# Overview Of Electronic Voting Challenges And Solutions Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Electronic voting makes the voting system in significant way by changing considerable features of the present and outdated ballot paper system. The Electronic voting system makes various points in debatable situation while implementing the system. Finally the system supposed to be very efficient, trustworthy, transparent and confidential system. This article provides a research about electronic voting system design by having the features such as confidentiality, trustworthy, efficiency and transparent. Especially the security of the system has focused in this document in very precise manner. Furthermore the research paper demonstrates acceptable solutions for each and every challenge in a better way.

\end{abstract}

Election is the procedure to select the persons who should be the controllers of the each and every country. Every person has the voting rights to vote and select their representatives. The voter has the right to express their vote and keep the choice secretly in his or her mind. The election system is not a better procedure since the activities involve with that is not acceptable in present. Of course the wrong things happening over and over again and the amount of those kinds of things are increasing. The system which is using by the community should be changed in order to have a better fraud free election and to change the past inappropriate behaviors. The present system is the traditional paper ballot system. Voter should come to the centre and mark their vote in the ballot paper and fold it and put it to the box. After that all the boxes should be collected to a same place and all the votes should be count to have the results of candidates. Since this manual and old way of election method should be changed.

\par

When replacing traditional paper ballot to the electronic and mechanical devices several things should be in our concern. New system should have the capability to keep the confidentiality of the voter as well as the candidate should not know who used the votes for them and who don't. The present paper ballot system is facing several problems. As a solution for these problems the newly created system should have the capabilities to avoid the previous problems. The system should be easy to use for each and every user since all the users not have same education level and same age level. So as a solution of this problem the Electronic Voting System can be introduced as a better substitute for the traditional paper ballot system. The technology should be used to verify the confidentiality, correctness, as well as to avoid frauds using the new technology. However the voters should have a way to prove themselves are allowed to use the vote and they should have an access granting permission to use the system. Then only voters should be allowed to use their vote or leave without voting to anyone.

%-----------------chapter 2-----------------------------

\chapter{Example System - Electronic voting}

In order to have a better election there should be a better system. According to that the system design should be in well and precise way. So the proposed system's configuration should be well identified. The details which should be considered are given below with example voting system.

Advantages of having Electronic voting system\cite{art2}

\begin{itemize}

\item Speed result caclculation with fully efficiency

\item Save money

\item Accessibility support for the disabled

\item The ballot paper design can be changed at last moment

\item Ballot paper can show in other languages also

\item Avoid mistakes from the voters

\item Monitor all the process at one place while in progress

\end{itemize}

\par

Whatever the system design is the election policies in the country should not be violated. The developers should have the responsibility to code the system in responsible manner. They should go through there code after several times. Then only they can avoid the design errors. On the other hand the officers in the polling station may not have a better idea about information technology and their activities may be harmful for the system because all the officers have the access to the system. But the point is they have the access privileges more than the voter has. If they do something without knowing or misunderstanding, all the election may suffer.

\section{System Overview}

However the new system should use a best software system to handle this situation because the total election depends on the correctness of the new software system. Not only the correctness the developers should not keep back doors to enter to the system and change the results. And we have to consider about the communication providers also. Whatever the system is software system that should run on a terminal and the communication line should be secure enough to send the real votes.

\par

In some systems uses a terminal and a printer to avoid human errors and minimize the inappropriate votes. Those systems provide all the choices in terminal screen and users should select the options and finally print the ballot paper. Before print the paper system should prompt user to finalize their option. If user wanted to change his or her mind on that moment the user can do that easily. Finally the printed paper should keep in the box. \cite{art1} Other system is directly communicated with mother servers to collect all the votes to one place. But that system also runs using a terminal with having software on the operating system used in the terminal. The software system, network line should in trusting stage. Otherwise we cannot accept the election was security certified. To implement the security in this type of system is a must and the developers should directly involve with the cryptographic solution to verify the system is better place to keep the valuable vote for the candidates. Since this is paperless system the electronic ballot paper should go through the communication line securely to the source to the destination. However the service providers should verify the end to end transmission of this system. In the paper printed voting system the security is not a main concern because after printing the vote is become to the traditional ballot paper and the box. Finally the officers should calculate them manually. So the security should not use in high level. If the first count is not accepted by the candidates, the papers are there for calculate again and verify the previous output result. But the paperless system the verification should be totally concern since only one time can be given for calculation. If the conditions not satisfied the system is fail. The each and every voter should satisfy by the security end. Then only the election will be fine. The service providers should not hide the source codes of the system. Actually the system's security should not depend on the secrecy of the source codes, but on the highly perfect security solution and the keys used in the system. If the codes are not hiding from the world, then others can challenge for the system's algorithm. So the developers should have the capabilities to verify them the security of the system.

\par

There should be a way to verify the voter when they are using their valuable vote. There are so many solutions. At the present system the voter should provide their Identity card to the polling centre and the officers should double check from the provided list which is having all the names of valid voters in the division. Then only the voter will be granted to use their vote. But in the electronic voting system there should be a good systematic way to prove that all the person who eligible to use their vote. Generally this kind of systems use smart card based identity method to verify this person is allowed to use the vote. There should be a mechanism to avoid frauds using technology to use that card to use more than one vote. Also the card copy mechanism should be disabled due to having good security on the system. Actually all the officers in the poll station cannot trust since them also having a party. The system providers should verify the officers also cannot involve with the system fraud way, because the officers should be given the smart cards having some kind of special privileges. Then anyone can use their privileges to change the actual result.

\par

Voting system should not use insecure communication lines since the communication line may not trust. The famous man in the middle attack can be take part due to the lack of security in the system. So the securing the communication line is a main issue in this scenario. We cannot trust all the communication lines. So the best way to verify the security through the line is cryptographic solution. When using cryptography the system developer can easily implement a code to be work on the day which election is progressed. But other days the testing could not have problems. We have to consider about these types of all the scenarios when implementing cryptography. Other way round the known attacks such like buffer over flow attack may have the chance to make some change to the developed system. Actually the verification of the system is not easy. All the security holes should cover and implement the system without vulnerabilities is not an easy process.

\section{Configuration}

The voting system should be developed as a fully dynamic. Because the developing team don't know all the details such as who are the candidates, from where they are going to represent, what are the parties face for the election, who are going to make companies each other and how to calculate them together like things about the election. Then the system should change dynamically and the authorized users should have the chance to change the rules until before the election is started. So the details which should incorporate with are varying from division to division and province to province. In the example system should have terminals at each and every polling station. And the preloaded data for each terminal is varying from each by each. So there should be a mechanism to load initial data to the terminal before start the election. The solution may be network through distribution or portable media through data distribution for all over the country polling station terminals.\cite{art1} According to have the first mode the whole system should design as a centralized way. Then the system should have a secure channel to distribute the electronic ballot paper details for each terminal and at the terminal end should have the capability to configure them automatically. That scenario is very useful for the authorized person to change the configuration at any time before start the election. On the other scenario the removable media should distributed manually to the end terminal. The responsible person have the privileges to initialize the terminal with configurations provided the super admin. After successfully inserting that the terminal is suitable for the election.

\section{Voter Identification}

After successfully configuring the terminal voter can use their vote. But before use vote, the user should provide their validity by forwarding their identity to the system. But there should be a medium to keep their identity with them. The identity should verify the user along with the system eligibility with strong mapping. In order to have the identity with them the system should use a memory card or a smart card. The smart card solution is a best solution because the smart card (Smart Card is a standard size card which equals to the credit card in size) is the latest and famous cryptography solution for keep the security issues with this card. And the smart card is used by the world as a safe key storing medium. By using that sense we can have better solution based with smart PKI based cryptographic solution. \cite{art3}

\section{Voting}

In order to use the vote the voter should provide the authenticity to the terminal. So the Smart cards should be distributed to the voters before the Election Day. Then the voter can provide the card to the terminal. First user should insert the card to the smart card terminal which is coupled with the voting machine. Then the terminal should check the validity of the user before granting the permission to the voter to use the vote. Sometimes the user may not eligible to use the vote. Sometimes the voter may have used his or her vote and he or she may try to use another chance. So the authentication process should include all those scenarios. Then the machine should provide the e ballot paper to use the voter's vote. The terminal should be equipped with devices to incorporate with disabled peoples also.

\begin{figure}[ht]\centering

\includegraphics[width=.4\textwidth]{image2.jpg}

\caption{Voting Machine for disabled}

\end{figure}

\par

The terminal should provide them the instructions in order to use their valuable vote. After filling the ballot paper, the system should forward the user to review and confirm their vote. On that point the user can change the mind and change the ballot paper fillings on the last moment also. If the user is confirmed the vote, the vote should go to the centralized system and the smart card should be changed to the "used" status. Then only the system can prevent fraud voting. And the central system should be updated by the details of the smart card but without the ballot paper details. Otherwise the voter's human right may be violated since the voter's choice is recorded somewhere in the system. After finishing that the terminal should be reset to welcome the next voter. \cite{art1}

\section{Finishing the voting session}

In order to finish the voting the authorized person should directly involve with the system by using the secure mechanism provided early. He or she should have a smart card solution or whatever the solution to identify the user as he is. So here the suggestion is to have a smart card to keep authenticity with him. When the election is finished, he can insert his card in to the terminal and provide required details to prove this is himself such as security questions, password etc... Then he can finish the voting by incorporating with the program running on the terminal.

\section{Transferring Result}

There are two solutions to transfer the results to the central place. We can use a network solution or removable medium to transfer data as we transfer the configuration details to the terminal before we start the election. In the first solution the system should have the secure channel to transfer data to the back end mother server. Man in the middle attack should not be taken place while transferring the data. Otherwise the system is not suitable. The data should be encrypted before the transfer using strong PKI based solution.\cite{art3} If the system is using the offline data collection, the authorized person in the voting station should be responsible for the data. And the system should not suffer from the changing the data by the authorized person. There should be a mechanism to provide the integrity of the data when using the network mode or offline mode.

\section{Collecting Results}

The back end server should have the capability to collect all the data to the centralized system without conflicts happening when adding data to the system. The server should get result of the each and every polling station and the server should not add results again to the system which is added early. And the centralized should compare the results with registered voters and the used votes to verify the system was running clearly and without errors.

\section{Smart Cards}

\begin{figure}[ht]\centering

\includegraphics[width=.4\textwidth]{image3.jpg}

\caption{Smart Card}

\end{figure}

\par

Using smart card is an intelligent way to handle and keep the system secure and safe state every time. But only the using smart card does not satisfy above features unless using the card in a better way. That means having smart card not says the system is running safe. Actually nowadays the world is moving from the smart card to the java card. In simple words the java card is a Java enabled smart card. When we are using the java card instead of smart card there are so many options to add new security features to the system. Actually the java card has a JVM (Java Virtual Machine) to process the requests coming from the outside world. Actually the java card has the capability to Triple DES also.

%-----------------chapter 3-----------------------------

\chapter{Security}

\section{Usage of cryptography}

At past the world was using the magnetic stripe cards to authenticate a person. Nowadays your banks also using the magnetic stripe card for authenticate the user when in front of the ATM (Automated Teller Machine). But they don't have the capability to process cryptographic algorithms. Those magnetic stripe cards only uses as a data representation in front of the ATM. Comparing with the magnetic stripe card and smart card the smart card have a better place among that because the smart card can process cryptographic algorithms for have a secure authentication. When attacker wants to hack the system he can easily enter to the system by coping the other's smart card. The attacker can buy (ISO 7816) smart cards and terminal from the world and he can learn how to violate the system or how to hide from the system security. Another thing the devices and smart cards are not very expensive. Since the machines are very cheap, anyone can get devices and write own programs to do some kind of vulnerabilities. Attacker can learn about the ISO 7816 protocol and write to output the same output from the card. Then the fraud card can easily prepared by the attacker. This is very easy when the smart card is not using cryptography on it. When the card is using the cryptographic functions, breaking them is not very easy.

\par

The new era of the smart card can use to process cryptographic algorithms inside the card. Now that is not simple secret data storage. The system should use the newer version of smartcard to fulfill the security requirements. If that is not satisfied the frauds may happen.

\par

Smartcard deals with the terminal using a protocol. The standard of the protocol is ISO 7816. The java enabled smart card came after the version specification version 2.1. Before that the smart card has not processing power. The card only communicates with APDU (Application Protocol Data Unit) commands. APDU commands consist with hexadecimal array of values.

\par

There was a card type that can be used only as a storage medium. On those days that was the superb medium to have a better security in every system. When growing the technology that card type also not sufficient for the requirement. When growing the technology, the hackers also learned how to escape through the security mechanisms.

\par

However the attacker can learn from the fresh card by sending several APDUs for the card and analyze the output from the card. Then he can use the card to vote and after that he can identify how the card becomes into "used" state by sending previous APDUs to the card again. Then he can identify how the card works and he can produce another card to produce the same output for the same input. Then the attacker has made a fraud card by using the original card. Then he can test it at the next election and verify its working or no.

\par

So in order to have a better security between these devices the communication line should use techniques to encrypt and decrypt the messages using PKI interface. \cite{art3} So anyone who is in the middle cannot identify the messages.

\section{Multiple votes by one voter}

The system should identify the provided smart card is in the "used" status before prompting to the ballot paper. If that type of incident occurs the system should deny that smart card to avoid using the vote again. When the system changing the status of the card, normally the system write some kind of bit pattern to the card and the next time the card responses by the same bit pattern unlike a fresh card. If someone programs the card to ignore the status change method calling in the card or ignore the changes and provide the response "I am changed' to the terminal the card can be safely removed from the terminal as a fresh unused card. Then he can easily enter the card again and reuse a vote from the polling station. System will accept the card over and over again. That should avoid by the system. If the system checks the number of votes that voted is less than to registered votes, easily identify the wrong thing happened there. But some of the voters don't use their vote. On that point the attacker is safe. There should be a mechanism to avoid that from the system. As a solution we can record the serial numbers of the smart cards that present until now and check whether the same card having same serial number coming to the polling booth over and over again. Then the system can identify the attacker and provide the chance to officers to catch the person who is trying to use multiple votes before him leaving the polling station.

\par

Since we cannot record the voter with all the details, system cannot track who used the vote and who didn't at the moment. If something goes wrong the next option is to arrange a new voting session in the same place. The decision is belongs to the authorized person to select the new session should use the normal traditional physical ballot paper or the defected system with high supervision.

\section{High privileged access}

Admin user should exist in order to control the system and distribute the access levels to ease the activities in the system. So there should be admin level activities such as initiating the terminal, configuring the terminal with ballot paper details, closing the election time, error handling, special case handling and submitting results etc... It is better to have another several low level of privileged authority to do some of the works mentioned early. As the scenario that particular user levels can be granted by special type of smart card to the admin level users to involve to the system. When granting the access system should provide secret PIN \cite{art4} to the particular user. Otherwise anyone can steal the smart card and they can try to access the system. If there is a pin number involve with the card, the card no longer can be used for other third party person. Otherwise a general voter can insert the admin smart card instead of voter's smart card. Then the system may think this is an admin user and it will prompt the user to the admin section. That should be stopped by using a PIN number. And all the personnel who possess the special privileged smart cards should be responsible for all the activities done by using the smart card. There may be a function that doesn't required PIN number, and then anyone can do those kinds of things to the system. The point is to avoid that kind of vulnerabilities more than recovering them after something happens is not a better idea, because the effect may not be recovered. And the effect may not be identified clearly since the log file is not using in this system.

\par

Using a PIN number can reduce the effect little bit that describes in the above paragraph. According to that scenario the system will be prompted the user to enter the PIN number to authenticate the present person is the owner of the card. But there is an issue on this mechanism. Assume the PIN number is four digits one and it has been sent to the card as a clear text. Even the PIN number is used for a card the attacker can check all the combinations of 4 digits until find out the correct PIN number. Only the attacker needs to try 10000 times. After that he or she will realize the Pin number. Actually the security is not enough to handle those kinds of situations.

%-----------------chapter 4-----------------------------

\chapter{Data Protection Challenges and Solutions}

The system is totally running on the data as well as all the systems in the world. There are several types of data in this system that is directly incorporate with.

\begin{itemize}

\item Votes (Result data)

\item Ballot Paper Details (Terminal initialization data)

\end{itemize}

\par

Since this is not a desktop type application, developers should consider about several known questions such like how to deal with the data transferring and retrieving among the system. There should be solutions to distribute data from the centralized back end server to the all the terminals formed at each and every ballot stations. There are several data distribution types.

\begin{itemize}

\item Using physical medium

\item Over the network

\end{itemize}

\section{Ballot paper details and configurations data transferring method}

\subsection{Using physical medium}

After setting up the terminal to each and every ballot stations, all the terminals should configured. The configuration data should be distributed to the terminals. We can use one of the type defined above to distribute configurations. Whatever the selection is not important as far as the data is secured and totally finished by configuring the terminal for the election. But the attacker can change the configuration files to forward all the votes to one party by changing the configuration. Those types of attacks should not be allowed here. In order to avoid that, the configuration files should be encrypted. But those files should decrypt by the terminal only. When we use the physical medium for that the data should go through a removable medium such like flash drive. When distributing configuration through physical medium the person who is going to configure the terminal should responsible for his activity, because that data should install totally accurately. This scenario is suitable for the rural area which couldn't retrieve a powerful communication line. The disadvantage of this scenario is the details (configuration details and ballot paper details) cannot change after releasing the data. If there should be a change on the data, the terminal should be reconfigured by doing the above process again.

\subsection{Using the network}

If we use the network medium to configure and initiate the terminal there should be a good communication network dedicated for this scenario. Terminal can be connected to the dial up connection or directly internet or a designed network to communicate with the back end server. Advantage of this type of connection is that all the terminals can be configured at once and they can be monitored at one place. Any time the system can be changed before start the election easily the administrator should satisfied from that privileges. The disadvantage of this networking system is the data should go through the public network line. The security of the data should be the main concern of this scenario. There should be a guarantee the configuration and ballot paper data should not leak in the network.

\section{Vote data transferring method}

\subsection{Using physical medium}

The vote data is the most critical in this system. If it is not secured the system is not suitable for the electronic voting solution and it is almost failed. When we use the physical medium to transfer the data, the authorized person should change the data from the terminal to the physical medium such as flash memory or floppy drive. That transferring should not harm to the casted votes and the data should be encrypted by using PKI interface inside the medium.\cite{art3} That implies the person who authorized; even the admin cannot change the data inside the physical medium until sending them to the centralized place. Only the system could identify the encrypted data at the physical medium. According to have an accurate e voting system the admin also should not trust at all. The system accuracy should continue throughout until the election is finished.

\subsection{Using the network}

If we use the network as the communication medium to collect all the results from each and every terminal in the country the back end server and the terminals should communicate with more secure way to minimize the frauds which can be happened over the network. Actually the solution should be a PKI interface\cite{art3} implementation over the network to communicate with each other. If something goes wrong, total election cannot be trusted. Network mode is the way that frauds easily can be happened. When transferring the results from particular terminal to the back end server, there can be man in the middle attack may occur. If someone may get the data packets and he can modify them and redirect to the destination. The system should have the pre steps to avoid this kind of situations.

The terminal has an operating system and storage for the special purposes. There are machines that running the windows 2000 and there are machines that running the windows CE etc... That machines have the storage area and that storage area can be divided into several types since they are used for special purposes. There are two types of internal data storage in the terminal. \cite{art1}

\begin{itemize}

\item System storage area - This portion stores the terminal operating system, font files, system configuration files, backups etc...

\item Removable flash memory storage area - This portion stores primary copies dynamic data files.

\end{itemize}

\section{Temporary data storage inside the terminal and cryptography}

The most critical data in the terminal device are vote data and the log files. All the details should be encrypted and calculate the checksum should be done before write the data to the storage area. To encrypt the data there should be a key. We cannot keep the key inside the machine itself because the third person may access the machine storage and may get the key. So the key should keep securely. In that case the key can be stored inside a smart card. When the machine wants to get the key to encrypt the data, the terminal can access the smart card and use the key. It should be a DES (Data Encryption Standards) key. But there is an issue on that. If someone wants to find the key the brute force algorithm could help him for find the key. So the DES encryption should be changed to the triple DES. By only using this type of security the data can be kept safely from the third person. \cite{art1}

\par

There should be key agreement at the both ends of the system when sending data through the network. Also there should be the public key of the back end server inside the terminal. Otherwise the data may not safe until it arrives to the back end server. The system should not use a symmetric key to encrypt and decrypt because the person who get the key could decrypt the data. So the key mechanism should strongly refer the public key interface. If we use a symmetric key for this, the key should be keep inside the terminal or removable device or any place that terminal can retrieve the key. But we can easily keep the public key anywhere since no security issue. Only the back end server can decrypt the data until the private key of the server is safe.

\section{Secrecy of the voter's vote}

The vote result should write in to a file before encrypting it. If the program has written to record all the votes sequentially, officers can track the vote and the voter directly if officer can access the file. So there should be a mechanism to write the data to the file after encrypting with several parameters incorporate with the particular voter. Now the officer attacker cannot track the vote and the voter if attacker have the access to the terminal because the voter's private parameters and the choice has used together to encrypt and write the data to the file. The each and every record of the file is varying from each other. So the secrecy of the voter's vote is satisfied. \cite{art1}

\par

Assume that the file is written without encryption. Server end can identify the votes by reading plain text. When receiving data to the server the server should generate random number and the vote should store along with that number. So the order is not provide sufficient information to track voter's with their vote. The random number generator should efficient and sufficient for this purpose. \cite{art1}

\section{System Auditing}

For a better system there should be a mechanism to record all unexpected details to the system clearly in a better format. In order to have an error log the system should have a printer attached to the terminal. Sometimes unexpected errors may occur in the system such as

\begin{itemize}

\item Hardware failure while voting on progress

\item Network failure while voting on progress

\item Printer is unplugged

\item Printer is malfunctioning

\item Exceptions when voting etc...

\end{itemize}

\par

However the error log should be maintained due to keep evidence that there were error has taken place. Not only errors that the error record should record who logged in to the system along with the time that he or she logged like things are very important since the system is in critical category. That is very useful for get a better output from the total system.

\par

But if the attacker can see the wire that terminal to printer, he can tap that and print another error log as the real error log by hiding the activities in the terminal. The system is not in safe at that type of situation.

\section{Denial-of-Service attack}

For a better election there should be a good mechanism to safely deliver the ballot information definition files to the end to end terminal. On the other hand to continue a efficient vote those files should deliver little time before start the election. So the officers should download them by network or public Internet. When they are downloading the system may ensure the safe delivery to the end terminal. Assume man in the middle cannot do anything about that. So anyone cannot break the communication line to make vulnerabilities while downloading the ballot paper information. Then attacker will try to crash the system. Then anyone cannot use the system at that moment because the system is crashed. Attacker can delay the election process or block the process by this Denial-of-Service attack.

\par

In order to make rush on the communication line the attacker only needs to send millions of requests to the server that stores the relevant ballot files. And the server will try to initiate the connections to all the requests that are coming from the attacker as well as the other polling station officers. Then the attacker won't response that server's reply and the attacker motivate to send more and more request to the server. Finally the server will get crashed. Then the system has halted by the attacker to particular time. Sometimes that may block all the process of election through the day. Those kinds of vulnerabilities should get into concern when designing a better electronic voting system to the public.

%-----------------chapter 5-----------------------------

\chapter{Conclusion}

Efficiency, trustworthiness, transparency and confidentiality should concern in very precisely when creating a better system to the election process. So the system should cover all type of vulnerabilities. So the system design phase should be strong very well. Voter should not capable to cast multiple votes. Administrative accessing should create in formal way. The normal voter should not have the access to the admin functions.

\par

Other way round the system should be strong enough when dividing the control over admin users. Then the admin users shouldn't have the chance to make vulnerabilities to the system as described in the above chapters. The error log should be specific and it shouldn't be fail any time. Admin users should not have the ability to do changes to the error log system.

\par

At the developing stage the developers should not keep security holes to the system purposely or not. Developers are the one who have the best chance to add the malicious codes to the system. When the developing the system the code review should be strict. Not only that the after converting the open source coding into the binary code the program should not be changed maliciously. The conversion process should be done using the undoubted compilers.

\par

And the voting equipments should in doubtless state and the vendors should certify the security of those equipments.

\par

Whatever the system that made there should be a way to verify the system that shows the hundred percent accurate results every time. At that point we could suppose there should be a way to collect ballot papers physically also. It can simply do by printing the ballot paper and show that to the voter and voter can keep the ballot paper to the box.

\par

When calculating the votes the electronic system vs. normal system can be compared. Then the results from the software system can be accept before calculate the votes by hand. After several elections the voting system will be automatically become trustworthy. Finally the old ballot paper counting will become only a verifier for the software system.

\begin{thebibliography}{9}

\bibitem{art1} \lq\lq Analysis of an Electronic Voting System.\rq\rq \\

Tadiyoshi Kohno, Adam Stubblefield, Aviel D. Rubin, Dan S. Wallach, February 27,2004 \\

$<$\textit{http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.71.7470\&rep=rep1\&type=pdf}$>$

\bibitem{art2} \lq\lq Advanced Security to Enable Trustworthy Electronic Voting.\rq\rq \\

Andreu Riera Jorba, JosÃÂ© Antonio Ortega Ruiz, Paul Brown

$<$\textit{http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.85.1169\&rep=rep1\&type=pdf}$>$

\bibitem{art3} \lq\lq The Theory and Implementation of an Electronic Voting System.\rq\rq \\

Ivan Damgard, Jens Groth and Gorm Salomonsen July 31, 2002

$<$\textit{http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.1.9447\&rep=rep1\&type=pdf}$>$

\bibitem{art4} \lq\lq Hack-a-Vote: Demonstrating Security Issues with Electronic Voting Systems \rq\rq \\

Jonathan Bannet, David W. Price, Algis Rudys, Justin Singer, Dan S. Wallach, Department of Computer Science

Rice University

Houston, TX