GSM BASED VOTING MACHINE

Abstract

Electronic voting systems have the potential to improve traditional voting procedures by providing added convenience and flexibility to the voter. Numerous electronic voting schemes have been proposed in the past, but most of them have failed to provide voter authentication in an efficient and transparent way. On the other hand, GSM (Global System for Mobile communications) is the most widely used mobile networking standard. There are more than one billion GSM users worldwide that represent a large user potential, not just for mobile telephony, but also for other mobile applications that exploit the mature GSM infrastructure. In this paper, an electronic voting scheme using GSM mobile technology is presented.

By integrating an electronic voting scheme with the GSM infrastructure, we are able to exploit existing GSM authentication mechanisms and provide enhanced voter authentication and mobility while maintaining voter privacy.

Introduction

In democratic societies, voting is an important tool to collect and reflect people’s opinions. Traditionally, voting is conducted in centralised or distributed places called voting booths. Voters go to voting booths and cast their votes under the supervision of authorised parties. The votes are then counted manually once the election has finished. With the rapid development of computer technology and cryptographic methods, electronic voting systems can be employed that replace the inefficient and most importantly error-prone human component. To increase the efficiency and accuracy of voting procedures, computerised voting

systems were developed to help collecting and counting the votes. These include Lever Voting Machines, Punched Cards for Voting, Optical Mark-Sense Scanners and Direct Recording Electronic (DRE) voting systems.

For a variety of reasons, voters may be unable to attend voting boothsphysically, but need to vote remotely, for example, from home or whiletravelling abroad. Hence, there is great demand for remote voting procedures that are easy, transparent, and, most importantly, secure. Today, the most common way for remote voting is postal voting, where voters cast their votes by post. However, it lacks proper authentication and involves a time-consuming procedure. Internet voting was introduced to provide more flexibility. Because of the inherited security vulnerabilities of the Internet and computerised systems in general, Internet voting incurred a wide range of criticism. However, to date many pilot projects in different countries and research groups have been carried out.

we endeavour to improve mobility and address security problems of remote voting procedures and systems. We present an electronicvoting scheme using GSM. With more than one billion users1, the GSM authentication infrastructure is the most widely deployed authentication mechanism by far. We make use of this well-designed GSM authentication infrastructure to improve mobility and security of mobile voting procedures.

Security Features in GSM

GSM is a digital wireless network standard widely used in European andAsian countries. It provides a common set of compatible services and capa bilities to all GSM mobile users .

The services and security features to subscribers are listed in as subscriber identity confidentiality, subscriber identity authentication, user data confidentiality on physical connections, connectionless user data confidentiality and signalling information element confidentiality. They are summarised as follows:

Subscriber identity confidentiality is the property that the subscriber’s real identity remains secret by protecting her International Mobile Subscriber Identity(IMSI), which is an internal subscriber identity used only by the network, and using only temporary identities for visited networks.

Subscriber identity authentication is the property that ensures that the mobile subscriber who is accessing the network or using the service is the one claimed. This feature is to protect the network against unauthorised use.

Data confidentiality is the property that the user information and signalling data is not disclosed to unauthorised individuals, entities or processes. This feature is to ensure the privacy of the user information.

In our proposed GSM mobile voting scheme, communication between the mobile equipment and the GSM network uses standard GSM technology.

Hence GSM security features apply. Among which, the subscriber identity authentication feature is particularly used in the protocol. The comprehensive descriptions of above security features can be found in . Here, we only describe the subscriber identity authentication feature in greater detail.

Security Requirements for Voting Schemes

In accordance with we describe a set of voting security criteria.However, depending on different democratic requirements in different countries, and the different scales of electronic voting systems, security goals can vary. General security requirements include democracy, privacy, accuracy, fairness, verifiability and recoverability.

Democracy: All and only the authorised voters can vote, and each eligible voter can vote no more than once. Voters can also choose not tovote. To achieve democracy, voters need to be properly registered andauthenticated, and then there should be a convenient way for them tocast their votes, for example, availability of different language choices,special aid for disabled voters, and proper ways for absentee voting andearly voting.

Privacy: All votes remain secret while voting takes place and each individual vote cannot be linked by any individual or authority to the voter who casts it. This is important even if the voter herself does not care about it. In a small-scale voting system, such as a private company or an organisation, the privacy issue is paramount.

Accuracy: The voting result accurately reflects voters’ choices. In thiscase, no vote can be altered, duplicated or eliminated without beingdetected.

Fairness: No partial result is available before the final result comes out.

Verifiability: There are two notions of verifiability. The weaker one isindividual verifiability, where any voter can check that her own vote hasbeen considered in the tally. The stronger one is universal verifiability,which ensures that any party including observers can be convinced thatthe election is fair and the published tally has been correctly computedfrom the correctly cast ballots.

Recoverability: If any failure, mistake or cheating is detected, thereshould be proper methods and procedures and information availableto help recover the voting system. Recounts may take place.

Conclusion and Future Work

We proposed a GSM mobile voting scheme, where the GSM authentication infrastructure is used to provide voter authentication and improve voter mobility.

Authentication is always a difficult requirement to fulfil for remotevoting schemes, most of which apply a public-key based signature scheme for voter authentication. In our scheme, by using the existing GSM authentication infrastructure, the public-key overhead is largely reduced. Our scheme also enhances the security and provides more mobility and convenience to voters. Where the voters’ privacy is protected by applying a blind signature scheme. In this paper, we presented the basic structure and protocol of our GSM based mobile voting system.

However, further work is needed to address the importance we place inthe trust on the AC, and we are therefore investigating options for enhancing and extending the GSM mobile voting scheme. In future work, we will discuss end-user device (ME) and application security. We will also address how the voters obtain the voting application and solutions to provide the integrity of the voting application running on the ME. The Trusted Platform Module and smart card solutions will be considered.

References

[1] M. Burmester and E. Magkos. Towards secure and practical e-elections in the new era. In D. Gritzalis, editor, Secure Electronic Voting, pages 63–72. Kluwer Academic Publishers, 2003.[2] D. Chaum. Untraceable electronic mail, return addresses, and digitalpseudonyms. Communications of the ACM, 24(2):84–88, February 1981.[3] D. Chaum. Blind signatures for untraceable payments. In D. Chaum,R. Rivest, and A. Sherman, editors, Advances in Cryptology—Crypto’82, pages 199–203, New York, 1983. Plenum Press