijp, Scott Wolchok, Eric Wustrow,

Arun Kankipati, Sai Krishnan Sakhamuri, Vasavya Yagati (April 29,2010) , “Security

Analysis of India’s Electronic Voting Machines”

4. Unique Identification Authority of India, Planning Commission, Government of India

(July 7, 2010), “Aadhar Handbook for Registrars”, Version 1-July 2010, pp 3-5

5. Manish Kumar, T.V. Suresh Kumar , M. Hanumanthappa, D Evangelin Geetha,

“Secure Mobile Based Voting System”, pp 324-326

6. India Elections Statistics, http://www.indian-elections.com/india-statistics.html,

accessed 19 October, 2011.

7. Wikipedia, Indian General Election 2009 , http://en.wikipedia.org/wiki/indian_

general_election,_ 2009, accessed on 19 October , 2011.

Designing and developing secure protocol for mobile …. Firstly, the user has to activate given...

Documents

Transcript of Designing and developing secure protocol for mobile …. Firstly, the user has to activate given...