UCCI.IT_LOGO
eBallot

How It Works / Features

 
  eBallot HOME | UCCI.IT HOME | CONTACTS INFO  
Versione Italiana
 
* How it Works
  :: Components
  :: Features
  :: Instructions
* Demo
* Docs
   
 

The main characteristics of the system are:

Easy of use
The system has been designed to be easy to use and compatible with all current web browser; no particular training is requested for the voter to use the system.
 
Anonymicity/Privacy
The system has been designed with the goal of privacy in mind: for this reason there are two web servers, the first to authenticate the voter and the second to cast the ballot. All accesses to the Vote Server must pass through a anonymizer system.
 
Flexibility
The system has been designed to be flexible, so to be easily adapted to different votes, from yes/no to multi-ballots, with different options and features like group-voting or individual-double-credentials, username+password or client digital certificates etc.
 
Scalability
The system has been designed to be scalable, so that it can be used for simple ballot within small groups or large ballots for thousands of people. The software and hardware requested can be easily scaled for very large ballots.
 
Modularity
To achieve Flexibility and Scalability, the system is composed by modules which interacts but are largely independent. In this way, new features or new technologies can be easily incorporated.
 
Unreusability
Voters are given a Secret Token which can be used only once so that each voter can cast only one ballot. Enforcement of this is realized with advanced cryptographical and system security procedures which make it impossible to delete from the system a Secret Token marked as already used.
 
Individual Verifiability
After casting a vote, each voter is given a Verification Code which permits to verify that the vote has been accounted correctly in the final published results, thus the accuracy of the results is always guaranteed.
 
Separation of Duties
The protocols are based on the strict separation of duties among the managers of the web servers and the officials who supervise the ballot. Only the fraudolent collaboration of 2 or more of them could, in some circumstances and by modifying the systems, allow them to violate the privacy of the voters, whereas the accuracy of the results is always guaranteed.
 
Security
The protocols, algorithms and code are public and based on scientific results. Security has been the starting point of this system which was born as a university research project in computer security. The implementation adopts well known and trusted cryptographical algorithms, protocols and programs, and the security of the web servers and the solutions adopted for the most critical features are based on the most advanced security features of today operating systems.
 
Weak Eligibility
The cryptographical Voting Authorization is given only to eligible voters. The eligibility of the voters is verified by the Authentication Server whereas the Vote Server verifies the authenticity of the Voting Authorization, not the identity of the voters. A fraudolent voter could pass her Voting Authorization to another person who would vote instead of her, and could then sell her vote in this way. For this reason our protocol guarantees only a weak form of Eligibility and cannot be used for political and similar elections. No easy solution to this problem is known for digital web voting. Instead to implement a protocol of doubtful security, we prefer to renounce to some requirements but to be sure of the features we offer.
 
NO Receipt-freeness
Voters are given a receipt so to be able to check that their votes have been accounted correctly and that the results of the ballot are trustworthy. But voters can use the receipt to prove to a third person for whom they have voted, making it thus possible to sell their votes. For this reasons our protocol cannot be used for political and similar elections. No easy solution to this problem is known for digital web voting. Instead to implement a protocol of doubtful security, we prefer to renounce to some requirements but to be sure of the features we offer.
 


 

UCCI.IT eBallot Web Site - Copyright (c) Andrea Pasquinucci 2000-2018
Info: posta@ucci.it - Page last modified 15/11/2006

    CreativeCommons by-nc-nd 2.5     Valid HTML 4.0 Transitional     Valid CSS!