E-Voting System based on Blockchain Technology

PROJECT REPORT

SUBMITTED
BY

Student Name

ROLL NUMBER: XXXXXXX

UNIVERSITY NAME

Under the guidance of

MR. TEACHER
NAME

UNIVERSITY
ADDRESS
Ph: +91
34237872367237

Year 2022
 BONAFIDE CERTIFICATE

Certified that this project titled ‘Blockchain-based E-voting System’ is a

bonafide work of STUDENT NAME who carried out the research under my
supervision.

HEAD OF DEPARTMENT FACULTY IN CHARGE

(SIGNATURE WITH DATE) (SIGNATURE WITH DATE)

UNIVERSITY NAME
Acknowledgement

This document: I thank all my colleagues who provided a deep insight and
expertise that greatly assisted in the document development.

I personally thank my Professor for the assistance with the initial drafts and the
core structure of the proposal for the comments that greatly improved the
manuscript.

I would also like to show my gratitude to the University for sharing its pearls of
wisdom with me during the course of the development of this proposal. I am
immensely grateful to everyone.
 Abstract

Online voting is a trend that is gaining momentum in modern society. It has great
potential to decrease organisational costs and increase voter turnout. It eliminates the
need to print ballot papers or open polling stations—voters can vote from wherever
there is an Internet connection. Despite these benefits, online voting solutions are
viewed with a great deal of caution because they introduce new threats. A single
vulnerability can lead to large-scale manipulations of votes. Electronic voting
systems must be legitimate, accurate, safe, and convenient when used for elections.
Nonetheless, adoption may be limited by potential problems associated with
electronic voting sys- tems. Blockchain technology came into the ground to
overcome these issues and offers decentralized nodes for electronic voting and is
used to produce electronic voting systems mainly because of their end-to-end
verification advantages. This technology is a beautiful replacement for traditional
electronic voting solutions with distributed, non-repudiation, and security protection
characteristics. The following article gives an overview of electronic voting systems
based on blockchain technology. The main goal of this analysis was to examine the
current status of blockchain-based voting research and online voting systems and
any related difficulties to predict future developments. This study provides a
conceptual description of the intended blockchain-based electronic voting
application and an introduction to the fundamental structure and characteristics of
the blockchain in connection to electronic voting. As a consequence of this study, it
was discovered that blockchain systems may help solve some of the issues that now
plague election systems. On the other hand, the most often mentioned issues in
blockchain applications are privacy protection and transaction speed. For a
sustainable blockchain-based electronic voting system, the security of remote
participation must be viable, and for scalability, transaction speed must be addressed.
Voting System based on Blockchain Technology
 Table of Contents

Table of Contents 6

Introduction 8
I.1 Overview 8
I.2 Main Objective 10
I.3 Specific Objective 11
Fundamentals of Blockchain Voting: 11
Verifying Voter Identity 12
Maintaining Anonymity & the Secret Ballot 12
1. Increased Transparency in the Voting Process 13
2. Reduced Fraud & Election Rigging 13
3. Everyday Voting in Real Time 13
4. Corporate Governance & Autonomous Organizations 13
5. Increased Voter Engagement 14
I.4 Scope 14
1. Encryption 14
2. Authentication and permission 15
Security protection 15
Permission 15
I.5 Company 16

System Analysis 17
II.1 The Existing System 17
Types of Electronic Voting 17
Remote Voting System 18
Internet Voting (i-Voting) 18
SMS (Short Message Service) Voting 18
Direct Recording System 18
II.2 Vulnerabilities with the existing system 22
II.3 Blockchain-Based Voting 24
A. Evaluating Blockchain as a Service for E-Voting 30
B. Security analysis 31
C. Legal issues 31
Project Summary 50
V.1 Summary 50
V.2 Futures Works 50
V.3 References 51
 Introduction

In every democracy, the security of an election is a matter of national security.

The computer security field has for a decade studied the possibilities of
electronic voting systems, with the goal of minimizing the cost of having a
national election, while fulfilling and increasing the security conditions of an
election. From the dawn of democratically electing candidates, the voting
system has been based on pen and paper. Replacing the traditional pen and
paper scheme with a new election system is critical to limit fraud and having the
voting process traceable and verifiable.

Electronic voting machines have been viewed as flawed, by the security

community, primarily based on physical security concerns. Anyone with
physical access to such a machine can sabotage the machine, thereby affecting
all votes cast on the aforementioned machine.

Electronic voting (also known as e-voting) is voting that uses electronic means
to either aid or take care of casting and counting votes.

A worthy e-voting system must perform most of these tasks while complying
with a set of standards established by regulatory bodies, and must also be
capable to deal successfully with strong requirements associated with security,
accuracy, integrity, swiftness, privacy, auditability, accessibility,
cost-effectiveness, scalability and ecological sustainability.

Electronic voting technology can include punched cards, optical scan voting
systems and specialized voting kiosks (including self-contained direct-recording
electronic voting systems, or DRE). It can also involve transmission of ballots
and votes via telephones, private computer networks, or the Internet.

In general, two main types of e-voting can be identified:

​ e-voting which is physically supervised by representatives of governmental
or independent electoral authorities (e.g. electronic voting machines located
at polling stations);
​ remote e-voting via the Internet (also called i-voting) where the voter
submits their votes electronically to the election authorities, from any
location.
 BLOCKCHAIN+VOTING = BLOCKCHAIN BASED
VOTING SYSTEM

​ +
After 2000, voting machine problems made international headlines. The
government appropriated money to fix the problems nationwide. Unfortunately,
electronic voting machines although presented as the solution have largely made
the problem worse. This doesn’t mean that these machines should be
abandoned, but they need to be designed to increase both their accuracy, and
peoples’ trust in their accuracy. This is difficult, but not impossible.

Before we can discuss electronic voting machines, we need to explain why

voting is so difficult. Basically, a voting system has four required
characteristics:

1. Accuracy. The goal of any voting system is to establish the intent of each
individual voter, and translate those intents into a final tally. To the extent
that a voting system fails to do this, it is undesirable. This characteristic
also includes security: It should be impossible to change someone else’s
vote, ballot stuff, destroy votes, or otherwise affect the accuracy of the
final tally.
2. Anonymity. Secret ballots are fundamental to democracy, and voting
systems must be designed to facilitate voter anonymity.
3. Scalability. Voting systems need to be able to handle very large elections.
One hundred million people vote for president in the United States. About
372 million people voted in India’s June elections, and over 115 million
in Brazil’s October elections. The complexity of an election is another
issue. Unlike many countries where the national election is a single vote
for a person or a party, a United States voter is faced with dozens of
individual elections: national, local, and everything in between.
4. Speed. Voting systems should produce results quickly. This is particularly
important in the United States, where people expect to learn the results of
the day’s election before bedtime. It’s less important in other countries,
where people don’t mind waiting days or even weeks before the winner is
 announced.

Through the centuries, different technologies have done their best. Stones and
pot shards dropped in Greek vases gave way to paper ballots dropped in sealed
boxes. Mechanical voting booths, punch cards, and then optical scan machines
replaced hand-counted ballots. New computerized voting machines promise
even more efficiency, and Internet voting even more convenience.
More Information:

Voting whether conducted through the traditional ballot or via electronic

means forms the basis on which democracy depends. With the rise in
technological impact on the youth of the country and the various anomalies
faced by the current electoral process,using technology to modify the
existing process is necessity of the hour.However for any new technique to
take the place of current voting system,the said system needs to satisfy
certain minimum criteria.Electronic Voting has taken center place in research
with the intention of minimizing the cost associated in setting up the voting
process,while ensuring the electoral integrity is maintained by fulfilling
privacy,security and compliance requirements.

The current method ,whether electronic or not has proved to be

unsatisfactory with respect to transparency.It can be very difficult for the
voters to be assured that the vote he/she has casted during the election
reflects in the election result.Electronic voting using Direct Recording
Electronic do not generate receipt on successful casting of votes.No record
of election except vote count is made public by the government,which means
that the voters are not assured of any external interference in case of
government conducting the process of vote recounting[2].Replacing the
traditional method with electronic method using Blockchain technique has
the ability to prevent potential frauds that may take place during election.

Blockchain technology is a distributed network of interconnected nodes.A

copy of distributed ledger is assigned to each node,each of which contains a
complete history of all the transactions that have been processed by the
network. Each transaction processed generated a hash.The hash created
depends not only on the current transaction but also on the hash of the
previous transaction.Thus any small change on the data will impact the hash
of the transaction. If a transaction is approved by a majority of nodes it is
written to the block.This allows the users to remain autonomous while using
the system. A basic analysis of Blockchain suggests that it provides the
potential of making the voting process more secure and reliable.

A blockchain, originally block chain, is a growing list of records, called blocks,

that are linked using cryptography. Each block contains a cryptographic hash of
the previous block, a timestamp, and transaction data (generally represented as a
Merkle tree).

By design, a blockchain is resistant to modification of the data. It is "an open,

distributed ledger that can record transactions between two parties efficiently
and in a verifiable and permanent way". For use as a distributed ledger, a
blockchain is typically managed by a peer-to-peer network collectively adhering
to a protocol for inter-node communication and validating new blocks. Once
recorded, the data in any given block cannot be altered retroactively
without alteration of all subsequent blocks, which requires consensus of the
network majority. Although blockchain records are not unalterable,
blockchains may be considered secure by design and exemplify a distributed
computing system with high Byzantine fault tolerance. Decentralized consensus
has therefore been claimed with a blockchain.

I.1 Main Objective

In this current paper we shall present how the blockchain technology can
overcome, improve and make the e-voting system efficient than ever.
Since each country has different laws and implementations, proposing a
definitive structure is almost impossible. The suggested solution in this paper is
specifically for problems of conventional paper elections in Democratic
Republic of Congo. Despite the solution is specific to one country, it may be
taken as a general application, and can be customized to other countries.
Security and privacy of votes and voters and the speed of counting votes and
announcing the results are discussed in the solution.

There are some attempts to remove problems of traditional election system.

These attempts try to benefit from online systems to automate the whole
process. Electronic voting was used in elections of Austrian Federation of
Students in 2009 and in some elections in Switzerland. Although e-voting
makes selection operation easy, privacy and security worries still continue. To
dissipate problems of both conventional and e-voting elections, e-voting can be
improved using Blockchain mechanism. Blockchain has impressive features to
overcome troubles of voter’s security, privacy and data integrity of votes.

Blockchain is an inalterable and an easy confirmable system. Under favor of

these qualifications, Blockchain has a significant potential to be an alternative to
traditional elections.
It brings smart solutions to central authority problem in terms of all blocks
having all data in the chain. Also, it is impossible to change an information in a
block since it is discerned by other blocks which have whole data.
Consequently, Blockchain increases the security of information by keeping the
entire data in all blocks, and removes the need for an official center to provide a
secure election. As mentioned before, counting votes and making election
results publicly available takes considerable time. Blockchain solves this
problem by its nature. Since the last node on the chain keeps all information, it
is enough to look for only the last node for the results. This reduces the waiting
time dramatically. Thus, incomplete and official results are explained at the
same time. The Blockchain will allow the government of the Democratic
Republic of Congo to manage efficiently to voting system

I.2 Specific Objective

Fundamentals of Blockchain Voting:

Blockchain voting is similar to analogue voting that we’re used to. The same
concepts and processes apply. In order to cast a digital vote, a citizen would
need to register and prove their citizenship in a given jurisdiction. We could
then record that identity and citizenship on the blockchain associated with that
user’s key.

Next, a citizen needs a ballot to cast a vote. In the blockchain, this would likely
take the form of a special voting token that would be deposited in the user’s
account. This token would also likely have a time limit in which it could be
used to vote, after which it would burn itself via a smart contract or become
useless.

Casting a vote on the blockchain would involve sending the voting token (the
ballot) to a specific address. Voters would know which address aligns with
which candidate or referendum. Sending a token to that address would represent
a vote.

Technically, that sounds simple enough. The vote gets registered on the
blockchain where its immutable, verifiable, and transparent. We can easily
count up the votes to declare a winner to the election. In addition, we can build
nice user interfaces that automate and hide the process of sending a token to a
specific address. Instead, voters would see a simple online interface for them to
select a candidate or proposal and click submit.
 Verifying Voter Identity:

If that first explanation sounded simple and you wonder why we’re not voting
on the blockchain already, just hold on. It’s actually a lot more complicated than
that. There are a lot of issues that need a resolution first.

One major issue is verifying voter identity. In order for blockchain voting to
work, we need a system that prevents people from voting more than once or
voting in an election where they’re not a citizen. That gets tricky on the
blockchain because it relies on a central authority to verify citizenship or
residency documentation.

A blockchain solution would likely rely on submitting passport or driver’s

license scans. Then that identity might be connected with a mobile device via a
password and two-factor authentication or biometrics (like a fingerprint). The
idea is to verify that the person who submitted the citizenship documents is the
same person who is actively at the computer or smartphone at the time of the
vote.

Maintaining Anonymity & the Secret Ballot:

Once we’ve verified identity and eligibility to vote, however, we need to

separate it from the ballot itself. Importantly, one of the key parts of democracy
is the secret ballot. Nobody should know how you voted so they can’t influence
your vote in any way.

With blockchain voting, the information that registers on the blockchain

shouldn’t include identifiable information. This means that information about
the sender of the voting token has to be hidden. There are different ways to
accomplish this, including zero knowledge proofs, ring transactions, or various
encryption methods. Each has its benefits, drawbacks, and technical challenges.
True anonymity at the same time as verified identity is the big challenge of
blockchain voting.

Cybersecurity experts generally agree that blockchains are unhackable (with the
right network size and consensus algorithm). Logic proofs and statistics indicate
that it becomes increasingly unlikely that a block can be compromised once the
network confirms it. However, the
anonymity needed for voting is more difficult to secure and be certain that it
won’t be compromised.

1. Increased Transparency in the Voting Process

The biggest benefit of blockchain voting is increased transparency. Right now,

once you cast your vote, you don’t really know what happened to it. You trust
the poll workers to count it correctly. However, there’s no way to be sure that
your vote counted.

On the blockchain it could be possible to track your vote and see that it ended
up in the right place. Even though it wouldn’t have your information tied to it,
your vote would exist on the blockchain for all of history.

2. Reduced Fraud & Election Rigging

A side effect of increased transparency is reduced fraud. It becomes harder to

cheat the system or vote in the wrong jurisdiction with blockchain identity
verification. Moreover, in countries where dictators rig elections, the
blockchain could bring true democracy. Of course, initiating a blockchain
voting system requires buy-in from the current government. However, over time
blockchain could become an international voting standard, with the world
community advocating for blockchain governance in all nations.

3. Everyday Voting in Real Time

If blockchain makes voting transparent, then we can follow and tally votes in
real time. This means that elections can happen on a much shorter time span.
Additionally, if they are digital, they require less investment in polling
infrastructure. As a result, elections could be held with a short lead time to vote
on a referendum quickly.

This could completely change daily life. Imagine if you could vote on your
phone on how traffic in your city would be routed today or whether to increase
taxes to pay for a new park in your community. Voting could become highly
targeted, even neighborhood specific. There would be little overhead to voting
more often, possibly making voting a daily occurrence.

4. Corporate Governance & Autonomous Organizations

The Governments aren’t the only institutions that could benefit from blockchain
voting. Employees or shareholders could vote for initiatives within a company
as well. It’s possible to even imagine ownerless businesses where every decision
is an open vote from shareholders.
 5. Increased Voter Engagement

A big advantage of blockchain voting could be increased engagement. If

blockchain makes digital voting possible from your smartphone or computer,
voting becomes as easy as logging in and casting your ballot in just a few
minutes. This would likely increase voter turnout drastically, leading to more
direct democracy. Alternatively, it could lead to voting fatigue, where voters
realize they liked electing representatives to worry about policy for them.

I.3 Scope

1. Encryption
When a block stores new data it is added to the blockchain. Blockchain, as its
name suggests, consists of multiple blocks strung together. In order for a block
to be added to the blockchain, however, four things must happen:

1. A transaction must occur. Let’s take the example of an impulsive Amazon

purchase. After hastily clicking through multiple checkout prompt, you
go against your better judgment and make a purchase. In many cases a
block will group together potentially thousands of transactions, so your
Amazon purchase will be packaged in the block along with other users'
transaction information as well.
2. That transaction must be verified. After making that purchase, your
transaction must be verified. With other public records of information,
like the Securities Exchange Commission, Wikipedia, or your local
library, there’s someone in charge of vetting new data entries. With
blockchain, however, that job is left up to a network of computers. When
you make your purchase from Amazon, that network of computers rushes
to check that your transaction happened in the way you said it did. That
is, they confirm the details of the purchase, including the transaction’s
time, dollar amount, and participants.
3. That transaction must be stored in a block. After your transaction has
 been verified as accurate, it gets the green light. The transaction’s dollar
amount, your digital signature, and Amazon’s digital signature are all
stored in a block. There, the transaction will likely join hundreds, or
thousands, of others like it.

4. That block must be given a hash. Not unlike an angel earning its wings,
once all of a block’s transactions have been verified, it must be given a
unique, identifying code
 called a hash. The block is also given the hash of the most recent block
added to the blockchain. Once hashed, the block can be added to the
blockchain.

When that new block is added to the blockchain, it becomes publicly available
for anyone to view even you. If you take a look at Bitcoin’s blockchain, you
will see that you have access to transaction data, along with information about
when (“Time”), where (“Height”), and by who (“Relayed By”) the block was
added to the blockchain.

2. Authentication and permission

In order to prevent illegal devices accessing the e-Voting system, we use public
key cryptography to authenticate the system entities. The biggest difference is
that we introduce a peer-to-peer authentication methodology without third party
based on blockchain.

Security protection

In the e-voting system, ensure the reliability of the voters’ devices provides
security protection. Even if a device has passed the authentication of other
nodes, it still has the risk of being attacked by malicious users due to software
or system vulnerabilities during the execution of the task. The intruder usually
will modify the network entity to leave a backdoor in the device to prepare for
subsequent infiltration and modify the key configuration file in the device and
cause damage to the entire network. In order to discover potential intrusions
quickly, we regularly verify that whether critical data have been tampered with.

Permission

1)Enrollment Control

We use a permission chain with access control rights ensured by the system
administrator for the proposed system. A device needs to register in blockchain
before it accesses to the network. The access control layer in the permission
chain ensures that only devices with legal identities can register information in
the blockchain.

2)Secure Channel

For simplicity, we assume a secure information channel to avoid

man-in-the-middle attacks (MITM). It means that no third party can intercept
and modify messages. This secure channel
is mainly used to ensure the integrity of the information. Nodes can
communicate with each other and verify information reliably.

3)Fast Synchronization

When a device registers in the blockchain, it only needs to request the ledger
from a small number of nodes rather than performing long-term synchronization
of block data. The nodes for synchronization are selected randomly, so we can
assume that these nodes are trustworthy.

I.4 Company

This paper evaluates the use of blockchain as a service to implement an

electronic voting (e- voting) system. The paper makes the following original
contributions: (i) research existing blockchain frameworks suited for
constructing blockchain based e-voting system, (ii) propose a blockchain-based
e-voting system that uses “permissioned blockchain” to enable liquid
democracy.

The reminder of this paper is organized as follows: In chapter II, we discuss the
System analysis: we shall look at the existing issues with the current system,
how to fix them with using blockchain technology, the feasibility and the
development requirement. In chapter III, we present our blockchain based
e-voting system, we discuss some of the security and legal considerations and
limitations regarding designing an electronic voting system for national
elections, the flow chart and the E-R diagram.
 Chapter II: System Analysis

The Existing System

The Electronic Voting (e-Voting) has effectively replaced the traditional

paper-based voting system. The Electronic Voting System aids the voter to cast
his vote through a digital or an electronic medium. The Electronic Voting is
implemented through Electronic Voting Machines (EVM), Short Messaging
Service (SMS) using Smart Phones, Remote or Internet Voting (i- Voting) over
Internet, etc.
Electronic Voting is a system which helps the voter to record his choice for a
particular candidate securely and privately. The e-voting system is an integrated
system designed using a micro controller which generates the results based on
the opinion of the people

The Election process is made simple using Electronic Voting System. The first
procedure involves logging into the website with the voters registered details.
Then the user or voter selects a candidate according to his personal choice. This
is called submission of ballots digitally. The system records the details and
stores the voter’s information in the database and computers help in counting
and displaying voter’s results.

Most popular type of Electronic Voting includes Electronic Voting Machines

(EVM) and recording votes via telephones, private computer networks, or the
Internet (i-Voting) using a smart phone.

Types of Electronic Voting

There are different types of Electronic Voting namely:

● Remote Voting System

● Direct Recording System
 Remote Voting System

A Remote Voting System can be of two types. They are:

​ Internet Voting
​ SMS Voting

Internet Voting (i-Voting)

Internet Voting is a type of e-Voting done remotely via internet. In this system
the voter can participate from any location. Few countries like France,
Switzerland, Estonia use Internet Voting (i-Voting) for National Level Elections.
Internet Voting is also popular among television shows.

SMS (Short Message Service) Voting

SMS voting system is used in popular television shows where the audience
votes by sending SMS to a specific number. Mobile Phones are used to send an
SMS.

Direct Recording System

Poll-Site Voting using Electronic Voting Machines (EVM’S) is a popular

example of Direct Recording System. Till now, 21 countries have used EVM for
national level polls such as United Kingdom (UK), Australia, France, Germany,
Canada, India, Italy, Belgium, Brazil, Estonia, Namibia, Netherlands, Norway,
Peru, Romania, Switzerland, Venezuela , Philippines.
06 out of 21 countries are still using EVMs for the polls. India is one such
country. The Election Commission of India collaborated with Bharat Electronics
and Electronics Corporation of India
Ltd to design and devise an effective, faster and reliable Electronic Voting
System and thus first Electronic Voting Machine came into existence in the year
1982.

The EVM’s are used in National Elections and the participant has to go to the
specific location called the voting booth to cast his vote. The entire process is
supervised by Government Electoral Authorities. EVM displays a list of names
of candidates and the user selects his preferred candidate by pushing the button
against the name. The LED glows and selection is displayed on the screen
which confirms the choice of the user.

Different parts of world have reacted differently to the use of EVMs. North
America and some parts of Europe have shown a decreasing interest to EVMs
whereas South America and Asia have shown a rapid growth in interest towards
EVM technology.

How does Electronic Voting work?

Architecture of both EVM (Direct Recording System) and Internet (Remote)

Voting System is discussed in detail.

EVM (Direct Recording) System Architecture

The Electronic Voting Machine System consists of the following components:
​ Power Unit
​ Voting Unit
​ Control Unit
​ Display Unit
​Confirmation Unit
Power Unit

Generally, Power Unit consists of a Voltage Regulator as it requires fixed output

voltage regardless of varying input voltage.

Voting Unit
Voting Unit consists of Resistors connected to press buttons. The user selects his
candidate by pressing the button against the name displayed.

Control Unit

Micro controller is used as the Control Unit which stores the voters data. This
unit consists of a CPU, RAM, ROM, I/O Ports and Timers.
Display Unit

Display Unit is Liquid Crystal Display (LCD). When the user pushes a button
on the EVM, the result is displayed on the Display Unit which is in textual
format.

Confirmation Unit

Buzzer and LED forms the Confirmation Unit. Once the button is pushed by the
User on the Voting Unit, Buzzer beeps and LED glows indicating that a
particular button is selected which acts as a Confirmation to the User. Buzzer is
an audio-signaling device which produces sound in the range of 2-4 KHz. LED
is a semiconductor device which acts as a light source.

Internet Voting System (Remote Voting) Architecture

Internet Voting or Online Voting System helps the users to cast their vote from
internet connected computer or a mobile anywhere in the world. In this system,
the voter’s login to the specific website and their identity is authenticated. It is
followed by voting process. Once the process is completed, the user logs off
from the system.

Online voting increases the voter’s participation and it is easier than the poll site
voting.
The database contains voter’s information like Name, Age, Telephone Number
etc. It is responsible for collecting, storing and maintaining the data.

Server
The server is responsible for authentication of the user based on the details entered
by the user.

Mixnet
Mixnet is mixed networks that are a set of protocols that aids in Encrypted
communication by using a chain of proxy servers called as Mixes which take in
messages, shuffle and send them randomly to the next destination.
Decryption Mixnet involves decrypting messages by using private key and the
message order is shuffled by the node and transmits the result to the next node.

Tallying and Result Consolidation:

The completion of voting process is followed by Result consolidation after the
tally process of votes.
 Vulnerabilities with the existing system

Technology is transforming democracy on a lot of different levels, and they’re

not entirely connected. But they all create vulnerabilities in the way that society
forms political opinions, expresses those opinions and translates them into
election results.

One form of Russian meddling in the 2016 election, for example, was social
media campaigns, which affect political discourse at the level of opinions
formed by individuals. But the second prong the hacking into campaigns, like
John Podesta’s e-mail was just so sinister in the way it was picking only on one
side. That gets to the very roots of how open societies traditionally rely on
information gathering and the media in order to make sound political decisions.

And then there’s the third form of hacking: going after the machinery of
elections, the infrastructure, polling places, voter registration systems, etcetera.
That’s where most of my work has been.

No research group had ever had access to a U.S. voting machine in order to do a
security analysis, and an anonymous group offered to give us one to study. Back
then there was quite a dispute between researchers who hypothesized there
would be vulnerabilities in polling place equipment and the manufacturers that
insisted everything was fine.

It has moved away from a position of hubris. Now that there have been major
academic studies there is scientific consensus that here will be vulnerabilities in
polling place equipment.

Sometimes the risks or probable failure modes of new technology are totally
foreseeable. And that was certainly the case in voting. As paperless computer
voting machines were being introduced, there were many computer scientists
who before anyone had even studied one of these machines directly were
saying, “This just isn’t a good idea to have elections be conducted by,
essentially, black box technology.”

On the other hand, the ways in which these failures will be exploited and the
implications of that exploitation are sometimes a bit harder to foresee. When we
did the first voting machine study 10 years ago, we talked about a range of
different possible attackers, dishonest election officials and corrupt candidates.
But the notion that it would be a foreign government cyber- attack, that that
would be one of the biggest problems to worry about well, that was pretty far
down on the list. Over the past 10 years cyber warfare went from something that
seemed like science fiction to something you read about every almost every day
in the newspaper.

2016 really did change everything. It taught us that our threat models were
wrong. we think it caught much of the intelligence community off guard, and it
caught much of the cybersecurity community off guard. It was surreal to see
Russia get so close to actually exploiting the vulnerabilities to harm us.

One possibility is that attackers could infiltrate what are called

election-management systems. These are small networks of computers operated
by the state or the county government or sometimes an outside vendor where
the ballot design is prepared.

There’s a programming process by which the design of the ballot the races and
candidates, and the rules for counting the votes gets produced, and then gets
copied to every individual voting machine. Election officials usually copy it on
memory cards or USB sticks for the election machines. That provides a route by
which malicious code could spread from the centralized programming system to
many voting machines in the field. Then the attack code runs on the individual
voting machines, and it’s just another piece of software. It has access to all of
the same data that the voting machine does, including all of the electronic
records of people’s votes.

So how do you infiltrate the company or state agency that programs the ballot
design? You can infiltrate their computers, which are connected to the internet.
Then you can spread malicious code to voting machines over a very large area.
It creates a tremendously concentrated target for attack.

As Bruce Schneier describes it, technology adds more steps to the process and
thus increases the possibility of error with each additional step, all of which are
largely unseen by the voter. Put Murphy’s Law of ‘whatever can go wrong, will
go wrong’ into play, and one can surmise that technology will most likely falter.
Not only does the technology create more errors in the electronic workings, but
the voters can also commit mistakes due to confusion with the user interface.
The terminology is confusing, different machines produce different interfaces,
and even the audio guides to help the disabled may prove more confusing than
helpful.

With the advent of electronic machine voting also comes the higher possibilities
of fraudulent machines and practices. First of all, the technology is “black box
software,” meaning that the
public is not allowed access into the software that controls the voting machines.
Although companies protect their software to protect against fraud (and to beat
back competition), this also leaves the public with no idea of how the voting
software works. It would be simple for the company to manipulate the software
to produce fraudulent results. Also, the vendors who market the machines are in
competition with each other, and there is no guarantee that they are producing
the machines in the best interest of the voters and the accuracy of the ballots.

Lastly, vote accuracy is also an issue, because voters have no way of confirming
their vote, and there is also no way of conducting a recount with
direct-recording electronic (DRE) in the current system voting. With DRE, there
is no paper trail, no verification, and thus no scrutiny of the processes. Voter
anonymity is also a problem. Voters have to provide much of their personal
information to the systems for voter verification, and with that comes the
problem of keeping voter information safe and keeping voters anonymous.

Blockchain-Based Voting

Considering today’s technology, blockchain may create one of the most

prominent alternatives to traditional voting in terms of security, consistency and
speed. While designing a chain for voting in a crowded country, the system
should be secure. Many aspects should be considered in order to construct a
secure blockchain-based election system. First factor is human for such a
system. In the solution, human interference is absolutely prohibited.

The proposed system will be consisting of nodes (computers in design) that is

closed to human interference. Any input that cannot be considered as vote will
be ignored in this system. For such a system, stealing votes or changing votes
are totally blocked. Second issue is saving system from hackers. In order to
manipulate votes, hackers need to enter the system as a citizen at proposed
solution. Also, it is guaranteed that a citizen can only vote for one time. When
citizen cast a ballot, e-government system will be informed without revealing
any information about vote. Then, e-government system marks that person as
voted. Since the system takes electorate data from e-government, it is not
possible for a marked person to vote again. Although a hacker is obtained the
citizen information and entered to the system, he cannot vote more than one
time.

In a blockchain system, every transaction is related to the previous one. So,

changing an accepted transaction is impossible for such a system. Due to the
consistency of the blockchain,
data will always be consistent and voting will be reliable. In a case of
manipulation of the system such as changing votes or stealing votes, other
connected nodes will already be synchronized. So, the changed data will be
identified instantly. Details of the system will be explained below after the use
case diagram and explanation of it.

As you can see in the Fig. 1, standard use case of the election system is about
the citizen and government. Government in this system only provides the
authorization of using a leveled architecture are explained below in detail.
Furthermore, consensus of the system is satisfied using DPoS algorithms.

If the whole country would have been represented with a single blockchain,
synchronization of the system would have a performance issue due to
abundance number of ballots and the distance between voting centers. Distance
in connected systems is always cause to latency. For a system that includes all
the country under the same blockchain, latency between two voting centers
would be a big problem, because for instance for Turkey, expected latency
would be around 100 ms at least. This is a huge value for a system that consist
of ten thousand of centers and there would be voting at each center
simultaneously. In this case, synchronization of the system would take lots of
time. So, in order to decrease latency, chains are distributed over levels. From
lowest level to highest level, there will be different chains at each level, and
connections between levels will be provided with a secure system.

At the lowest level, there will be a chain that consist of nodes (machines / voting
centers) where citizens will perform their voting about election. Due to the
relatively less number of nodes in the system, synchronization will take
affordable amount of time at the lowest level. When the number of nodes is
arranged in a good pattern (i.e. there will not be overload at the chains that will
cause enormous latency), system will perform well. Citizen will go to the center
and will enter the system with the identity that is provided by the government.
We considered to build a system that is working on the citizens who can vote or
prevention of the citizens who already voted for that election. Also, government
and citizens determine the candidates that will be participating in that election.
The ballot box information, candidates and citizen ballot box relation will be
provided by the government which is the trusted party in the elections. After
citizen’s vote, it is added to the blockchain that we will be proposed below and
any vote has a guarantee from the system about being immutable. Since a chain
contains all the citizen votes anonymously at the end of the election, the official
results will be announced within minutes
after the election terminates. Any concerning third party can get the chain and
count the votes for being sure that voting is really trusted.
We propose a system that has a leveled structure. There will be different number
of levels in that system according to necessities of the country. In order to
provide a fast, consistent and secure system, system is designed in a leveled
architecture. This number will change from country to country according to
features of the country. Reasons behind government’s system that will hold the
data about citizen for specified voting. If a citizen has not voted yet, citizen will
be able to vote one of the candidates. Candidates’ will be hold in a database that
will also be stored at government related system, because they are already hold.
When the authentication process is satisfied, citizen will vote with choosing one
of the proposed candidates or blank vote for those who do not want to vote one
of the candidates. In this system, proposed candidates will be taken from
database that includes relation between ballot boxes and candidates. Thus, there
will be only appropriate candidates. It can be the government of any country, in
our case it’s the Democratic Republic of Congo government. We will be using
e- devlet system. Since most of the authentication system used across the
government related systems are managed by e-government system, it will not be
hard to implement this system relying on this system. When the user passes the
authentication phase, citizen will see whether he has voted previously or not. If
citizen has not voted yet, citizen will choose desired candidate according to the
steps explained above.
At the second lowest level, there will be a cluster of chains that stores data that
are coming from below level. In this level, facilities of blockchain technology
are used to make system consistent. We considered that 2 levels will be enough.
The system at the second level can have about 700 nodes considering population
of the country. That brings a huge performance improvement to the system
because the number of connected nodes decrease in this structure in a
considerable amount. Additionally, if the node numbers at the 2nd or upper
levels are increased, performance increases exponentially. For a country, which
has more citizens, level number can be increased in order to decrease collisions
between transactions. Consequently, system can be considered as a scalable
system.

Communication between levels are ensured using communication protocols.

This communication is need to be done periodically. So, there will be a time
delay between synchronization of levels. Because, if each vote was considered
instantly, there would be a huge bottleneck. This synchronization will provide
consistency through the system. For a country such as DR Congo, according to
our calculations, this synchronization time should be
5 minutes. That means, at the end of each 5 minutes period, each node cluster
will send the chain data to the upper level node. At this level, data will be
synchronized between nodes using a different synchronization algorithm. For
this level, we designed an algorithm explained below. You can see the
visualization for this two-leveled example in Fig. 2. As you can see there are
voting centers which are using same blockchain in their selected area. Also, you
can think the voting centers as numerous voting machines but for the sake of
simplicity we represent them as voting centers. Moreover, you can see that level
1 nodes are using the same blockchain among the level 1 nodes.

It is stated that vote centers are nodes of blockchains. There will be a file at
each node (voting center) that stores the number of data that indicates the
number of votes accepted from upper level at previous synchronization step. At
every specified time intervals, voting will be stopped for a very short time
period in order to synchronize blockchain data between levels. When the data is
arrived to upper level from lower chain nodes, it will be checked in order to
satisfy consistency. If the consistency of the data is ensured, answer will be a
flag that indicates the data is accepted. At this point, nodes at the level 0 will be
waiting an answer from level 1 (and level 1 from level 2, so on). If arrived flag
tells the votes are accepted, the files at each node (voting centers) will be
updated. So, nodes at the lowest level of one of two levels will always know
that how many votes have been accepted at above level. Additionally, data will
be added to blockchain at the level that the data is arrived (if the communication
is between level 0 level 1, indicated level here is level 1). This data will be
considered as a transaction block, that means all the new votes (votes coming
after from the previously added votes) are considered as a vote cluster and
considered as array in computer scientific terms. This vote cluster will be a
block that will be added to chain.
At the synchronization phase, if the data coming to the upper level from
different machines are inconsistent, that will be a case that should be considered
with a care. In this case, if the consensus could not be satisfied, the data will not
be accepted from highest level of the two levels and the “decline” flag will be
sent to the lower one. In this case, same data should be sent to the upper level
again. Until the consistency is satisfied, this procedure will be continued, and
with this procedure, consistency will be satisfied at each level.
It is stated above that the all nodes at the lower levels know that the data is
accepted if the answer states, so, they can continue working. But in order to
satisfy consistency through the system, delays between synchronizations should
be arranged very carefully. If the delay between levels becomes a small amount
of time, the time spent for synchronization may grow
much. On the contrary, if the delay becomes a big amount of time, the data that
will be sent between levels takes an enormous size and to transfer this data
becomes a problem. So, in order to not bottleneck the system, this delay
between levels should be chosen carefully. With the well-designed
synchronization times between levels, a high performance providing consistent
system would be obtained.
Block structures in levels can be seen below. The election related data are stored
in block as shown below through the system. As seen in Fig 3. and Fig 4. we
propose two types of blocks: one is for building blockchain at the lowest level
of the architecture, that stores candidate info, ballot box info, a “nonce” field
that will be used for hashing and a prev_hash info that will be used when
creating block that will be added to the blockchain, and other one is consisting
of two fields: one is prev_hash field that will be used in order to build
blockchain and other one, “lotb” keyword that indicates list of the blocks.
Attribute “nonce” is a state of art in the blockchain technology which provides
additional security to each hash. For each chain, you select a pattern such as
“hash must start with 4 trailing zeros”, while creating hash from the block
system look to the hash pattern if it does not fit the pattern then it changes the
“nonce” string until hash pattern is valid for the chain. It requires more
computational power because it will run hash algorithm multiple times until
pattern is matched but it also increases the security since if any malicious party
create a hash and try to add that block to the chain, it also has to know the hash
pattern. Since chain pattern will be different for each election, third parties
cannot predict or create a hash that can be accepted.
 Figure 3: Block structure at level 1 or more

Figure 4: Block structure at level 0 (lowest level)

At the lowest level (level 0), each block will be consisting of one transaction
and at each block, whole related information about transaction (in proposed
e-voting case, this block indicates a vote) are stored. At the upper levels, the
votes coming from one below level are stored in clusters that is sent through
different time segments, and all of them are stored as a monolith
structure. When this data is arrived, a new block is processed with the
prev_hash data and added as a block to the blockchain at described level. When
a new block is being tried to add to the chain, according to the Delegated Proof
of Stake of Etherium, it is added and data consistency is satisfied. Adding block
to the chain is very costly operation. Therefore, there are some implementations
and research about this operation. In Ethereum based Smart Contracts system
has been discussed for different purposes. Researchers think that smart contracts
can be applied in e-voting and this project implements Smart Contracts. Smart
Contracts reduce the cost of the transactions and it does not rely on a third party
to operate. Turing-completeness feature of the Ethereum allows to create
customized and more powerful contracts

Feasibility and development requirement

In this paper, we consider existing electronic voting systems, blockchain-based

and non- blockchain-based, and evaluate their respective feasibility for
implementing a national e-voting
system. Based on this, we devised a blockchain-based electronic voting system,
optimizing for the requirements and considerations identified. In the following
subsection, we start by identifying the roles and component for implementing an
e-voting smart contract then, we evaluate different blockchain frameworks that
can be used to realize and deploy the election smart contracts. In the last
subsection, we will discuss the design and architecture of the proposed system.

A. Evaluating Blockchain as a Service for E-Voting

Table III shows a comparison between the three blockchain frameworks that we
consider for implementing and deploying our election smart contracts. Those
are Exonum, Quorum and Geth.
TABLE III: Framework Evaluation

Exonum Quorum Go-Ethereum

Consenus Custom-built QuorumChain PoW, PoS and PoA
BFT and Raft- based
algorithm consensus
Transaction p/s up to 5000 Dozens to Depends
transactions p/ hundreds
Private support Yes Yes Yes
Smart Contract Rust Solidity Solidity
Language
Programming Rust Go, C, JavaScript Go, C, JavaScript
Language
Decentralized Yes Partially Optional

1) Exonum: Looking at the Exonum blockchain, it is robust end to end

with its full implementation done with the programming language Rust.
Exonum is built for private blockchains. It has a customized Byzantine
algorithm that is used to achieve consensus in the network. With that
consensus algorithm, Exonum can support up to 5000 transactions per
second. Unfortunately, the limitation of the framework is that Rust is the
only programming language in the current version, which limits the
developers to the constructs available in that language. To solve this
limitation, Exonum is planning to introduce Java- bindings and
platform-independent interface description to make Exonum more
developer- friendly in the near future.
2) Quorum: Is an Ethereum-based distributed ledger protocol with
transaction/contract privacy and new consensus mechanisms. It’s a Geth fork
and is updated in line with Geth releases. Quorum changed up the consensus
mechanism and aimed more towards
consortium chain-based consensus algorithms. Using this consensus allows it
to support from dozens to hundreds of transactions per second.
3) Geth: Go-Ethereum or Geth is one of three original implementations
of the Ethereum protocol and it runs smart contract applications exactly as
programmed without possibility of downtime, censorship, fraud or
third-party interference. This framework supports development beyond the
Geth protocol, and is the most developer-friendly framework of the
frameworks we evaluated. The transaction per second (transaction rate) is
dependent on whether the blockchain is implemented as a public or private
network. Because of these capabilities, Geth was the framework we chose to
base our work on, any similar blockchain framework with the same
capabilities as Geth should be considered for such systems.

B. Security analysis
1) DDoS: To successfully DDos a distributed system such as we have
proposed, the attacker must DDoS every single bootnode in the private
network. The individual or institution would be immediately located if that
would occur. Each node is implemented with a Byzantine fault tolerance
algorithm, which helps locating failed nodes in the system.
2) Authentication vulnerability: Each individual is identified and
authenticated by the system by presenting an electronic ID from Auðkenni
and the corresponding 6-digit PIN in the voting booth. Without supervision,
an individual could vote for multiple people, if the individual had knowledge
of the PIN for each corresponding electronic ID he has. To further address
this vulnerability in the near future, a biometric scan could be introduced.
3) Sybil: Sybil attack is known against centralized systems, where an
individual creates a large number of nodes in an attempt to disrupt network
operation by hijacking or dropping messages. Since our proposal is running
in a private network no individual has the access to create one. Even the
consensus protocol that is used in our system is prone Sybil attacks. Private
blockchains solve many of today’s security problems using strong
cryptography features and the limited access to the ledger, without negating
the transparency aspect the blockchain technology offers.

C. Legal issues
1) Remote voting: Remote elections provide no coercion resistance
because of the non- supervised factor in a remote election. Remote elections
can therefore not guarantee the privacy that people have when they cast their
vote in a voting booth. Family members or a
coercer can watch over your shoulder while you’re voting, which could lead
to a misconfigured result. If elections are hosted on a website for example it
could easily be taken down by people with good hacking skills and the
mindset to do so. People could identify themselves as another person and
therefore vote for another person and even multiple people.
2) Transparency: In the today’s election scheme, no method of
transparency can be offered to participants of the election. When an
individual place his ballot in the box at his voting district, there is no
guarantee from the scheme that his vote was counted and counted correctly.
Any individual vote can be misplaced, counted incorrectly because of human
error or simply because the party which the voter voted for could be disliked
by the individual which counted the vote. This transparency is non-existent
because no ballot has information on who casted aforementioned vote. To
introduce transparency in the process of an election would require a new law
which would allow government officials to provide the services which allow
such method of transparency

3) Voter privacy: In every pen and paper election scheme, voter’s privacy
is a key element. The law forbids any individual or entity to be able to know
from a single vote, who gave aforementioned vote. If such information could
be gathered for each vote, such information could then leak to the public
which would allow for listing every single individual who voted for a single
party/candidate. To satisfy the privacy of each voter, no individual vote
should be traceable back to the voter.
System Diagrams(Architectures):

1.

2.
3.

Application used for Project:

1. Metmask Wallet
2. Ganache
3. Remix IDE
4. Solidity
 Conclusion

To Overcome all the Shortcomings in the Present Voting System, we

came up with the Modern Technology of Blockchain i.e. E-Voting System
using Blockchain. By using this modern technology, following things can
be Achieved:- Cheap Voting System, Accurate Voting System, Fast
Voting System. Every Citizen desires to have a Transparent and Direct
Form of Democracy which is clear cut obtained from this E- Voting
System using Blockchain. Faith of People on the Voting System is
Increased therefore, many People Come Forward for Voting, thereby
Increasing the Percentage of the People Voted. The Pen and the Paper
Election is Eradicated thereby creating Accuracy in the Voting System.
Everybody Prefers Time ,and Cost Efficient Systems so this E-Voting
System using Blockchain is apt for Transparent Democracy. Ethereum
Private Blockchain allows hundreds and hundreds of Transactions in a
Second. Utilisation of the Smart Contracts lower the Load on the
Blockchain. For Countries with Greater Population, some additional
Technology should be added in this E-Voting System using Blockchain to
avoid Errors. The main reason behind this system is to present an idea
of implementation of blockchain in the voting system.
 Futures Works

Democracies depend on trusted elections and citizens should trust the election
system for a strong democracy. However traditional paper-based elections do
not provide trustworthiness. In this paper, we proposed a blockchain based
e-voting system which provides a trusted, secure and fast voting system for
Turkey. Proposed system is suitable to apply in another country whereas
integration is hard work since each country has different laws and election
system changes between countries.
References

○ R. Hanifatunnisa and B. Rahardjo, "Blockchain based e-voting

recording system design," 2017 11th International Conference on
Telecommunication Systems Services and Applications (TSSA),
Lombok, 2017, pp. 1-6.
○ R. Krimmer, A. Ehringfeld, and M. Traxl, “The Use of E-Voting in
the Austrian Federation of Students
Elections 2009,” Internet:
https://pdfs.semanticscholar.org/6b8f/34a5bd3e7eabc7e3a9a3f00818
7e4415e26a.pdf [Nov. 26, 2018]
○ “The Geneva Internet Voting System,”
Internet: https://www.coe.int/t/dgap/goodgovernance/Activities/E-
voting/EVoting_Documentation/passport_evoting2010.pdf [Nov. 25,
2018]
○ F. Þ. Hjálmarsson, G. K. Hreiðarsson, M. Hamdaqa and G.
Hjálmtýsson, "Blockchain- Based E-Voting System," 2018 IEEE
11th International Conference on Cloud Computing (CLOUD), San
Francisco, CA, 2018, pp. 983-986.
○ S. Ølnes, J. Ubacht and M. Janssen, "Blockchain in government:
Benefits and implications of distributed ledger technology for
information sharing", Government Information Quarterly, vol. 34,
no. 3, pp. 355-364, 2017.
○ A. Barnes, C. Brake, and T. Perry, “Digital Voting with the use of
Blockchain Technology,” Available:
https://www.economist.com/sites/default/files/plymouth.pdf [Nov.
20, 2018]
○ A. Barnes, C. Brake, and T. Perry, “Digital Voting with the use of
Blockchain Technology,” Available:
https://www.economist.com/sites/default/files/plymouth.pdf [Nov.
20, 2018]

○ M. Pawlak, A. Poniszewska-Marańda and N. Kryvinska, "Towards

the intelligent agents for blockchain e-voting system," Procedia
Computer Science, vol. 141, pp. 239-246, 2018.
○ P. Tarasov and H. Tewari, "The Future of E-voting," IADIS
International Journal on Computer Science and Information
Systems, vol. 12, no. 2, pp. 148-165.
○ Bartolucci, S., Bernat, P., & Joseph, D. (2018). SHARVOT: Secret
SHARe-Based VOTing on the Blockchain. 2018 IEEE/ACM 1st
International Workshop on Emerging Trends in Software
Engineering for Blockchain (WETSEB), 30-34.
○ Reyna, C. Martín, J. Chen, E. Soler and M. Díaz, "On blockchain
and its integration with IoT. Challenges and opportunities", Future
Generation Computer Systems, vol. 88, pp. 173-190, 2018.
○ Wang, J. Sun, Y. He, D. Pang and N. Lu, "Large-scale Election
 Based On Blockchain", Procedia Computer Science, vol. 129, pp.
234-237, 2018.
○ Internet:
https://lisk.io/academy/blockchain-basics/how-does-blockchain-
work/delegated-proof-of-stake [Nov. 25, 2018]
○ Internet: https://www.turkiye.gov.tr/ [Nov. 25, 2018]
○ Alharby, Maher, and Aad van Moorsel. “Blockchain Based Smart
Contracts : A Systematic Mapping Study.” Computer Science &
Information Technology (CS & IT), 2017
 Internet: https://sonuc.ysk.gov.tr/ [Nov. 16, 2018]
J. Yli-Huumo, D. Ko, S. Choi, S. Park and K. Smolander, "Where Is
Current Research on Blockchain Technology?—A Systematic Review," PLOS
ONE, vol. 11, no. 10, 2016.
https://electricalfundablog.com/electronic-voting-works-types/
https://cs.stanford.edu/people/eroberts/cs181/projects/2006-07/
electronic- voting/index_files/page0002.html
https://www.scientificamerican.com/article/the-vulnerabilities-of-our-voting-machi
nes/