E-Voting System on Blockchain

Abstract

Introduction

I. INTRODUCTION

When we hear the word ‘democracy’, the concepts like – right to choose, respect for individual rights, freedom of speech, regular and fair elections etc are the most common ones that arise in one’s mind. The constitutional laws have been designed in such a way that the features of democracy stand preserved. But, there always is a slight deviation between what’s written on the paper and when it’s implemented in the real world. Etymologically, democracy means a system of government where common people hold the political power. Yet the way the democratic practices are administered, still carries a huge burden of accusations and objections, and the term ‘democracy’ tops the list of the most indiscriminately abused terms in history. Although its structure and methodologies have greatly transformed since the beginning but the remarkable indicia of democracy – the elections, are still frowned upon and for no bad reasons.

A free and fair election is one of the most fundamental pillars that supports the democratic system. The foundation of the democracy lies in the fact that common people have the right to choose their candidate and rule through the elected representative. And this foundation, up until today with so much advancement in technology, fails to mark its presence. We have built buildings taller than mountains, we’ve made computers that work faster than a picosecond and when it comes to develop a flawless and a reliable system for elections, what are we up to – electorate manipulation, bought votes, ballot stuffing, sabotaged EVMs, ridged elections?

The process of elections is the heart of every democracy and thus demand a great deal of security and privacy to preserve their fairness. In fact, the election security is a matter of national concern. But, in spite of all the mindfulness and cautions, we still fail to conduct secure and fair elections and not only in India but across the globe. From the dawn of the democratic elections, the process of conducting elections has been practiced via paper ballots. Ballot is a system of elections in which the voter marks the candidate he/she wishes to choose on a piece of paper, known as a ballot paper. These ballot papers are then collected and the votes for each candidate are tallied up manually to form the result. This system had some major drawbacks because counting the votes manually does not account for human error and also, it can be easily tampered with. They were heavily criticised because of various news of fraudulent votes and captured booths. Another major drawback it suffered was the ‘Spoilt votes’ – where the voter’s vote cannot be counted due to improper marking on the paper or when there was a case of multiple marks by the voter. So, the system was fault tolerant neither from the voter’s side, nor from the perspective of the administration.

It was critical to replace this system with something else to regulate fraud and to develop a truly robust system of elections. Fortunately, moving on to a new approach for conducting elections via a device called Electronic Voting Machine (EVM) gave some relief. It wasn't any longer until came to light the cases of faulty and corrupted EVMs. And the allegations thrown at the EVMs cannot be claimed as false because after all, the system is centralised and anyone, to whom the EVM is physically accessible, can easily sabotage the EVM and the voters’ privacy and right to choose are jeopardised. And we circled right back to the starting point. The cases of tainted EVMs pushed several countries back to the ballot system. Countries like Netherlands, Finland, Germany etc believe that there are various security issues with the Electronic Voting Machines and claim that the risks of EVMs outweigh its benefits. 

The bitter truth about democracy is – ‘Security is the biggest lie in a democracy’. And the big questions still remain unanswered:

How can we secure our elections?

How can we design a truly secure and trust-less voting system without giving a central authority, full control over the process? The answer is ‘Blockchain’.

A. What is a Blockchain?

In I.T. systems, a lot of data is generated and it must be stored somewhere in an organised way. These organised collections of data are known as databases. In sectors like financial systems, healthcare systems or E-commerce websites etc where data belonging to various users is generated every second, and the confidentiality of data is a matter of concern, then the following questions arise:

1. Where the database must be located? If at an allegedly-claimed-as-secure central location, then why?
2. Who should decide the rules for writing the data into the database?
3. Who must be allowed to write the data in the database?

To answer these questions, we let everybody (every participant in the system, i.e. users) have their own copy of this database. Now the database is distributed among the peers and is decentralised over the whole network.

Then we introduce a few concepts of cryptography and distributed computing while imposing a consensus protocol among the network. And the Blockchain technology is born.

Blockchain is a decentralised distributed immutable ledger which holds any kind of data and is not available to or controlled by a single party rather by all the participants of the system.

Blockchain, just like a database holds an ever increasing record of structured data and is secured by various cryptographic techniques like Public Key Encryption, Digital Signatures and hashing algorithms like SHA family. But, what separates a Blockchain from an ordinary database is the fact that Blockchain is not controlled by or available at a central location/organisation.

The development of a blockchain database involves these major steps:

A peer to peer network of nodes that participate in a system (like a transaction system, but without a bank and rather a peer-to-peer system)

The transaction (or any data) generated among the nodes is signed digital by the one who generated it and must be broadcasted among the whole network. This maintains the authenticity of the data.

The other nodes when receive the data, store it in a temporary pool of data/transactions. The data is not yet written on to the blockchain.

Now to ensure that all the nodes in a network are in consistent state (or in sync) with each other, we divide the data into small files called ‘blocks’ and to define an order among those blocks we ‘chain’ the blocks together such that the data of a block contains the hash of the data of the previous block and so on.

The blocks are connected to each other in a chain of hashes, thus it is known as Blockchain.

In order to get over the problem of fraudulent data injection among the nodes by an attacker, we propose a ‘Proof-of-Work’ protocol, which states that to add a new block to the blockchain and broadcast it to the network, the node must solve a cryptographic puzzle which requires a heavy computational work to be done before adding the block.

This makes the blockchain immutable because the data in any block would result in changing the hash of that block along with hashes of all the subsequent blocks and would changing require an infeasible amount of work to be done to recalculate the hashes of those blocks in the blockchain.

In this paper, we explore the potential of Blockchain to develop the democratic voting process more secure and reliable and making it a trust-less system by having a simple truth as the foundation of our knowledge, i.e. ‘unless the honest participants outnumber the corrupt ones, the integrity and security of blockchain ecosystem is preserved’.

II. PROPOSED WORK

An election is nothing but a political competition to gain political power and rule the state/nation. And without any deeper look into the process, one can almost certainly say that the result of such political competition lies in the very hands of the participants of this competition itself. Thus, the system can be undeniably rated as absurd. 

Thus, in order to secure the purpose of our democracy, we need to revise the fundamental concepts of our elections. To achieve this, the first and foremost idea that must be implemented is that the results must not be controlled and located under the authority of participants (political parties) themselves, rather the control must be given back to the people as the democracy dictates.

In this paper, we propose a system of Electronic Voting done via Distributed Ledger Technology, that not only allows the people to cast votes, but also to keep the process decentralised and distributed among the people themselves and keeping it away from any potential threat.

A. Election Design Principles

The objective of democratic elections is to enable common people to harness their right to choose their leader without disclosing it to anyone. To ensure the security of elections while maintaining voter’s privacy we must fulfil the essential requirements in order to effectively conduct fair elections in the name of democracy. These requirements are as follows - 

Only eligible beings must be allowed to cast vote, i.e. in India, above the age of 18

Voting under the influence of any kind of coercion must be restrained

Any vote in the election must not be traceable back to the voter in any case

The election system must be able to prove to the voter that their vote has indeed been counted and has not been tampered with

The integrity of the election data must be preserved and it must be tamper-resistant in every way

4) Broadcasting the information on the Network

Every information generated on a node will be broadcasted to all the other nodes on the network. When a vote is generated on a system, that information will be broadcasted to the network and everyone will save that vote in an unconfirmed pool of votes. Then, after the current block has been mined, the nodes (peers) on the network will pack the unconfirmed votes into a block and start working on the proof-of-work for the current block. When a node finds the right proof-ofwork, that block will be broadcasted on the network again, and the rest of the nodes will verify that block by hashing the block header and matching with the broadcasted proof-of-work.

5) Verifying the votes

In case, a voter feels insecure that whether his/her vote has been counted or not, or whether it has not been tampered with, he/she can indeed verify that by signing in to the portal using his/her voter ID and the algorithm will show that the information is indeed safely written on the blockchain.

If by any means, the vote data has been tampered with, then the resultant hash of the data will not match the signed hash attached with the data. Even if someone decrypts the hash using the voter’s public key, even then it cannot be encrypted back by the private key of the voter and thus, the algorithm would simply deny any such change.

Take your Private key with you

The program generates a private/public key pair for the voter and the public key is uploaded in the block and written to the Blockchain safely along with the ‘hiddenVoterID’ field that has the hashed data of VoterID and the PIN/Password chosen by the voter.

Also, there is an option to take the information of the voter’s PIN and his/her private key with themselves safely either by scanning or printing a QR Code generated by the program.

Irrespective of what the voter may choose, (whether to scan/print the code or skip the option and leave), the QR code and its information will be immediately deleted from the voting device and the voter shall not be able to recover the QR code by any means. Thus, it is better to ‘take your Private key with you’ and in any case if one wants to verify their vote, they can check that with the help of their login credentials and the private key.

Thus, the voter can rest assured that the vote is signed by his own digital signature and is tamperproof.

6) Observe Results

After the elections are declared over, the administrator node will tally up the votes looping through the blockchain, one block at a time and first verifying the data and the signature with the help of the public key and then decrypting the data by his own private key and counting the vote.

So, the process involves these tasks to be performed repetitively:

a. Unlocking/Decrypting the AES key by the private key of the Administrator.

b. Decrypting the data from the obtained AES key.

c. Verifying the digital signature by the voter, using the voter’s public key provided with the data.

d. Obtaining the information about the chosen candidate by the voter and counting up the vote.

This result can then be displayed later as per the schedule.

III. RESULT AND ANALYSIS

In this paper, we proposed a trust-less decentralised distributed voting system with an intent to conduct free and fair elections and give the control back to the common people. But, to ensure that the system really functions as advertised and solves the aforementioned problems, then we need to carefully assess the various aspects of the proposed system.

In this section, we will analyse the those aspects related to the practicality and effectiveness of the proposed system. Also, we will try to observe the vulnerabilities and any potential threats and we will gauge the severity of the impacts posed by those threats on our system.

A. Voter Traceability

One of the most important features about an ideal election system is that any vote must not be traceable back to the voter. It must not reveal any information about the voter whilst being stored on the publicly accessible (in the private network) blockchain database.

Every vote data packet that is being transmitted on the network and stored on the blockchain contains majorly 3 things — Voter’s public key, AES encrypted vote data (time, candidate chosen and hidden voter ID) and RSA encrypted AES key for decrypting the vote data.

In order to enable an election system which can prove to the voter, that their vote is indeed safe and has been counted and counted correctly, the voter ID must be stored on the blockchain along with the corresponding vote data. But, this makes the voter ID vulnerable to passive attacks.

References

[1] Satoshi Nakamoto (2009) – Bitcoin: A Peer-to-Peer Electronic Cash System. Available at – https://bitcoin.org/bitcoin.pdf [2] Skemman (2012) – Blockchain-Based E-Voting System. Available at – https://skemman.is/ bitstream/1946/31161/1/Research-Paper-BBEVS.pdf [3] Sos.ca.gov (2007) – Top-to-Bottom Review | California Secretary of State. Available at – http://www.sos.ca.gov/elections/voting-systems/oversight/top-bottomreview/ [4] Nicholas Weaver (2016) – Secure the Vote today. Available at – https://www.lawfareblog.com/ secure-vote-today [5] Vitalik Buterin (2015) – Ethereum White paper. Available at – https://github.com/ethereum/wiki/ wiki/White-Paper [6] Anmol Panwar (2020) – Here’s why ‘Blockchain’ is not yet ready to gain traction. Available at – https://medium.com/@anmolpanwar8/heres-why-blockchain-is-not-yet-ready-to-gaintraction-ac92c323d84d [7] Andrew Barnes, Christopher Brake and Thomas Perry (2016) – Digital Voting with the use of Blockchain Technology. Available at – https://www.economist.com/sites/default/files/ plymouth.pdf [8] Rumeysa Bulut, Safa Keskin (2019) – Blockchain-Based Electronic Voting System for Elections in Turkey. Available at – https://arxiv.org/pdf/1911.09903.pdf [9] Vincent Gramoli (2016) – On the Danger of Private Blockchains (When PoW can be Harmful to Applications with Termination Requirements). Available at – https://www.zurich.ibm.com/dccl/ papers/gramoli_dccl.pdf

Copyright

Copyright © 2023 Anmol Panwar. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.