U.S. patent application number 14/492296 was filed with the patent office on 2016-03-24 for system and method for fully encrypted remote web-based voting.
The applicant listed for this patent is Makor Issues and Rights Ltd.. Invention is credited to David MYR.
Application Number | 20160086408 14/492296 |
Document ID | / |
Family ID | 55022814 |
Filed Date | 2016-03-24 |
United States Patent
Application |
20160086408 |
Kind Code |
A1 |
MYR; David |
March 24, 2016 |
SYSTEM AND METHOD FOR FULLY ENCRYPTED REMOTE WEB-BASED VOTING
Abstract
The presented invention discloses an electronic web-based
election system and method for fully encrypted secure remote
voting, wherein the voting data is fully encrypted, including
within-the-database encryption, until the end of voting time
period. Further disclosed a computer encryption system, wherein the
voting result encryption application is additionally installed,
such a system being configured to obtain encrypted voting results
data and send such a data as a ciphertext to the election central
server for encrypted ciphertext storage in the database to prevent
everybody, including database administrators, from viewing the
data. Method for secure data encryption and public keys computation
based on voter' secret PIN code is further presented.
Inventors: |
MYR; David; (Jerusalem,
IL) |
|
Applicant: |
Name |
City |
State |
Country |
Type |
Makor Issues and Rights Ltd. |
Jerusalem |
|
IL |
|
|
Family ID: |
55022814 |
Appl. No.: |
14/492296 |
Filed: |
September 22, 2014 |
Current U.S.
Class: |
705/12 |
Current CPC
Class: |
H04L 63/0442 20130101;
H04L 9/3226 20130101; G07C 13/00 20130101; H04L 2209/463 20130101;
H04L 63/0428 20130101; H04L 63/083 20130101 |
International
Class: |
G07C 13/00 20060101
G07C013/00; H04L 29/06 20060101 H04L029/06 |
Claims
1. An electronic web-based election system for fully encrypted
secure remote voting, wherein voting data which corresponds to each
voter's vote is fully encrypted until an end of a voting time
period, the system comprising: a) an election central server
computer, said election central server computer being configured
to: store voter-related data for each eligible voter; send to the
voter his unique code for registration in a central voting
database, said registration includes entering his email address
into the voting database; check for each voter registered in the
system for an existing valid email address; generate a PIN code for
each voter registered in the system having said existing valid
email address to be able to vote; send to each voter via regular
post mail said PIN code; send to each voter an email invitation to
vote; authenticate each voter accessing the elections services
computer system by authenticating his PIN code and ID number which
is transmitted electronically from each voter to the election
central server computer; send each voter a respective ballot after
each voter is authenticated; generate a public key and a
corresponding private key for each voter, respectively, and send
said public key to each voter, respectively, obtain votes based on
said ballots from each voter in the form of said voting data and
store the voting data as a ciphertext in the database, wherein the
public key is included with the cyphertext; calculate elections
results from the voting data when the election time period is over;
update election central server system votes results. b) a computer
encryption system wherein the voting result encryption application
is installed, such a system being configured to receive the votes
from each voter in the form of voting data, encrypt the voting data
with the public key to obtain encrypted voting data and send such
data as ciphertext to the election central server for encrypted
ciphertext storage in the database to prevent everybody, including
database administrators, from viewing the data. c) a voter computer
system which: opens email or especially designed secure voting
website; identifies the voter by entering his ID number and PIN
code; displays a list of parties eligible for elections which is
displayed to the voter on a computer screen; casts the vote by
choosing one of the parties from said list of parties; displays a
consolidated list of candidates only from the one of the parties
which has been chosen; casts the vote for candidates by choosing
several candidates from the list of available candidates from the
one of the parties which has been chosen; confirms voter choice by
at least one of digital signature and entering the PIN; receives a
notice screen that the vote has been accepted, and encrypting the
vote and sending it to the computer encryption. d) a polling
station based system comprised of one of more computers
interactively connected to the election central server computer,
such computers containing a total list of voters for a polling
station, a list of voters who already voted either by using
web-based invented system or by using said polling station.
2. The system of claim 1, said election central server computer for
sending the PIN code to the voter, by using SMS messaging, to the
phone number registered in the elections database.
3. The system of claim 1, wherein the voting is conducted as a
poll, when the voting polls participants' number and quality are
selected according to statistical sample selection principles.
4. Method for secure data encryption and public keys computation
based on a secret PIN code sent to a voter by election committee
trustees, the method comprising the following steps: a) creating a
public key code for the voter and a private key code for the
election committee trustees; b) finding a prime number under
minimum of the above codes; c) finding a prime number over the
maximum of the above codes; d) calculating product of these prime
numbers reduced each one by one; e) computing co-prime number to
the above product; f) founding co-prime number paired with the
above product of primes and determining that number to be the
public key; g) generating private key by inversing co-prime number
above paired with the same product of the primes; h) permitting
voters to vote, said vote in the form of voting data; i) encrypting
the voting data by multiplying its ASCII code by co-prime of step e
above by modulo of its pair; j) receiving the encrypted voting data
and said public key code; k) decrypting the data encrypted in step
i above by using the created public key and part of the created
public key equal to co-prime of step e above, wherein this part of
the public key is included in encrypted text as plain first
word.
5. Method for full encryption of the election results comprising
the steps of: a) establishing a central database at a central
computer server; b) encrypting voting data corresponding to a vote
made by using individual encryption with a public key; c) sending
the encrypted voting data to computer encryption system wherein the
voting result encryption application is installed, said system
being configured to obtain encrypted voting results data; d)
sending said encrypted voting results data as a ciphertext and the
public key to the election central server for encrypted storage in
the database to prevent everybody, including database
administrators from viewing the data; e) storing the ciphertext
voting data in a database on the election central server until the
end of the election time period; f) decrypting the ciphertext votes
data at the end of the election time period done by election
committee trustees using their private decryption keys.
6. Method of claim 5, wherein encrypting and decrypting are
performed by performing the steps of: a) creating a public key code
for a voter and a private key code for election committee trustees;
b) finding a prime number under minimum of the above codes; c)
finding a prime number over the maximum of the above codes; d)
calculating product of these prime numbers reduced each one by one;
e) computing co-prime number to the above product; f) founding
co-prime number paired with the above product of primes and
determining that number to be the public key; g) generating private
key by reversing co-prime number above paired with the same product
of the primes; h) permitting voters to vote and receiving their
votes in the form of voting data; i) encrypting the voting data by
multiplying its ASCII code by co-prime of step e above by modulo of
its pair; j) decrypting the data encrypted in step i above by using
the created public key and part of the created public key equal to
co-prime of step e above, wherein this part of the public key is
included in encrypted text as plain first word.
7. System for full encryption of the election results comprising:
a) elections central computer server configured by a program to
transmit a selected vote over a data transmission network to an
election authority responsive to a secret code; b) a key generator
for generating and sending a public key to each voter; c) at least
one processor for encrypting voting data corresponding to the vote
with the public key, sending the encrypted voting data to a
computer encryption system having a voting result encryption
application which obtains encrypted voting results data; and d. the
encrypted voting results data as a ciphertext and said public key
to the election central server for encrypted storage in the
database to prevent everybody, including database administrators
from viewing the data; and decrypting the ciphertext votes data at
the end of the election time period by election committee trustees
using their private decryption keys.
8. System of claim 7, wherein encrypting and decrypting are
performed by performing the steps of: a. creating a public key code
for a voter and a private key code for election committee trustees;
b) finding a prime number under minimum of the above codes; c)
finding a prime number over the maximum of the above codes; d)
calculating product of these prime numbers reduced each one by one;
e) computing co-prime number to the above product; f) founding
co-prime number paired with the above product of primes and
determining that number to be the public key; g) generating private
key by inversing co-prime number above paired with the same product
of the primes; h) permitting voters to vote and receiving their
votes in the form of voting data; i) encrypting the voting data by
multiplying its ASCII code by co-prime of step e above by modulo of
its pair; j) decrypting the data encrypted in step i above by using
the created public key and part of the created public key equal to
co-prime of step e above, wherein this part of the public key is
included in encrypted text as plain first word.
9. System of claim 1, wherein encrypting and decrypting are
performed by performing the steps of: a) creating a public key code
for a voter and a private key code for election committee trustees;
b) finding a prime number under minimum of the above codes; c)
finding a prime number over the maximum of the above codes; d)
calculating product of these prime numbers reduced each one by one;
e) computing co-prime number to the above product; f) founding
co-prime number paired with the above product of primes and
determining that number to be the public key; g) generating private
key by inversing co-prime number above paired with the same product
of the primes; h) permitting voters to vote and receiving their
votes in the form of voting data; i) encrypting the voting data by
multiplying its ASCII code by co-prime of step e above by modulo of
its pair; j) decrypting the data encrypted in step i above by using
the created public key and part of the created public key equal to
co-prime of step e above, wherein this part of the public key is
included in encrypted text as plain first word.
Description
FIELD OF THE INVENTION
[0001] The present invention relates to electronic voting systems
and methods and, more particularly, to a secure innovative system
and method for conducting secure individually fully-encrypted
elections and voting polls through the Internet.
BACKGROUND OF THE INVENTION
[0002] A number of systems for remote electronic voting were tested
in the recent years. Maximal security, which is absolutely
necessary for the reliable electronic voting, has been and still is
a major issue in the remote electronic voting.
[0003] Examples of such remote electronic voting can be found in
several countries. Prime examples include: parliamentary elections
in Australia and Estonia. Those elections were conducted
successfully and can provide a solid case for implementing similar
systems in other countries.
[0004] Electronic voting in Estonia began in October 2005 local
elections when Estonia became the first country to have legally
binding general elections using the Internet as a means of casting
the vote and was declared a success by the Estonian election
officials.
[0005] In September 2000, the European Commission launched the
CyberVote on-line elections project with trials performed in
Sweden, France, and Germany.
[0006] In Australian, the electronic voting was introduced to
execute voting for military personnel stationed out of Australia,
for example.
[0007] There is a Simply Voting web-based online voting system for
managing online election. Voters arrive at voting website,
authenticate their identity and vote. Voting results are kept
anonymous. The voter is issued a receipt and is now blocked from
voting for this election again.
[0008] In addition, there are several US patent references in the
remote electronic voting field.
[0009] U.S. Pat. No. 7,757,950 presents election system enabling
coercion-free remote voting wherein a remote voter transmits
his/her selected vote to the election authority through a data
transmission network such as the Internet network by using a host
computer having a card reader, the vote being transmitted after the
voter has introduced an identifying smart card into the card
reader. At least one secret code is recorded into the smart card at
the location of the election authority at the moment when the
latter delivers the smart card, the secret code having to be input
by the voter into the host computer when the voter wants to vote
during an election in order for the vote to be transmitted to the
election authority and validated by the election authority.
[0010] U.S. Pat. No. 7,597,258 by Feldkamp titled: "Confidential
electronic election system" provides a system for improved
elections which may separate the identity of the voter from the
content of the vote she casts. The system may be implemented using
electronic or other communication methods. The system is
implemented in a separation of voter information from information
in the members' votes, to comply with various government
regulations relating to elections.
[0011] U.S. Pat. No. 7,152,156 by Babbitt titled: "Secure internet
voting system with bootable disk provides" discloses an Internet
voting system with security against malicious software by using a
bootable CD-ROM to boot voter client machines for use in elections.
The invention discloses a secure program storage device bearing
program instructions operable for booting a computer by exclusive
execution of program instructions found only on the storage medium
at the computer and the exclusive execution of program instructions
excepting system device drivers as needed for operation of the
computer; the program instructions on the storage medium being
further operable for execution of a voting application program
configured to permit a voter to cast votes in an election.
[0012] The currently presented electronic voting systems, as well
as other currently existing encryption methods, such as SSL do not
provide fully encrypted data in the database, therefore network and
database administrators will be able to view the data. Our
invention presents a system wherein the data in the voting database
is encrypted, so to prevent network and database administrators
from viewing the data. Further, a new method of secure encryption
is disclosed in our invention.
[0013] One additional problem in current voting process is a
situation of "double voting". An example of "double voting" is when
Democrats in USA are voting for a certain Republican candidates for
primaries in addition to voting in the Democratic primary.
[0014] To fix this problem, in our invention, the preferences would
flow down the list of the candidates of the party they first chose
and then move on to the list of candidates of the party of their
second choice, and so on.
[0015] One additional advantage of the invention is in eliminating
the need in all sort of election polls which are normally conducted
before the elections results become public in a few hours time
after election time period is ended.
REFERENCES CITED
[0016] U.S. Pat. No. 7,152,156
[0017] U.S. Pat. No. 7,597,258
[0018] U.S. Pat. No. 7,757,950
[0019] Simply Voting system www.simplyvoting.com
BRIEF DESCRIPTION OF THE DRAWINGS
[0020] FIG. 1a and FIG. 1b graphically represent stages of remote
electronic voting process in the invention.
[0021] FIG. 2 illustrates a new method for secure data encryption
and public keys computation.
[0022] FIG. 3 is a schematic representation of the stages of
encryption in remote electronic voting process in the invented
system and method.
[0023] FIG. 4 is a block diagram which illustrates an exemplary
apparatus for voting with encryption.
[0024] FIG. 5 is a flow chart/block diagram which illustrates
operation of an exemplary embodiment of the present invention.
DETAILED DESCRIPTION OF THE INVENTION
[0025] In the following discussion, numerous specific details are
set forth to provide a thorough understanding of the present
invention.
[0026] Other features and advantages of the present invention will
be apparent from the following description taken in conjunction
with the accompanying drawings, in which like reference characters
designate the same or similar parts throughout the figures
thereof.
[0027] The present invention discloses a new system and method for
remote electronic web-based voting using secure individually
encrypted network for each voter, when each vote remains
individually encrypted from the time of the vote and until being
decrypted by the election committee trustees at the end of voting
time period.
[0028] In the real world situation, it is reasonable to assume that
there will be a percentage of voters who prefer voting through the
regular paper-based polling station network. For that the invented
system further includes a polling station based system comprised of
one of more computers interactively connected to the election
central server computer, such computers containing a total list of
voters for the said polling station, a list of voters who already
voted either by using web-based invented system or by using a
polling station.
[0029] The new proposed system and method keeps highest levels of
precision, security and confidentiality of the existing voting
methods while having a number of main advantages such as: [0030] 1.
Significant monetary saving in elections process, since there is no
need to open ballot stations; [0031] 2. Savings in working
man-hours since there will be no need to take a day off for the
elections; [0032] 3. Fully encrypted from the start to the end of
the voting process and voting time period; [0033] 4. Using existent
technology and equipment; [0034] 5. Increasing voting turnout;
[0035] 6. Easy to implement; [0036] 7. Election results will be
calculated quickly while eliminating human error factor.
[0037] The proposed secure web-based election system aims to
fulfill the following main requirements: [0038] 1. Security--the
aim is to achieve more security that traditional paper-based
elections. To ensure high level of security and confidentiality,
there will be two non-connected servers in the proposed system and
two non-connected databases. [0039] Communication between the
voter's computer and our website is encrypted with the highest
level of protection. [0040] 2. Privacy--all votes remain secret, no
one is able to gain information about a voter's vote; [0041] 3.
Only eligible voters are allowed to cast votes, while every vote
can be made only once. [0042] Additionally, votes are strictly
checked for validity before being accepted; [0043] 4. Election
observers can check the election results and election results
calculations; [0044] 5. Working on most OSs and platforms, such as
Windows, Linux, Android, Ios, Windows Mobile.
[0045] The invented system could be used also for conducting secure
encrypted electronic web-based voting polls when the voting polls
participants' number and quality are selected according to
statistical sample selection principles. Such polls should have an
advantage over existing polls in encryption of the results and
strong statistical precision and validity of it.
[0046] FIG. 1a and FIG. 1b graphically represent stages of remote
electronic voting process in the invention. FIG. 4 is a block
diagram which illustrates exemplary apparatus for voting with
encryption. Those stages depicted in FIG. 1a and FIG. 1b consist of
the following: [0047] 1. Establishing a central elections database
at election central server system (101). Such a server computer
system being configured to: [0048] store voter-related data for
each eligible voter; [0049] send to the voter 402 his unique code
for registration in central voting database, such registration
includes entering his email address into the voting database;
[0050] check for each voter registered in the system for an
existing valid email address; [0051] generate a special PIN code
for each voter registered in the system having an existing valid
email address; [0052] sends to the voter regular post mail with
PUNT code required for entering for a valid election; [0053] send
to the voter 402 an email invitation to vote; [0054] authenticate
each voter accessing the elections services computer system by
authenticating his PENT code and ID data; [0055] obtain and store
the voting results data as a ciphertext in the database; [0056]
calculate elections results when the election time period is over;
[0057] update election central server system votes results. [0058]
2. Voter receives from the election central server system his
unique message for registration in central voting database, such
registration includes entering his email address into the voting
database (102). On this stage, the voter has an option to update,
add or delete his email address for voting. [0059] 3. The election
central server system checks for each voter registered in the
system for an existing valid email address (103); [0060] 4. The
election central server system generates a special unique PIN code
for each voter registered in the system having an existing valid
email address (104). [0061] 5. The election central server system
sends to the voter an email invitation to vote (105); [0062] 6. The
election central server system sends a voter his unique PIN code
for validly participating in the elections (106). In the preferred
embodiment of the invention, the election committee will produce a
PIN mailer for each eligible voter. The PIN will be used to
authenticate an elector's identity as part of the voting process.
[0063] The PIN mailer comprised a letter with a security panel
which, when peeled off, revealed the voter's PIN. The letter also
contained instructions to the voter on how to vote. [0064] In
another embodiment of the invention, the PIN code mailing can be
done also by email or by SMS to voter' registered email
address/phone number. Emails of registered voters will be
registered in Ministry of Interior. For emails registration,
several courses of action can be taken. The person when applies for
a new passport/ID/change of address will mention his email in the
forms. [0065] 7. Voter opens email/specially designed secure voting
website. Voting message will be used only once. So, if the voter
already made his vote, he will not be able to download the message
or vote again. [0066] 8. Voter identifies himself/herself by
entering his ID number, PIN code (107) and the system will
authenticate each voter accessing the elections services computer
system by authenticating his PIN code and ID data; [0067] 9.
Consolidated list of parties eligible for elections shall be
displayed to the voter on the computer screen 403 (108); [0068] 10.
Voter makes his/her vote by choosing a party from the
abovementioned list of parties (109); [0069] 11. Consolidated list
of candidates shall be displayed to the voter on the computer
screen 403 (voter will only be able to vote for the candidates from
the particular party that he already voted for at the previous
first stage of voting) (110); [0070] 12. Voter makes his/her
choice/s from the list of available candidates from the party he
already selected (111). The voter will be able to vote only for
candidates for the same party that he voted. That means there is no
need in primaries elections. Every delegate who will be able to
produce a minimum number of votes will make an initial list of
candidates. [0071] 13. Voter confirms his/her choice by digital
signature, entering the PIN code (112); [0072] 14. Voter receives a
notice screen that his vote has been accepted (113); [0073] 15. The
abovementioned vote is encrypted via computer encryption system 404
and sent to the election central server system (114). Votes are
encrypted from the beginning of individual voter voting process
till the end of election time period. Additionally, voting is
performed anonymously, i.e. it is made without knowing the contents
as it is impossible to connect the vote to the voter. [0074] There
is a group of trustees having the decryption keys in trustee
committee computer 405 such keys will be used at the end of voting
time period. [0075] Data will be stored in an encrypted form within
the database. Such a database can be MS SQL in one embodiment of
the invention. [0076] To hide data from the database
administrators, then regular database such as MS SQL Server are not
equipped to deal with that problem, since data will not have
encryption of any kind in the database. In that case the client
application should be encrypting data and storing the ciphertext in
the database. That way neither the database server nor the database
administrators (nor the network administrators, as well) ever see
unencrypted data or encryption keys. So, to prevent gaining access
to sensitive data, consider encrypting at the application level and
protect the encryption keys accordingly. [0077] Full encryption
until the end of the voting process means that even the election
committee employees will not be able to see the voting results
until the end of voting time period. [0078] 16. The election
central server system updates and calculates voting results
(115).
[0079] FIG. 2 illustrates a new method for secure data encryption
and public keys computation based on voter' secret PIN code sent to
him by the election committee trustees, is presented, the method
comprising the following steps: [0080] 1. Creating a public key
code for the eligible voter and a private key code for the election
committee trustees (201); [0081] 2. Finding a prime number under
minimum of the above codes (202); [0082] 3. Finding a prime number
over the maximum of the above codes (203); [0083] 4. Calculating
product of these prime numbers reduced each one by one (204);
[0084] 5. Computing co-prime number to the above product (205);
[0085] 6. Founding co-prime number paired with the above product of
primes and determining that number to be the public key (206);
[0086] 7. Generating private key by inversing co-prime number above
paired with the same product of the primes (207); [0087] 8.
Encrypting the data by multiplying its ASCII code by co-prime of
step e above by modulo of its pair (208); [0088] 9. Decrypting the
data encrypted in step h above by using the created public key and
part of the created public key equal to co-prime of step e above,
wherein this part of the public key is included in encrypted text
as plain first word (209).
[0089] Those are the stages of encryption in remote electronic
voting process in the invented system and method as graphically
illustrated on FIG. 3 (FIG. 5 is an accompanying flow chart/block
diagram): [0090] 1. Establishing a central database at a central
computer server (301). Encryption process will be performed on such
a central computer server, amongst other computers; [0091] 2. A
special election committee checks voters' eligibility, supervising
private and public key generation for the election. [0092] Public
key computation in our invention is based on secrete codes of the
voter and voting committee trustees respectively. Public key is
created for each voter separately and sent her/him via email by
election committee. [0093] Sending PIN codes for eligible voters
formed from the initial voters list (302); [0094] 3. Voter enrolls
into the secure voting electronic system using ID, password and PIN
code and makes his choice for the particular party (303). Voters
who bypass authentication or have already voted are denied access
to the ballot; [0095] 4. Voter makes his choice on computer 501 for
the candidates/delegates from his chosen party in the step above
(304) [0096] 5. The abovementioned party vote and
candidates/delegates votes are sent to the computer encryption
system 502 wherein the voting result encryption application is
installed for creating a ciphertext data through the secure
communications channel (305); [0097] 6. The vote will be kept
encrypted in the database until the very end of the election time
period, where it will be decrypted with trustee committee computer
503 by the election committee trustees (306); [0098] 7.
Predetermined election time period is over (307); [0099] 8. At the
end of the election time period, all eligible votes are summarized
and the final result is calculated (308); [0100] 9. Election
committee trustees decrypt all votes (309). Parties'
representatives and the voter himself can check on the central
voting server 504 through the Internet system, if his vote has been
processed or not. If all public calculations are correct, the
result of elections is valid and a voter's vote was made into the
final result.
[0101] Other features and advantages of the present invention will
be apparent from the following description taken in conjunction
with the accompanying drawings, in which like reference characters
designate the same or similar parts throughout the figures
thereof.
* * * * *
References