GSM BASED VOTING MACHINE
Abstract
Electronic voting systems have the potential to improve traditional voting procedures by providing added convenience and flexibility to the voter. Numerouselectronic voting schemes have been proposed in the past, but most of them have failed to provide voter authentication in an efficient and transparent way. On the other hand, GSM (Global System for Mobile communications) is the most widely used mobile networking standard. There are more than one billion GSM users worldwide that represent a large user potential, not just for mobile telephony, but also for other mobile applications that exploit the mature GSM infrastructure. In this paper, an electronic voting scheme using GSM mobile technology is presented.
By integrating an electronic voting scheme with the GSM infrastructure, we are able to exploit existing GSM authentication mechanisms and provide enhanced voter authentication and mobility while maintaining voter privacy.
Introduction
In democratic societies, voting is an important tool to collect and reflect people’sopinions. Traditionally, voting is conducted in centralised or distributedplaces called voting booths. Voters go to voting booths and cast their votesunder the supervision of authorised parties. The votes are then counted manuallyonce the election has finished. With the rapid development of computertechnology and cryptographic methods, electronic voting systems can be employedthat replace the inefficient and most importantly error-prone humancomponent. To increase the efficiency and accuracy of voting procedures,computerised voting systems were developed to help collecting and countingthe votes. These include Lever Voting Machines, Punched Cards for Voting,Optical Mark-Sense Scanners and Direct Recording Electronic (DRE) votingsystems.
For a variety of reasons, voters may be unable to attend voting booths
physically, but need to vote remotely, for example, from home or while
travelling abroad. Hence, there is great demand for remote voting proceduresthat are easy, transparent, and, most importantly, secure. Today,the most common way for remote voting is postal voting, where voters casttheir votes by post. However, it lacks proper authentication and involves atime-consuming procedure. Internet voting was introduced to provide moreflexibility. Because of the inherited security vulnerabilities of the Internetand computerised systems in general, Internet voting incurred a wide rangeof criticism. However, to date many pilot projects in different countries andresearch groups have been carried out.
we endeavour to improve mobility and address security problems of remote voting procedures and systems. We present an electronic
voting scheme using GSM. With more than one billion users1, the GSM authentication infrastructure is the most widely deployed authentication mechanism by far. We make use of this well-designed GSM authentication infrastructure to improve mobility and security of mobile voting procedures.
Security Features in GSM
GSM is a digital wireless network standard widely used in European and
Asian countries. It provides a common set of compatible services and capabilities to all GSM mobile users .
The services and security features to subscribers are listed in as subscriber identity confidentiality, subscriber identity authentication, user data confidentiality on physical connections, connectionless user data confidentiality and signalling information element confidentiality. They are summarised as follows:
Subscriber identity confidentiality is the property that the subscriber’s real identity remains secret by protecting her International Mobile Subscriber Identity(IMSI), which is an internal subscriber identity used only by the network, and using only temporary identities for visited networks.
Subscriber identity authentication is the property that ensures that the mobile subscriber who is accessing the network or using the service is the one claimed. This feature is to protect the network against unauthorised use.
Data confidentiality is the property that the user information and signalling data is not disclosed to unauthorised individuals, entities or processes. This feature is to ensure the privacy of the user information.
In our proposed GSM mobile voting scheme, communication between the mobile equipment and the GSM network uses standard GSM technology.
Hence GSM security features apply. Among which, the subscriber identity authentication feature is particularly used in the protocol. The comprehensive descriptions of above security features can be found in . Here, we only describe the subscriber identity authentication feature in greater detail.
Security Requirements for Voting Schemes
In accordance with we describe a set of voting security criteria.
However, depending on different democratic requirements in different countries, and the different scales of electronic voting systems, security goals can vary. General security requirements include democracy, privacy, accuracy, fairness, verifiability and recoverability.
Democracy: All and only the authorised voters can vote, and each eligible voter can vote no more than once. Voters can also choose not to
vote. To achieve democracy, voters need to be properly registered and
authenticated, and then there should be a convenient way for them to
cast their votes, for example, availability of different language choices,
special aid for disabled voters, and proper ways for absentee voting and
early voting.
Privacy: All votes remain secret while voting takes place and each individual vote cannot be linked by any individual or authority to the voter who casts it. This is important even if the voter herself does not care about it. In a small-scale voting system, such as a private company or an organisation, the privacy issue is paramount.
Accuracy: The voting result accurately reflects voters’ choices. In this
case, no vote can be altered, duplicated or eliminated without being
detected.
Fairness: No partial result is available before the final result comes out.
Verifiability: There are two notions of verifiability. The weaker one is
individual verifiability, where any voter can check that her own vote has
been considered in the tally. The stronger one is universal verifiability,
which ensures that any party including observers can be convinced that
the election is fair and the published tally has been correctly computed
from the correctly cast ballots.
Recoverability: If any failure, mistake or cheating is detected, there
should be proper methods and procedures and information available
to help recover the voting system. Recounts may take place.
Conclusion and Future Work
We proposed a GSM mobile voting scheme, where the GSM authenticationinfrastructure is used to provide voter authentication and improve voter mobility.
Authentication is always a difficult requirement to fulfil for remote
voting schemes, most of which apply a public-key based signature scheme for voter authentication. In our scheme, by using the existing GSM authentication infrastructure, the public-key overhead is largely reduced. Our scheme also enhances the security and provides more mobility and convenience to voters. Where the voters’ privacy is protected by applying a blind signature scheme. In this paper, we presented the basic structure and protocol of our GSM based mobile voting system.
However, further work is needed to address the importance we place in
the trust on the AC, and we are therefore investigating options for enhancing and extending the GSM mobile voting scheme. In future work, we will discuss end-user device (ME) and application security. We will also address how the voters obtain the voting application and solutions to provide the integrity of the voting application running on the ME. The Trusted Platform Module and smart card solutions will be considered.
References
[1] M. Burmester and E. Magkos. Towards secure and practical e-elections in the new era. In D. Gritzalis, editor, Secure Electronic Voting, pages 63–72. Kluwer Academic Publishers, 2003.
[2] D. Chaum. Untraceable electronic mail, return addresses, and digital
pseudonyms. Communications of the ACM, 24(2):84–88, February 1981.
[3] D. Chaum. Blind signatures for untraceable payments. In D. Chaum,
R. Rivest, and A. Sherman, editors, Advances in Cryptology—Crypto
’82, pages 199–203, New York, 1983. Plenum Press