[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

WO2022125041A1 - Electronic election and voting method and system with privacy protection and biometric authentication - Google Patents

Electronic election and voting method and system with privacy protection and biometric authentication Download PDF

Info

Publication number
WO2022125041A1
WO2022125041A1 PCT/TR2021/051367 TR2021051367W WO2022125041A1 WO 2022125041 A1 WO2022125041 A1 WO 2022125041A1 TR 2021051367 W TR2021051367 W TR 2021051367W WO 2022125041 A1 WO2022125041 A1 WO 2022125041A1
Authority
WO
WIPO (PCT)
Prior art keywords
voter
election
voting
vote
voters
Prior art date
Application number
PCT/TR2021/051367
Other languages
French (fr)
Inventor
Umut Can ÇABUK
Gökhan DALKILIÇ
Enis KARAARSLAN
Ömer AYDIN
Eyyüp DEMİR
Original Assignee
Ege Universitesi
T.C. Muğla Sitki Koçman Üni̇versi̇tesi̇
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ege Universitesi, T.C. Muğla Sitki Koçman Üni̇versi̇tesi̇ filed Critical Ege Universitesi
Publication of WO2022125041A1 publication Critical patent/WO2022125041A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C13/00Voting apparatus
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/46Secure multiparty computation, e.g. millionaire problem
    • H04L2209/463Electronic voting

Definitions

  • the invention is related to a new election and voting system that proposes mechanisms for the privacy of personal data in this process while providing trust and confidentiality in the election and voting processes.
  • Biometric authentication is the process of transferring the personal characteristics of people, such as vascular trace, eye retina, fingerprint, tone of voice, etc. to the computer environment and converting them into mathematical data and using these data to verify the identity.
  • Biometric authentication methods (knowledge and ownership-based) provide serious gains in terms of security over traditional methods while also eliminating disadvantages such as holding an additional apparatus or an object for password remembering and authentication.
  • blind signature Concealing (blinding) the content of a message before it is digitally signed is called blind signature in cryptology.
  • the unit that controls the authenticity of the content of the message (usually a computer software or hardware or a real person using them) cannot read the content of the message in this way. There is no harm in disclosing the resulting blind signature to the public as opposed to its undisclosed signature.
  • Blind signatures are used to ensure confidentiality in protocols where the signatory and the message owner are different parties.
  • Cryptographic election systems can be given as the example.
  • U.S. Patent No. US20170109955A1 covers a method that includes an electronic voting system, blockchain ledger for storing and controlling votes.
  • a voting client that is set up to obtain information electronically about whether the voter is eligiblefor the election and preference data for one or more elections in this method.
  • a voter identifier server that decides whether the voter has the eligibility to vote or indicate her/his preference in the relevant election.
  • a registration server designed to disconnect the personally identifiable information transmitted by the voter client from the public voter key and use an automated process.
  • a blind token is used in voter registration.
  • Decentralized blockchain voting systems and methods have been proposed in the U.S. Patent No. US20170061398A1, titled “Cryptographic currency blockchain-based voting system”.
  • This system receives voting data that includes multiple options and an identifier is associated with each option.
  • a customized cryptographic currency address is created for each voting option.
  • the specified amount of cryptographic tokens is transferred to the customized cryptographic currency address for a selected voting option.
  • Transfer is the process of publishing to a cryptographic currency network for confirmation and inclusion in a blockchain ledger.
  • a voting system based on virtual currency has been defined in China Patent No. CN107146318A titled “Voting system based on virtual currency”.
  • Voting system based on virtual currency consists of a registration module, a voting module and a counting module.
  • the registration module is used to set the transfer address of the virtual currency as the voting address of each voting option and to record a voting and corresponding voting account.
  • the voting module is used to read the option item selected by the voter and to transfer the virtual currency in the voters’ voting account to the voting address of the candidate selected by the voter.
  • the counting module is used to extract transfer records of all candidate items to obtain the total number of candidates, voting time, valid number of votes, invalid number of votes, and valid votes of each candidate.
  • Voting system based on virtual currency is suitable for different types and sizes of voting processes and different time intervals. The transactions of the transfer record are completely open to the public and recorded so that the transparency and fairness of the voting process can be guaranteed.
  • a method is defined in the U.S. Patent No. US20120179514A1, titled “Electronic voting system” that requires creating a unique and random identifier for the voter’s vote, obtaining election information from the voter in question, and creating a private and a public cryptographic key pair.
  • the vote and the identifier are signed with a private key to create a digital signature.
  • the vote and the identifier are presented to the voter in a readable form.
  • the invention relates to the election and voting system and method in order to eliminate the above-mentioned disadvantages and to bring new advantages to the related technical field.
  • Blockchain technology offers technical solutions to decentralized (partially centralized in special blockchain structures), that is, with a distributed architecture, computation and data storage problems. This is a technology that can be applied on many devices such as computers, the Internet of Things or mobile devices that can connect to the Internet or make network connections.
  • Blockchain is an abstract data structure called distributed ledger, which is sorted by time and constantly growing, where immutable (or noticeable when tried to be changed) records/lists of the transactions performed are kept on the relevant computer network. It can be said in this sense that it guarantees that the data in the chain structure cannot be changed.
  • Voters Electronic election and voting systems that allow voters to participate in voting through a computer, tablet or mobile phone, online or, as the case may be, through a local network connection, wherever they are, become safe and reliable thanks to the use of blockchain technology in election processes.
  • Voters authenticate their identity through the system- integrated biometric authentication mechanism, and then access the election system web page or application.
  • the votes cast are stored in the servers by signing with a technique called blind signature and it is not technically possible to establish a relation between the voter and the vote they cast; however, no one, including system administrators and administrative/technical personnel, can access this information.
  • Vote counting can be carried out in a healthy way and in a very short time.
  • Figure 1 The general preparation procedure that needs to be done before the election is given.
  • Voter information is provided some time before the election (3 months may be sufficient) by the institution or organization that will make the election.
  • Initial authentication of the voter is performed based on his/her identity information that was provided earlier.
  • another authentication is performed based on the recorded biometric data of the voter whose identity verification was successful previously. Those who successfully pass all these stages are entitled to vote as voters.
  • FIG. 1 The procedure to be applied to voters is shown.
  • Figure Description It is the user interface that shows voters what the procedure applied to them looks like, that is, what schematic representation the voter is facing.
  • Figure 4 Architecture of subunits such as Web Server, Authorization Unit, Voter Identification System, Counting Server used in the system when voters decide to vote on election day. Numbers 1 to 11 indicate the sequence of processes.
  • Figure Description It explains what happens in the background when voters vote.
  • the web server checks whether the voter has the right to vote or not and whether the vote is duplicated or not when the voter logs in to the website to vote. It then waits for the authorization unit to contact the voter to verify and authorize the voter.
  • the voter verified and authorized by the authorization unit also uses the vote via the web server.
  • the vote used is transmitted to the ballot box database and the voter information is transmitted to the voting database. All the votes used are transferred to the counting server to announce the result at the end of the day.
  • Voter Identification System is the system regulated by voter information.
  • the invention is related to a new election and voting system that proposes mechanisms for the privacy of personal data in this process while providing trust and confidentiality in the election and voting processes.
  • the system is an online election technique, model and application that meets all the necessary and sufficient requirements of traditional choices and maintains all its principles and rules.
  • the principles of secret ballots, public counting, and equal votes, which form the basis of a democratic election, are also included in this online election system.
  • a reliable and robust model has been put forward by producing solutions to security and privacy problems specific to the virtual environment.
  • a flexible structure is provided that allows different election practices according to the need (for example, repetitive voting rights, voting weight, vote withdrawal, multi-day/weekly election periods, etc.).
  • the invention is unique in terms of the use of blockchain techniques in electronic voting products and services.
  • Possible electronic voting systems using the technique subject to the invention are unique in that they have a decentralized (partially centralized in special blockchain structures) distributed database far beyond the concept of backup used in the current methods, and computers in physically separate locations hosting this database have a special network that they create with a common decision (consensus) protocol and communication and cryptology protocols among themselves (various consensus protocols are available in the literature and are not subject to the claims).
  • the most basic feature of the blockchain is that the encrypted transaction record is performed in a distributed manner. These operations are performed on different computers in data blocks and again encrypted. Encrypted data blocks processed on different computers are partially re-encrypted by adding end-to-end like a chain. Thus, successive data blocks are interrelated, which prevents potential attackers from making changes to the recorded data blocks.
  • the invention brings a level of security to the electronic voting systems higher than what is provided by the present methods.
  • the security in question consists of features such as the inalterability, the immutability of data (vote and voter information), the privacy of personal data, the confidentiality of the voter and the undeniability of the vote.
  • the unalterability and undeniability of recorded data is one of the features that blockchain technology naturally provides. Blockchain technology is therefore preferred in the voting database, as these features are of vital importance for a safe and reliable online election order.
  • the functioning of the electronic voting system is summarized in the following steps: 1) Determining, by the regulator (election organization (foundation, association, company, etc.)) the list of draft voters to vote in the election and transferring the information (identification number, registration number, etc.) of these persons to the system,
  • biometric verification engine creates, by the biometric verification engine, biometric data of the people in the voter list created (The biometric data (voice, fingerprint, retina, etc.) of the people registered in the voter list are recorded and stored before the election. This data is then used to verify the voter's identity (on the election day). Namely, the voter is asked to re-enter the biometric data in the records just before the voting process on the election day. The biometric verification engine checks the accuracy of these data after the voter enters the required data (voice, fingerprint, etc.) into the system. The voter is given the right to vote if the data is correct. The biometric verification process is automatically provided by the biometric verification engine. The persons whose biometric data provided to be used for this purpose are processed in the voter database, and the final voter list is created.),
  • the front-end server stores and publishes a web interface, in other words, a website, where voters can view and vote on the active elections and the candidates within the framework of their authorities. This interface is called the voter interface.
  • the invention brings a level of security to the electronic voting systems higher than what is provided by the present methods.
  • the security in question consists of features such as the inalterability, immutability, confidentiality and undeniability of data (vote and voter information).
  • the electronic voting system is aimed to replace traditional elections completely. It is the first of its kind in terms of using biometric verification methods in online voting. It is the first model in the world in terms of using the blockchain as a voting database. Voter information is also kept optionally in a decentralized identity system. Voter information is confirmed by zero knowledge proof methods over smart agreements, but this identity information is not kept in the system. Votes cast by voters are stored with blockchain technology, which is a distributed system. Thus, both anonymity and unalterability of the given vote are ensured.
  • Authentication of voters is provided through a precise biometric authentication mechanism without the need to use any smart cards, electronic equipment, apparatus and similar devices. Thus, ease of use is increased and cost is reduced.
  • the information of the voters to be authenticated is taken from the regulatory body that will carry out the election and stored in a traditional database or a blockchain ledger.
  • the system uses cryptographic algorithms that do not allow a relationship to be established between the voter and his/her given vote. It is known that the voters voted, but it is not clear what the vote is with these algorithms called blind signatures. However, the votes can be counted conveniently when the election is completed.
  • the unit (server) that signs the message does not know the content of the message (that is, the vote given), only signs the message that reaches it safely and sends it to the database (that is, the digital ballot box) according to the blind signature principle.
  • the database can always check from the signatory server that the message reaches it correctly. Therefore, a secure channel is established between the units that sign and store the ballot in this method.
  • the website of the election system is kept on the front-end server of the system.
  • the front-end server may be a computer with wired or wireless Internet (and local network) connection capability, a special server hardware or any electronic device capable of hosting and operating a website, or the virtual emulator software of such an electronic device or a related virtual machine software. It can run any operating system on it. System administrators, voters and, if desired (some restrictions may apply), other users provide access to this server online or, if available, via the relevant local network through a computer, tablet, smartphone, smart television or other electronic devices capable of network connection (Internet or local network) through a web browser program or a special software.
  • Blockchain system operates on more than one computer (at least 3, no upper limit) (node) and keeps records synchronously (simultaneously). These nodes have a decentralized (partially centralized in special blockchain structures) structure. Each vote sent through the front-end server is sent to the relevant computers (nodes) on the network. The recorded data is validated by the nodes defined in the system.
  • the consensus protocol running in the blockchain system assigns block writing to the defined node by selecting the node to write the block (voter data block) at certain time intervals. This node makes blocks by using the approved voting information based on the maximum block size defined.
  • the necessary ledger update is performed in the blockchain structure according to the selected blockchain technology (Hyperledger fabric, Hyperledger sawtooth, Ethereum, NEO, NXT, Blockstack, R3 Corda, etc.). Any open source or closed source ledger can be used as blockchain infrastructure. It is made difficult to change the records completely in a possible attack attempt since the records of the voting data will be kept in more than one copy in this way. The attempt to change some records with the attack can be detected through the blockchain and necessary measures can be taken.
  • IVR interactive voice response
  • the system allows verification with all other biometric factors related to the human body such as fingerprint, iris, retina, palm, vein maps, as an alternative to the voice recognition mechanism.
  • Voice recognition can be done with telephone, mobile phones and similar voice pagers, while special hardware and software are required for other biometric factors.
  • the use of at least one of these factors within the voting system is within the scope of protection. Because the authorization server in the architectural structure is a part of the system regardless of the method selected and sends information to the rest of the system that authentication is successful or failed. Therefore, how verification is performed does not have a binding effect on other actors of the system.
  • the election service system (and software) is modular. Some features can be removed and added according to the specific needs of the applications with the modular structure. Authorization services such as passwords, confidential questions, SMS can also be provided for the hearing-impaired. This also directly affects the cost of the product.
  • Another design decision is related to the blockchain.
  • the blockchain is used as an immutable database for the application in question.
  • the system becomes functional by programming smart contracts specific to the application.
  • the system supports zero-knowledge proof techniques, various “cryptocurrency wallet” protocols and encryption methods for privacy and anonymity processes.
  • Big data-compatible databases or traditional databases can also be used as an option for purposes such as backing up the casted votes and keeping the voter information.
  • FIG 1 shows the general preparation procedure that needs to be done before the election.
  • the voter information and the time period defined for the election (estimated 3 months (time is given as an example, it does not matter)) are first taken from the regulatory organization (that is, the one who is willing and authorized to organize the election). Then, the biometric data of the voters are collected. The collected biometric data is then stored in the database for verification. Biometric data validation is performed after a certain period of time (e.g. within 1 week). If the biometric verification is successful, the voter is ready to vote. A voter database with verified biometric data is created in this way. Only voters in this database are eligible to vote at election time. No one who is not in this database has the right to vote.
  • the procedure to be applied to voters is shown in Figure 2.
  • the voter logs into the user interface to vote as shown in Figure 3 as a draft. He/she determines which voting he/she will be join in among the listed elections. Firstly, it is determined that they have not voted before with a unique information (TR ID number, Association Registration number, etc.). If they have voted, they are prevented from voting again before proceeding to the next stages. The authorization process begins if they have not voted.
  • the voter who successfully passed the biometric authentication and SMS verification is presented with the candidate list shown in Figure 3.
  • the voting record of the voter who votes for the candidates is taken without timeout and the voting process is completed for the voter.
  • the architecture of the processes performed in the system are shown in Figure 4 when voters decide to vote on election day.
  • the server checks whether the user is among the voters to vote after logging in to the voter user interface in the system. It requests biometric authenication from the authorization unit after designating the user as a voter. It shows the candidate list to the voter in the user interface after successful authorization. It saves the unique information of the voter who has made his/her election successfully in the database where the voter list is located. It records their vote in the ballot box database to be sent to the counting server later.
  • the ballot box database transfers the information in the database to the counting server at the end of the election day.
  • the counting server announces the result of the vote and the election is over.
  • Voters shall not be allowed to vote by the assembly if:
  • the voter receives an error message on the screen of the relevant computer, phone, tablet, or other voting device for the relevant situation and returns to the first login screen in all these cases. The entire procedure restarts.
  • SYSTEM ACTORS 1 Election vendor: It is responsible for the organization of the election process and the operation of this election setup.
  • Voter The registered voter, member.
  • Front-end server The front-end server stores and publishes the website called the voter interface.
  • the authorization unit has the duties of using the biometric data of the voter such as voice, fingerprint, retina, palm print, etc. recorded in the system, verifying that the voter is the right person on the election day, and authorizing the relevant person (if the biometric data are correct) as the voter.
  • biometric data such as voice, fingerprint, retina, palm print, etc.
  • Voting database It manifests itself as a database where the votes of the voters are collected. The votes given by the voters cannot be changed, and thus, security is ensured since these votes are stored via blockchain technology. Meanwhile, since the data is stored as encrypted, it cannot be viewed by the attackers who voted for which voter.
  • Counting server It serves as the server where the votes given are counted at the end of the election period and the result is announced. The classification, statistical data and graphics of these votes emerge through this server.
  • the voting list of voter information by the front-end server is recorded automatically in the database and the vote given by the voter is recorded automatically in the ballot box database.
  • the list of voters and the ballot box databases are automatically transferred to the counting server when the election period ends.
  • An electronic voting system in line with the detailed information above, characterized in that it comprises the following elements:
  • At least one front-end server which stores and publishes a web interface where voters can view the active elections and view and vote the candidates within the framework of their authorities; enables the control of whether the voter is among the people who can vote; transfers the voter who is authorized to vote to the authorization unit; enables the voter information to be automatically recorded to the voter list database and the vote given by the voter is automatically recorded to the ballot box database,
  • At least one voter interface which is hosted on the front-end server, where the voter logs into the system using the member/identification number on the election day, the candidates are nominated to the voter, the voters can view the active elections and the voters can view and vote on the candidates within the framework of their authorities,
  • At least one user database in which the list of voters who have the right to vote from the regulatory (institution or organization) who will undertake the election is requested and the voter information is included,
  • At least one biometric verification engine that has the duties of verifying that the voter is the right person on the election day from the biometric data of the voter such as voice, fingerprint, retina, palm print, etc. recorded in the system and authorizing the relevant person (if the biometric data are correct) as the voter and, tests whether the person is a real voter with biometric and SMS verifications,
  • At least one voting database where the votes of the voters are collected and stored encrypted and using blockchain technology
  • At least one counting server where the votes given are counted at the end of the election period, the result is announced, the classification, statistical data and graphics of the votes are published.
  • the algorithms used for the said encryption are symmetric and/or asymmetric and/or distributed and post-quantum encryption algorithms.
  • An operation method of a new online election and voting system that proposes mechanisms for the privacy of personal data in this process while providing trust and confidentiality in the election and voting processes, characterized in that it comprises the following steps;
  • biometric verification engine creates, by the biometric verification engine, biometric data of the people in the voter list created (The biometric data (voice, fingerprint, retina, etc.) of the people registered in the voter list are recorded and stored before the election. This data is used to verify the identity of the voter later (election day). Namely, the voter is asked to reenter the biometric data in the records just before the voting process on the election day. The biometric verification engine checks the accuracy of these data after the voter enters the required biometric data (voice, fingerprint, etc.) into the system. The voter is given the right to vote if the data is correct. The biometric verification process is automatically provided by the biometric verification engine. The persons whose biometric data to be used for this purpose are provided are processed in the voter database and the final voter list is created.)
  • the front-end server stores and publishes a web interface, in other words, a website, where voters can view and vote on the active elections and the candidates within the framework of their authorities. This interface is called the voter interface.
  • the biometric data mentioned in the system and method are voice, fingerprint, palm map, retina, face biometry, DNA genetic material.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Health & Medical Sciences (AREA)
  • General Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Bioethics (AREA)
  • Biomedical Technology (AREA)
  • Biodiversity & Conservation Biology (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Medical Informatics (AREA)
  • Databases & Information Systems (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The physical requirements of traditional (ballot box and ballot-based) voting systems reduce the election turnout and increase the cost of election regulation. The length of the voting and counting process and the fact that its reliability is controversial also affect the use and validity of these democratic processes. Today's online voting techniques have weaknesses in terms of security, privacy and confidentiality. The invention is related to a new electronic (computerized) election and voting system that proposes mechanisms for the privacy of personal data in this process while providing trust and confidentiality in the election and voting processes. It comprises the combination of biometric authentication, encryption, and blockchain technology. Biometric authentication is used to ensure the identification of voters without a password.

Description

ELECTRONIC ELECTION AND VOTING METHOD AND SYSTEM WITH PRIVACY PROTECTION AND BIOMETRIC AUTHENTICATION
Technical Field of the Invention
The invention is related to a new election and voting system that proposes mechanisms for the privacy of personal data in this process while providing trust and confidentiality in the election and voting processes.
State of the Art of the Invention (Prior Art)
A large number of elections and votes are held in foundations, associations, companies, municipalities, universities, and many other private and public institutions in routine administrative processes, just as in the country/province/district-wide elections. These votes are mostly made with the traditional paper ballots orballot boxes system. Voters have to go to the polls in person at specified dates and times in this traditional election system. This significantly reduces the election turnout and increases the cost of election organizations. In addition, seal, ballot, ballot box, logistics, and security expenses also constitute a significant burden for the host organization. Likewise, there are many disadvantages in the voting processes carried out with traditional methods throughout the country, such as cost, reliability, and time. Additionally, many existing online voting techniques remain weak in terms of security, privacy, and confidentiality. Furthermore, the principle of “secret ballot, public counting” observed in traditional elections cannot be realized in most of the existing online digital systems.
Biometric authentication is the process of transferring the personal characteristics of people, such as vascular trace, eye retina, fingerprint, tone of voice, etc. to the computer environment and converting them into mathematical data and using these data to verify the identity. Today, it has started to be used in many areas, especially in shopping, banking, police databases, and civil registry transactions (chip identity card, passport, etc.). Biometric authentication methods (knowledge and ownership-based) provide serious gains in terms of security over traditional methods while also eliminating disadvantages such as holding an additional apparatus or an object for password remembering and authentication.
Concealing (blinding) the content of a message before it is digitally signed is called blind signature in cryptology. The unit that controls the authenticity of the content of the message (usually a computer software or hardware or a real person using them) cannot read the content of the message in this way. There is no harm in disclosing the resulting blind signature to the public as opposed to its undisclosed signature. Blind signatures are used to ensure confidentiality in protocols where the signatory and the message owner are different parties. Cryptographic election systems can be given as the example.
Elections are still made in many countries and institutions with classical paper ballots and ballot boxes. Even though information technologies have begun to be used for the transmission and storage of votes counted by voting, classification and counting in some areas; many countries still use the traditional method, especially in large-scale political elections. There are various levels of development and trial attempts on the use of technology in voting. It is aimed to reduce election costs, accelerate the process, and increase efficiency, reliability and accuracy with these studies (Akin, M. (2002a), “Bilgisayarli Oy Verme Sistemleri,” Belgelerle Turk Tarihi Dergisi Dun/Bugun/Yann, 65,74-80.), (Akin, M. (2002b) “Segimlerde Elektronik Oy Kullanma,” ileti§im Fakiiltesi Dergisi, 15, 401-415.). Technology has been started to be used in election processes with systems such as punch cards and markdetect. The USA is one of the first countries to use these systems, but due to the discussions in the presidential elections held in 2000, it was decided to use electronic systems that directly record these systems in the country (Gibson, R. (2001). Elections online: Assessing Internet voting in light of the Arizona democratic primary. Political Science Quarterly, 116(4), 561- 583.)
As another method of election and voting, specially equipped systems are also preferred; in these systems an electronic box is used instead of a ballot box. Voters mark the candidate or option to be voted with the key or touch screens placed on these boxes and complete the process with approval. The selected option is stored numerically in the box. (the United States Election Assistance Commission. (2005). The 2005 Voluntary Voting System Guidelines. Address of receipt: https://www.eac.gOv/assets/l/28/VVSG. l.0_Volume_l.PDF, Accession date: 18.10.2019)
Other systems are the Internet-based systems. Any hardware connected to the Internet can be used to run the software related to the election, instead of using a special hardware, in such systems.
New methods that can be integrated into all these systems for the security need in the different electronic voting systems including the cases where voters forget the password (passcode) and identification problems. The most successful of these are biometric verification systems which use the biometric data of individuals.
U.S. Patent No. US20170109955A1, titled “Blockchain electronic voting system and method”, covers a method that includes an electronic voting system, blockchain ledger for storing and controlling votes. There is a voting client that is set up to obtain information electronically about whether the voter is eligiblefor the election and preference data for one or more elections in this method. There is a voter identifier server that decides whether the voter has the eligibility to vote or indicate her/his preference in the relevant election. There is a registration server designed to disconnect the personally identifiable information transmitted by the voter client from the public voter key and use an automated process. A blind token is used in voter registration. There is a blockchain ledgerdesigned to store election data and voter decisions in the election. Voter preferences are cryptographically signed with the public voter key to be separated from the personal identity data obtained by the voter server.
Decentralized blockchain voting systems and methods have been proposed in the U.S. Patent No. US20170061398A1, titled “Cryptographic currency blockchain-based voting system”. This system receives voting data that includes multiple options and an identifier is associated with each option. A customized cryptographic currency address is created for each voting option. The specified amount of cryptographic tokens is transferred to the customized cryptographic currency address for a selected voting option. Transfer is the process of publishing to a cryptographic currency network for confirmation and inclusion in a blockchain ledger. A voting system based on virtual currency has been defined in China Patent No. CN107146318A titled “Voting system based on virtual currency”. Voting system based on virtual currency consists of a registration module, a voting module and a counting module. The registration module is used to set the transfer address of the virtual currency as the voting address of each voting option and to record a voting and corresponding voting account. The voting module is used to read the option item selected by the voter and to transfer the virtual currency in the voters’ voting account to the voting address of the candidate selected by the voter. The counting module is used to extract transfer records of all candidate items to obtain the total number of candidates, voting time, valid number of votes, invalid number of votes, and valid votes of each candidate. Voting system based on virtual currency is suitable for different types and sizes of voting processes and different time intervals. The transactions of the transfer record are completely open to the public and recorded so that the transparency and fairness of the voting process can be guaranteed.
A method is defined in the U.S. Patent No. US20120179514A1, titled “Electronic voting system” that requires creating a unique and random identifier for the voter’s vote, obtaining election information from the voter in question, and creating a private and a public cryptographic key pair. The vote and the identifier are signed with a private key to create a digital signature. The vote and the identifier are presented to the voter in a readable form.
Two interrelated trends, such as e-govemment and e-governance, have emerged with the widespread use of broadband Internet technologies in the 21st century. The use of technology in elections and voting processes in private and public spaces is still not widespread enough, even though significant developments have been made all over the world in the provision of public services over the Internet. Establishing voting points, storing paper votes, transporting them, ensuring their security, creating ballot boxes and returning them to election centers, keeping personnel for both security and other services in every field, and all other costs are some of the problems encountered in traditional voting systems. Moreover, the small number of (or single) voting points can make it burdensome and costly for voters to reach the voting center. E-voting is still an advantageous way to collect voters’ ideas and elections even though it is rarely used today. If healthy and reliable infrastructures are established to verify the identity of the voters, they can yield results close to 100% accuracy. The confidentiality of both the votes and the voters voting is extremely important in election processes, as it is known. Various problems continue to occur even though the confidentiality of both the votes and the voters voting is largely achieved in traditional election methods. Risks such as loss, change, risk of changing ballot bags on the way to the election center/hub, threatening election officials in areas where law enforcement officers are not sufficient, and collective voting, etc., are discussed especially in countries where traditional ballots are voted on in general elections. In addition, there are also risks such as threatening the voters in small settlements such as villages or disclosing the voters since the traditional method is based on the ballot box, and the list of voters voting in the ballot box is clear. The necessity of taking individuals with sick, elderly, disabled and young children in need of care to a voting center causes great difficulties even though the traditional method tries to overcome the problems with solutions such as carrying ballot boxes. The fact that voters are required to be in the region where they will vote on those dates causes serious loss of rights. Voters in summer homes, students who do not reside with their families, those who do not reside where they work, and voters abroad face the problem of not being able to vote and reflect their will to the ballot box. This problem is further exacerbated since there is only one (or very few) voting center in the company, association, professional chamber, union, club, and foundation elections.
The solutions offered in relation to authentication include serious security gaps and usage difficulties in many of the proposed electronic voting systems. Many studies have shown that these systems are open to various security attacks. Security expert Ronald Rivest, speaking at the commission on possible security breaches in the recent US elections, stated that hackers could attack such systems in numerous ways. It has been stated that these systems can be seized, and evidence can be easily deleted. These systems also include concerns about the privacy and confidentiality of voters. There is a lack of trust that the accuracy of the election process is entrusted to a person or group with authority and that internal intervention is possible even though external intervention in central electronic voting systems is particularly difficult. The accuracy of these systems is questionable due to the fact that it is possible to intervene in the process by the staff of the infrastructure provider institution, and it is very difficult for people outside this team to test the accuracy of the election results. The security of these systems is not based on a secure algorithm or system infrastructure due to its mathematical formulation, it is based on the closed circuit of the system, or it is tried to be provided by institutions and persons who are assumed (expected to be) reliable. In addition, these central systems face the risk of being temporarily out of service with attacks such as service blocking (DoS, DDoS), etc., that may come from outside.
Brief Description and Objects of the Invention
The invention relates to the election and voting system and method in order to eliminate the above-mentioned disadvantages and to bring new advantages to the related technical field.
Blockchain technology offers technical solutions to decentralized (partially centralized in special blockchain structures), that is, with a distributed architecture, computation and data storage problems. This is a technology that can be applied on many devices such as computers, the Internet of Things or mobile devices that can connect to the Internet or make network connections. Blockchain is an abstract data structure called distributed ledger, which is sorted by time and constantly growing, where immutable (or noticeable when tried to be changed) records/lists of the transactions performed are kept on the relevant computer network. It can be said in this sense that it guarantees that the data in the chain structure cannot be changed.
Electronic election and voting systems that allow voters to participate in voting through a computer, tablet or mobile phone, online or, as the case may be, through a local network connection, wherever they are, become safe and reliable thanks to the use of blockchain technology in election processes. Voters authenticate their identity through the system- integrated biometric authentication mechanism, and then access the election system web page or application. The votes cast are stored in the servers by signing with a technique called blind signature and it is not technically possible to establish a relation between the voter and the vote they cast; however, no one, including system administrators and administrative/technical personnel, can access this information. Vote counting can be carried out in a healthy way and in a very short time. Authenticated voters cast votes, but it is not clear who they voted for until the election process is completed and the counting phase is completed. Full compliance with the principle of secret ballot public counting in traditional elections is also ensured since the system will not allow duplicate votes. • It significantly reduces election and voting costs. It eliminates the recurring costs of the traditional elections.
• It guarantees to protect the privacy of the person with the confidentiality of votes and voters.
• It eliminates the obligation for voters to go to certain election centers.
• It provides defense against attacks such as denial of service (DoS, DDoS), etc. that can be made to centralized systems since it has a distributed architecture.
• The system is prevented from being misled by the voter or the institution performing the election through the software and protocols used.
• The reliability of the election process is high because the security of the votes is not given to a certain institution, person or group.
• It provides a high level of security with algorithmic, mathematical and cryptographic methods.
Description of the Figures
The descriptions of the figures and shapes are listed below for a better explanation of the invention.
Figure 1 The general preparation procedure that needs to be done before the election is given.
Figure Description: Voter information is provided some time before the election (3 months may be sufficient) by the institution or organization that will make the election. Initial authentication of the voter is performed based on his/her identity information that was provided earlier. Then, another authentication is performed based on the recorded biometric data of the voter whose identity verification was successful previously. Those who successfully pass all these stages are entitled to vote as voters.
Figure 2 The procedure to be applied to voters is shown.
Figure Description: The voter logs in to the website and chooses the choice to vote. Following the verification of TR ID number, repetition status, biometric verification and SMS, the list of candidates is brought in front of the voter. The vote used without timeout is recorded and the voter leaves the system.
Figure 3 Voter interface.
Figure Description: It is the user interface that shows voters what the procedure applied to them looks like, that is, what schematic representation the voter is facing.
Figure 4 Architecture of subunits such as Web Server, Authorization Unit, Voter Identification System, Counting Server used in the system when voters decide to vote on election day. Numbers 1 to 11 indicate the sequence of processes.
Figure Description: It explains what happens in the background when voters vote. The web server checks whether the voter has the right to vote or not and whether the vote is duplicated or not when the voter logs in to the website to vote. It then waits for the authorization unit to contact the voter to verify and authorize the voter. The voter verified and authorized by the authorization unit also uses the vote via the web server. The vote used is transmitted to the ballot box database and the voter information is transmitted to the voting database. All the votes used are transferred to the counting server to announce the result at the end of the day. Voter Identification System is the system regulated by voter information.
Detailed Description of the Invention
The novelty of the invention is explained with examples that do not have any limiting effect for a better understanding of the subject in this detailed description.
The invention is related to a new election and voting system that proposes mechanisms for the privacy of personal data in this process while providing trust and confidentiality in the election and voting processes.
The system is an online election technique, model and application that meets all the necessary and sufficient requirements of traditional choices and maintains all its principles and rules. The principles of secret ballots, public counting, and equal votes, which form the basis of a democratic election, are also included in this online election system. In addition, a reliable and robust model has been put forward by producing solutions to security and privacy problems specific to the virtual environment. In addition, a flexible structure is provided that allows different election practices according to the need (for example, repetitive voting rights, voting weight, vote withdrawal, multi-day/weekly election periods, etc.).
The invention is unique in terms of the use of blockchain techniques in electronic voting products and services.
Possible electronic voting systems using the technique subject to the invention are unique in that they have a decentralized (partially centralized in special blockchain structures) distributed database far beyond the concept of backup used in the current methods, and computers in physically separate locations hosting this database have a special network that they create with a common decision (consensus) protocol and communication and cryptology protocols among themselves (various consensus protocols are available in the literature and are not subject to the claims). The most basic feature of the blockchain is that the encrypted transaction record is performed in a distributed manner. These operations are performed on different computers in data blocks and again encrypted. Encrypted data blocks processed on different computers are partially re-encrypted by adding end-to-end like a chain. Thus, successive data blocks are interrelated, which prevents potential attackers from making changes to the recorded data blocks. These ciphertexts, which are created in the form of chains, become very difficult to break.
The invention brings a level of security to the electronic voting systems higher than what is provided by the present methods. The security in question consists of features such as the inalterability, the immutability of data (vote and voter information), the privacy of personal data, the confidentiality of the voter and the undeniability of the vote. The unalterability and undeniability of recorded data is one of the features that blockchain technology naturally provides. Blockchain technology is therefore preferred in the voting database, as these features are of vital importance for a safe and reliable online election order.
The functioning of the electronic voting system is summarized in the following steps: 1) Determining, by the regulator (election organization (foundation, association, company, etc.)) the list of draft voters to vote in the election and transferring the information (identification number, registration number, etc.) of these persons to the system,
2) Creating, by the biometric verification engine, biometric data of the people in the voter list created (The biometric data (voice, fingerprint, retina, etc.) of the people registered in the voter list are recorded and stored before the election. This data is then used to verify the voter's identity (on the election day). Namely, the voter is asked to re-enter the biometric data in the records just before the voting process on the election day. The biometric verification engine checks the accuracy of these data after the voter enters the required data (voice, fingerprint, etc.) into the system. The voter is given the right to vote if the data is correct. The biometric verification process is automatically provided by the biometric verification engine. The persons whose biometric data provided to be used for this purpose are processed in the voter database, and the final voter list is created.),
3) Logging into the system by the voter on the election day using the member/ identification number through the interface shown in Figure 3,
4) Determining the election to be voted by the voter, checking, by The front-end server, whether the voter is among the people who can vote (Front-end server stores and publishes a web interface, in other words, a website, where voters can view and vote on the active elections and the candidates within the framework of their authorities. This interface is called the voter interface.),
5) Checking, by the front-end server, whether the voter has previously voted in the active election (Blockchain system and consensus protocols are used to solve the double spending problem.),
6) Transferring, by the front-end server, the voter authorized to vote to the authorization unit, testing, by the authorization unit, whether the person is a real voter with biometric and SMS verifications, and if successful, allowing the front-end server to show the candidates to the voter in the user interface,
7) Voting for one of the candidates shown in the voter interface and logging out of the system by the voter,
8) Recording the member information to the voting list database and recording the vote given to the ballot box database by the front-end server, 9) Transferring the list of voters and the ballot box databases to the counting server when the election period ends,
10) Announcing the winner of the election and numerical data by the counting server (It is ensured that all these processes work autonomously, and even those coding the system cannot manipulate this process. It is possible to present the voting information in a transparent way instantly when requested. The privacy of personal data and the voter's privacy are ensured while these are carried out. Zero knowledge proof protocols are used over autonomous codes to achieve this.).
The invention brings a level of security to the electronic voting systems higher than what is provided by the present methods. The security in question consists of features such as the inalterability, immutability, confidentiality and undeniability of data (vote and voter information).
The electronic voting system is aimed to replace traditional elections completely. It is the first of its kind in terms of using biometric verification methods in online voting. It is the first model in the world in terms of using the blockchain as a voting database. Voter information is also kept optionally in a decentralized identity system. Voter information is confirmed by zero knowledge proof methods over smart agreements, but this identity information is not kept in the system. Votes cast by voters are stored with blockchain technology, which is a distributed system. Thus, both anonymity and unalterability of the given vote are ensured.
Authentication of voters is provided through a precise biometric authentication mechanism without the need to use any smart cards, electronic equipment, apparatus and similar devices. Thus, ease of use is increased and cost is reduced. The information of the voters to be authenticated is taken from the regulatory body that will carry out the election and stored in a traditional database or a blockchain ledger.
It is also possible to verify the identity of the voters with a decentralized digital identity in these processes. Any blockchain technology customized to retain distributed digital identity can be used in the validation process of this information. Voter information is confirmed by zero knowledge proof mechanisms over autonomous codes, but this identity information is not kept in the system. Autonomous codes are prepared with deterministic programming languages and are mostly referred to as smart contracts in the literature. These codes work under all conditions and according to the protocol written in each architecture. Autonomous codes are very difficult to manipulate as they are stored at an address in the blockchain. When it is desired to be manipulated by using any error that may occur in the applications, this attempt can be easily detected since the blockchain system will keep a record of who made this change. In no way personal data is kept on the device on which electronic voting takes place or on another proxy/service provider machine. These data are confirmed in the identity system to be defined to the system by smart contracts. Cryptographic protocols such as zero knowledge evidence are used for privacy preserving to achieve this and to ensure the privacy of personal data. Symmetric encryption, asymmetric encryption, hash functions, various encryption techniques of post-quantum cryptography can be used in support of these processes. Here, the choice is left to the regulatory body and system developers. Authentication processes are carried out by preventing the copying of voter information in this way. Personal data are never kept in the blockchain ledger where the voting information will be kept.
The system uses cryptographic algorithms that do not allow a relationship to be established between the voter and his/her given vote. It is known that the voters voted, but it is not clear what the vote is with these algorithms called blind signatures. However, the votes can be counted conveniently when the election is completed.
The unit (server) that signs the message (that is, the digital ballot) does not know the content of the message (that is, the vote given), only signs the message that reaches it safely and sends it to the database (that is, the digital ballot box) according to the blind signature principle. The database can always check from the signatory server that the message reaches it correctly. Therefore, a secure channel is established between the units that sign and store the ballot in this method.
Displaying the current elections, surveys and other votes that can be used; announcing the results of the completed elections and votes to the public; giving information about the current or past elections; voters logging into the system to vote (in other words, requesting authorization); displaying the candidates or options that can be voted in a current election and voters voting for the candidates or options they want in a current election are carried out online through the website of the election system.
The website of the election system is kept on the front-end server of the system. The front-end server may be a computer with wired or wireless Internet (and local network) connection capability, a special server hardware or any electronic device capable of hosting and operating a website, or the virtual emulator software of such an electronic device or a related virtual machine software. It can run any operating system on it. System administrators, voters and, if desired (some restrictions may apply), other users provide access to this server online or, if available, via the relevant local network through a computer, tablet, smartphone, smart television or other electronic devices capable of network connection (Internet or local network) through a web browser program or a special software.
Protection against possible attacks is provided since the identity of the voting website and all data flow between the site and users will be encrypted with at least 128 bit SSL/TLS certificates. The system is designed to be compatible with the future use of new encryption processes, such as post-quantum encryption. Software and hardware units other than the frontend server are kept on a physically secure local area network that is not connected to the Internet.
The reliability of the database is ensured by the blockchain mechanism. Blockchain system operates on more than one computer (at least 3, no upper limit) (node) and keeps records synchronously (simultaneously). These nodes have a decentralized (partially centralized in special blockchain structures) structure. Each vote sent through the front-end server is sent to the relevant computers (nodes) on the network. The recorded data is validated by the nodes defined in the system. The consensus protocol running in the blockchain system assigns block writing to the defined node by selecting the node to write the block (voter data block) at certain time intervals. This node makes blocks by using the approved voting information based on the maximum block size defined. The necessary ledger update is performed in the blockchain structure according to the selected blockchain technology (Hyperledger fabric, Hyperledger sawtooth, Ethereum, NEO, NXT, Blockstack, R3 Corda, etc.). Any open source or closed source ledger can be used as blockchain infrastructure. It is made difficult to change the records completely in a possible attack attempt since the records of the voting data will be kept in more than one copy in this way. The attempt to change some records with the attack can be detected through the blockchain and necessary measures can be taken.
All kinds of symmetric (AES: Advanced encryption standard, DES: Data encryption standard, 3DES - Triple DES, Blowfish, etc.), asymmetric (RSA: Rivest-Shamir-Adleman, ECC: Elliptic curve cryptography, etc.), distributed and post-quantum encryption algorithms are used as data encryption algorithms within the scope of the system subject to the invention. The system is designed to support post-quantum encryption methods also.
If the voice is used as biometric data, interactive voice response (IVR) applications, which are reported to provide very high accuracy rates, are used for the voice recognition mechanism. This new use is added to the existing system. This mechanism is used before voting to verify the identity of voters as a method of biometric verification. High security is ensured as it will be prevented from changing, falsifying, repeated voting and voting by unauthorized persons thanks to the approval keys obtained from the voice recognition mechanism and cryptographic methods such as blind signature.
The system allows verification with all other biometric factors related to the human body such as fingerprint, iris, retina, palm, vein maps, as an alternative to the voice recognition mechanism. Voice recognition can be done with telephone, mobile phones and similar voice pagers, while special hardware and software are required for other biometric factors. The use of at least one of these factors within the voting system is within the scope of protection. Because the authorization server in the architectural structure is a part of the system regardless of the method selected and sends information to the rest of the system that authentication is successful or failed. Therefore, how verification is performed does not have a binding effect on other actors of the system.
It is possible to use the blockchain structure more effectively and to use cloud infrastructures for backup.
The election service system (and software) is modular. Some features can be removed and added according to the specific needs of the applications with the modular structure. Authorization services such as passwords, confidential questions, SMS can also be provided for the hearing-impaired. This also directly affects the cost of the product. Another design decision is related to the blockchain. The blockchain is used as an immutable database for the application in question. The system becomes functional by programming smart contracts specific to the application. The system supports zero-knowledge proof techniques, various “cryptocurrency wallet” protocols and encryption methods for privacy and anonymity processes.
Big data-compatible databases or traditional databases can also be used as an option for purposes such as backing up the casted votes and keeping the voter information.
PRE-ELECTION PREPARATION
Figure 1 shows the general preparation procedure that needs to be done before the election. The voter information and the time period defined for the election (estimated 3 months (time is given as an example, it does not matter)) are first taken from the regulatory organization (that is, the one who is willing and authorized to organize the election). Then, the biometric data of the voters are collected. The collected biometric data is then stored in the database for verification. Biometric data validation is performed after a certain period of time (e.g. within 1 week). If the biometric verification is successful, the voter is ready to vote. A voter database with verified biometric data is created in this way. Only voters in this database are eligible to vote at election time. No one who is not in this database has the right to vote.
VOTER PROCESSES ON ELECTION DAY
The procedure to be applied to voters is shown in Figure 2. The voter logs into the user interface to vote as shown in Figure 3 as a draft. He/she determines which voting he/she will be join in among the listed elections. Firstly, it is determined that they have not voted before with a unique information (TR ID number, Association Registration number, etc.). If they have voted, they are prevented from voting again before proceeding to the next stages. The authorization process begins if they have not voted. The voter who successfully passed the biometric authentication and SMS verification is presented with the candidate list shown in Figure 3. The voting record of the voter who votes for the candidates is taken without timeout and the voting process is completed for the voter. ACTIONS TO BE TAKEN BY THE USER AT THE TIME OF ELECTION
The architecture of the processes performed in the system are shown in Figure 4 when voters decide to vote on election day. The server checks whether the user is among the voters to vote after logging in to the voter user interface in the system. It requests biometric authenication from the authorization unit after designating the user as a voter. It shows the candidate list to the voter in the user interface after successful authorization. It saves the unique information of the voter who has made his/her election successfully in the database where the voter list is located. It records their vote in the ballot box database to be sent to the counting server later. The ballot box database transfers the information in the database to the counting server at the end of the election day. The counting server announces the result of the vote and the election is over.
SITUATIONS THAT PREVENT VOTING AT ELECTION TIME
Voters shall not be allowed to vote by the assembly if:
1) Invalid member, registration, tax, insurance and/or identification number entry.
2) The voter has previously voted.
3) Failure of the biometric authentication process.
4) Failure of SMS or other authentication processes.
5) Timeout on the candidate list screen.
The voter receives an error message on the screen of the relevant computer, phone, tablet, or other voting device for the relevant situation and returns to the first login screen in all these cases. The entire procedure restarts.
SYSTEM ACTORS 1) Election vendor: It is responsible for the organization of the election process and the operation of this election setup.
2) Authentication provider (biometric verification engine): It performs the biometric verification of voters.
3) Regulatory (election) organization (foundation, association, company, institution, etc.): The organization that will organize the election.
4) Voter: The registered voter, member.
5) Auditor: The regulatory body official to follow the election process.
HARDWARE COMPONENTS OF THE SYSTEM
1) Front-end server: The front-end server stores and publishes the website called the voter interface.
2) User database: The list of voters who have the right to vote is requested from the institution or organization that will undertake the election from this database. The data obtained with the characteristics such as identification number, gender, age show who is entitled to be a voter.
3) Authorization unit (biometric authentication engine): The authorization unit has the duties of using the biometric data of the voter such as voice, fingerprint, retina, palm print, etc. recorded in the system, verifying that the voter is the right person on the election day, and authorizing the relevant person (if the biometric data are correct) as the voter.
4) Voting database: It manifests itself as a database where the votes of the voters are collected. The votes given by the voters cannot be changed, and thus, security is ensured since these votes are stored via blockchain technology. Meanwhile, since the data is stored as encrypted, it cannot be viewed by the attackers who voted for which voter.
5) Counting server: It serves as the server where the votes given are counted at the end of the election period and the result is announced. The classification, statistical data and graphics of these votes emerge through this server.
Some features of the invention;
• It contains a front-end server, a voter interface hosted on this server, a user database, a biometric verification engine (also referred to as the authorization unit), a voting database, and a counting server, as defined and described in detail in the description.
• It allows determining by the regulatory body (foundation, association, company, etc.) the list of draft voters to be voted in the election and the registration of the information (identification number, registration number, etc.) of these persons,
• It ensures that the biometric data of the voters in the voter list created are obtained and recorded.
• It ensures that the voter logs into the system using the member/identification number through the voter interface on the election day, as shown in Figure 3.
• It is to allow the voter to determine the election to vote and to check by the front-end server whether the voter is among the people who can vote.
• It is the control of whether the voter has previously voted in the active election that the voter wants to vote by the front-end server.
• Transferring the voter authorized to vote with the help of the front-end server to the authorization unit, testing, by the authorization unit, whether the person is a real voter with biometric and SMS verifications, and if successful, showing the candidates to the voter in the voter interface by The front-end server.
• It allows voters to vote for one of the candidates shown in the user interface and log out of the system.
• The voting list of voter information by the front-end server is recorded automatically in the database and the vote given by the voter is recorded automatically in the ballot box database. • The list of voters and the ballot box databases are automatically transferred to the counting server when the election period ends.
• The winner of the election and the number of votes and turnout of all candidates are published by the counting server.
An electronic voting system in line with the detailed information above, characterized in that it comprises the following elements:
• At least one front-end server, which stores and publishes a web interface where voters can view the active elections and view and vote the candidates within the framework of their authorities; enables the control of whether the voter is among the people who can vote; transfers the voter who is authorized to vote to the authorization unit; enables the voter information to be automatically recorded to the voter list database and the vote given by the voter is automatically recorded to the ballot box database,
• At least one voter interface, which is hosted on the front-end server, where the voter logs into the system using the member/identification number on the election day, the candidates are nominated to the voter, the voters can view the active elections and the voters can view and vote on the candidates within the framework of their authorities,
• At least one user database in which the list of voters who have the right to vote from the regulatory (institution or organization) who will undertake the election is requested and the voter information is included,
• At least one biometric verification engine that has the duties of verifying that the voter is the right person on the election day from the biometric data of the voter such as voice, fingerprint, retina, palm print, etc. recorded in the system and authorizing the relevant person (if the biometric data are correct) as the voter and, tests whether the person is a real voter with biometric and SMS verifications,
• At least one voting database where the votes of the voters are collected and stored encrypted and using blockchain technology,
• At least one counting server where the votes given are counted at the end of the election period, the result is announced, the classification, statistical data and graphics of the votes are published. The algorithms used for the said encryption are symmetric and/or asymmetric and/or distributed and post-quantum encryption algorithms.
An operation method of a new online election and voting system that proposes mechanisms for the privacy of personal data in this process while providing trust and confidentiality in the election and voting processes, characterized in that it comprises the following steps;
• Determining by the regulator (institution or organization) the list of draft voters to vote in the election and transferring the information of these persons to the system,
• Creating, by the biometric verification engine, biometric data of the people in the voter list created (The biometric data (voice, fingerprint, retina, etc.) of the people registered in the voter list are recorded and stored before the election. This data is used to verify the identity of the voter later (election day). Namely, the voter is asked to reenter the biometric data in the records just before the voting process on the election day. The biometric verification engine checks the accuracy of these data after the voter enters the required biometric data (voice, fingerprint, etc.) into the system. The voter is given the right to vote if the data is correct. The biometric verification process is automatically provided by the biometric verification engine. The persons whose biometric data to be used for this purpose are provided are processed in the voter database and the final voter list is created.)
• Logging into the system by the voter on the election day using the member/identification number through the election interface,
• Determining the election to be voted by the voter, checking, by The front-end server, whether the voter is among the people who can vote, (Front-end server stores and publishes a web interface, in other words, a website, where voters can view and vote on the active elections and the candidates within the framework of their authorities. This interface is called the voter interface.)
• Checking, by the front-end server, whether the voter has previously voted in the active election with the blockchain system and consensus protocols, (The blockchain system and consensus protocols are used to solve the double spending problem.)
• Transferring, by the front-end server, the voter authorized to vote to the authorization unit, testing, by the authorization unit, whether the person is a real voter with biometric and SMS verifications, and if successful, allowing the front-end server to show the candidates to the voter in the user interface,
• Voting for one of the candidates shown in the voter interface and logging out of the system by the voter, • Recording the member information to the voting list database and recording the vote given to the ballot box database by the front-end server,
• Transferring the list of voters and the ballot box databases to the counting server when the election period ends,
• Announcing the winner of the election and numerical data by the counting server (It is ensured that all these processes work autonomously and even those coding the system cannot manipulate this process. It is possible to present the voting information in a transparent way instantly when requested. The privacy of personal data and the privacy of the voter are ensured while these are carried out. Zero knowledge proof protocols are used over autonomous codes to achieve this.).
The biometric data mentioned in the system and method are voice, fingerprint, palm map, retina, face biometry, DNA genetic material.

Claims

CLAIMS An electronic election and voting system, characterized in that it comprises the following elements:
• At least one front-end server, which stores and publishes a web interface where voters can view the active elections and view and vote the candidates within the framework of their authorities; enables the control of whether the voter is among the people who can vote; transfers the voter who is authorized to vote to the authorization unit; enables the voter information to be automatically recorded to the voter list database and the vote given by the voter is automatically recorded to the ballot box database,
• At least one voter interface, which is hosted on the front-end server, where the voter logs into the system using the member/identification number on the election day, the candidates are nominated to the voter, the voters can view the active elections and the voters can view and vote on the candidates within the framework of their authorities, At least one user database in which the list of voters who have the right to vote from the regulatory institution or organization who will undertake the election is requested and the voter information is included,
• At least one biometric verification engine that has the duties of verifying that the voter is the right person on the election day from the biometric data of the voter recorded in the system and authorizing the relevant person as the voter if the biometric data are correct, and tests whether the person is a real voter with biometric and SMS verifications,
• At least one voting database where the votes of the voters are collected and stored encrypted and using blockchain technology,
• At least one counting server where the casted votes are counted at the end of the election period, the result is announced, the classification, statistical data, and charts/visualizations of the votes are published. A method of operation of the election and voting system according to claim 1, characterized in that it comprises the following steps:
22 • Determining, by the regulatory authority or organization, the list of draft voters to vote in the election and transferring the information of these persons to the system,
• Creating biometric data of the people in the voter list created by the biometric verification engine and for this purpose o Obtaining, recording and storing the biometric data of the people registered in the voter list before the election,
- Processing the persons whose biometric data to be used are provided in the voter database and creating the final voter list, o In order to verify the identity of the voter from these data on the election day;
- Asking the voter to re-enter the biometric data in the records for verification purposes just before the voting process on the election day,
- Checking, by the biometric verification engine, the accuracy of these data after the voter enters the biometric data required from these data into the system,
- Giving the right to vote to the voter if the data is correct, otherwise not allowing the voter to vote,
- Providing automatically biometric verification process by the biometric verification engine during the voting process of the voter,
• Logging into the system by the voter on the election day using the member/identification number through the election interface,
• Determining the election to be voted by the voter, the front-end server checking whether the voter is among the people who can vote,
• Checking, by the front-end server, whether the voter has already voted in the active election with the voting database and the Blockchain system and consensus protocols that constitute this database,
• Transferring, by the front-end server, the voter authorized to vote to the authorization unit, testing, by the authorization unit, whether the person is a real person and registered/authorized voter with biometric and SMS verifications, and if successful, allowing The front-end server to show the candidates that can be voted on in the user interface,
• Voting for one of the candidates shown in the voter interface and logging out of the system by the voter, • Recording the member information to the voting list database and recording the vote given to the ballot box database by the front-end server,
• Transferring the list of voters and the ballot box databases to the counting server when the election period ends, • Ensuring and announcing the winner of the election and numerical data, the privacy of personal data and the confidentiality of the vote and the voter by using zero knowledge proof protocols over autonomous codes by the counting server. A system according to claim 1, characterized in that the said biometric data are voice, fingerprint, palm map, retina, face biometry, DNA genetic material. A system according to claim 1, characterized in that the algorithms used for the said encryption are symmetric and/or asymmetric and/or distributed and post-quantum encryption algorithms. A method according to claim 2, characterized in that the said biometric data are voice, fingerprint, palm map, retina, face biometry, DNA genetic material.
PCT/TR2021/051367 2020-12-08 2021-12-07 Electronic election and voting method and system with privacy protection and biometric authentication WO2022125041A1 (en)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
TR2020/20064 2020-12-08
TR202020064 2020-12-08
TR2021/019220 2021-12-06
TR202119220 2021-12-06

Publications (1)

Publication Number Publication Date
WO2022125041A1 true WO2022125041A1 (en) 2022-06-16

Family

ID=81974568

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/TR2021/051367 WO2022125041A1 (en) 2020-12-08 2021-12-07 Electronic election and voting method and system with privacy protection and biometric authentication

Country Status (1)

Country Link
WO (1) WO2022125041A1 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170046689A1 (en) * 2015-07-14 2017-02-16 Fmr Llc Crypto Voting and Social Aggregating, Fractionally Efficient Transfer Guidance, Conditional Triggered Transaction, Datastructures, Apparatuses, Methods and Systems
US20180232526A1 (en) * 2011-10-31 2018-08-16 Seed Protocol, LLC System and method for securely storing and sharing information
WO2020005328A2 (en) * 2018-02-09 2020-01-02 Orbs Ltd. Decentralized application platform for private key management
US20200036707A1 (en) * 2015-08-21 2020-01-30 Veridium Ip Limited System and method for biometric protocol standards

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180232526A1 (en) * 2011-10-31 2018-08-16 Seed Protocol, LLC System and method for securely storing and sharing information
US20170046689A1 (en) * 2015-07-14 2017-02-16 Fmr Llc Crypto Voting and Social Aggregating, Fractionally Efficient Transfer Guidance, Conditional Triggered Transaction, Datastructures, Apparatuses, Methods and Systems
US20200036707A1 (en) * 2015-08-21 2020-01-30 Veridium Ip Limited System and method for biometric protocol standards
WO2020005328A2 (en) * 2018-02-09 2020-01-02 Orbs Ltd. Decentralized application platform for private key management

Similar Documents

Publication Publication Date Title
US10887098B2 (en) System for digital identity authentication and methods of use
RU2652443C1 (en) Voters votes quantity collected by electronic voting determining system and method
US7565540B2 (en) Fully electronic identity authentication
US6973581B2 (en) Packet-based internet voting transactions with biometric authentication
WO2007006526A1 (en) Secure internet transactions on unsecured computers
Al-Ameen et al. The technical feasibility and security of e-voting.
Kofler et al. Electronic voting: algorithmic and implementation issues
Pathak et al. Blockchain based e-voting system
Selvarani et al. Secure voting system through sms and using smart phone application
WO2001022200A2 (en) Electronic voting scheme employing permanent ballot storage
Geetha et al. A secure digital e-voting using blockchain technology
Gaweł et al. Apollo–end-to-end verifiable internet voting with recovery from vote manipulation
Al-Rawy et al. A design for blockchain-based digital voting system
Singh et al. Blockchain-based decentralized voting system security Perspective: Safe and secure for digital voting system
Pan et al. Enhanced name and vote separated E‐voting system: an E‐voting system that ensures voter confidentiality and candidate privacy
Al-Janabi et al. Security of internet voting schemes: A survey
WO2022125041A1 (en) Electronic election and voting method and system with privacy protection and biometric authentication
Winarno et al. Block-Chain Based E-Voting For Indonesia
Mullegowda et al. A novel smart contract based blockchain with sidechain for electronic voting.
Abo-Rizka et al. A Novel E-voting in Egypt
Nimje et al. Blockchain based electronic voting system using biometric
Chen et al. A cryptanalysis of trustworthy electronicvoting using adjusted blockchain technology
TR2021019220A2 (en) ELECTRONIC SELECTION AND VOTING METHOD AND SYSTEM WITH PRIVACY PROTECTION AND BIOMETRIC VERIFICATION
Pasquinucci Web voting, security and cryptography
Krishnamoorthy et al. A Robust Blockchain Assisted Electronic Voting Mechanism with Enhanced Cyber Norms and Precautions

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21904008

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 22/09/2023)

122 Ep: pct application non-entry in european phase

Ref document number: 21904008

Country of ref document: EP

Kind code of ref document: A1