Muhamad Al Fikri,Kalamullah Ramli,Dodi Sudiana

DOI: https://doi.org/10.1088/1757-899X/1077/1/012057

2021-03-16

IOP Conference Series: Materials Science and Engineering

Abstract:In the current era, the ownership of strategic information and the ability to effectively manage it has become a significant advantage. Reflecting on the experience of attacks on strategic communications in Indonesia, including the tapping of the former President Susilo Bambang Yudhoyono's conversation through the cellular network and President Jokowi's official residence, Indonesia has begun paying more attention to security in this sector. Device X is one of the secret strategic communication tools used in Indonesia. The XYZ Agency initiated the use of this device. As of 2020, there have been 1,284 units of Device X widely used by the army, police officers, and other strategic agencies in Indonesia. In its 5 years of operation, the XYZ Agency has researched the algorithm security used in Device X. However, there has never been a study of thwe security regarding the authentication and communication protocols of this device. This research aims to make a security analysis of voice communication and authentication protocols of Device X. The research was implemented using Scyther Tool as a formal verification approach. The analysis focuses on guaranteeing the confidentiality of information and authentication with four criteria, namely, secrecy, aliveness, synchronization, and agreement. The experimental results demonstrate that the authentication and voice communication protocol of Device X satisfy the secrecy criteria for transmitted confidential information but does not satisfy the criteria of aliveness, synchronization, and agreement on several entities involved in the protocol. Thus, it can be claimed that the authentication and voice communication protocol of Device X is provably secure based on the confidentiality aspect of information but is not secure in terms of authentication.

Aggelos Kiayias,Thomas Zacharias,Bingsheng Zhang

DOI: https://doi.org/10.1145/2810103.2813727

2015-01-01

Abstract:Recently, Kiayias, Zacharias and Zhang proposed a new E2E verifiable e-voting system called 'DEMOS' that for the first time provides E2E verifiability without relying on external sources of randomness or the random oracle model; the main advantage of such system is in the fact that election auditors need only the election transcript and the feedback from the voters to pronounce the election process unequivocally valid. Unfortunately, DEMOS comes with a huge performance and storage penalty for the election authority (EA) compared to other e-voting systems such as Helios. The main reason is that due to the way the EA forms the proof of the tally result, it is required to precompute a number of cipher texts for each voter and each possible choice of the voter. This approach clearly does not scale to elections that have a complex ballot and voters have an exponential number of ways to vote in the number of candidates. The performance penalty on the EA appears to be intrinsic to the approach: voters cannot compute an enciphered ballot themselves because there seems to be no way for them to prove that it is a valid ciphertext.In contrast to the above, in this work, we construct a new e-voting system that retains the strong E2E characteristics of DEMOS (but against computational adversaries) while completely eliminating the performance and storage penalty of the EA. We achieve this via a new cryptographic construction that has the EA produce and prove, using voters' coins, the security of a common reference string (CRS) that voters subsequently can use to affix non-interactive zero knowledge (NIZK) proofs to their ciphertexts. The EA itself uses the CRS to prove via a NIZK the tally correctness at the end. Our construction has similar performance to Helios and is practical. The privacy of our construction relies on the SXDH assumption over bilinear groups via complexity leveraging.

Kamred Udham Singh

DOI: https://doi.org/10.17762/msea.v70i2.2319

2021-02-26

Mathematical Statistician and Engineering Applications

Abstract:Abstract The potential of electronic voting to improve the efficiency and effectiveness of the voting process is immense. However, its security and privacy are still a major concern. Traditional methods of securing such systems, such as digital signatures and public key cryptography, are not always ideal when it comes to safeguarding the confidentiality of ballots. In this paper, we introduce a novel method for securing electronic voting ballots that utilizes homomorphic encryption. This method allows for the computation of ballots without needing decryption. The proposed e-voting system is composed of three servers. The first one is an e-voting server that stores the voter's information before it is sent to the tallying or decryption server. The latter two are used to calculate the total vote count and decrypt it. To evaluate the performance of this proposed system, we performed a series of tests on its various components. These included its execution time, memory usage, CPU usage, and communication overhead. The results of the tests revealed that the proposed system is secure and can maintain acceptable performance levels. The proposed system's accuracy and robustness are comparable to that of conventional e-voting systems. Its ability to withstand attacks is greatly enhanced by implementing homomorphic encryption. The proposed e-voting system we presented exhibited the security and privacy benefits of homomorphic encryption. By enabling computations on encrypted data without needing decryption, it helps protect the ballot's confidentiality and provides reliable and accurate results.

Chairul Rizal,Jelita Purwanti,Poppy Nabilla,Cindy Hartika,Latipah

DOI: https://doi.org/10.47065/bulletincsr.v4i2.332

2024-02-29

Abstract:The election of the OSIS Chair at the high school and vocational school level is still conventional, so it requires a lot of funds to be spent. Apart from that, many students were unable to vote because they were unable to attend due to illness or other reasons. Along with the development of sophisticated technology in this modern era, researchers want to implement Android-based general elections or what is called e-voting. This research aims to design an Android-based e-voting application and test the feasibility of the e-voting application product in the election of OSIS chairman and deputy chairman. Quantitative type research methods using the Research and Development (RnD) model with data testing tools using SPSS 16.0 for Windows as well as developing e-voting applications using prototype methods can make voting easier, reduce data manipulation, reduce voting twice and also speed up calculations and reporting. Based on the results of black box testing on the e-voting system, the trial was successful, so it can be implemented in the process of selecting the Chair and Deputy Chair of the OSIS in SMA/SMK. Feasibility trials carried out by 7 voters/users. The feasibility level for the Android-based e-voting system was 84.17%, which means it is very feasible.

Nikos Chondros,Bingsheng Zhang,Thomas Zacharias,Panos Diamantopoulos,Stathis Maneas,Christos Patsonakis,Alex Delis,Aggelos Kiayias,Mema Roussopoulos

DOI: https://doi.org/10.1109/icdcs.2016.56

2015-01-01

Abstract:E-voting systems have emerged as a powerful technology for improving democracy by reducing election cost, increasing voter participation, and even allowing voters to directly verify the entire election procedure. Prior internet voting systems have single points of failure, which may result in the compromise of availability, voter secrecy, or integrity of the election results. In this paper, we present the design, implementation, security analysis, and evaluation of D-DEMOS, a complete e-voting system that is distributed, privacy-preserving and end-to-end verifiable. Our system includes a fully asynchronous vote collection subsystem that provides immediate assurance to the voter her vote was recorded as cast, without requiring cryptographic operations on behalf of the voter. We also include a distributed, replicated and fault-tolerant Bulletin Board component, that stores all necessary election-related information, and allows any party to read and verify the complete election process. Finally, we also incorporate trustees, i.e., individuals who control election result production while guaranteeing privacy and end-to-end-verifiability as long as their strong majority is honest. Our system is the first e-voting system whose voting operation is human verifiable, i.e., a voter can vote over the web, even when her web client stack is potentially unsafe, without sacrificing her privacy, and still be assured her vote was recorded as cast. Additionally, a voter can outsource election auditing to third parties, still without sacrificing privacy. Finally, as the number of auditors increases, the probability of election fraud going undetected is diminished exponentially. We provide a model and security analysis of the system. We implement a prototype of the complete system, we measure its performance experimentally, and we demonstrate its ability to handle large-scale elections.

Riaz Ullah,Nizamuddin,Arif Iqbal Umar,Noor ul Amin

DOI: https://doi.org/10.22581/muet1982.2102.06

2021-01-01

Mehran University Research Journal of Engineering and Technology

Abstract:To make the electoral process more secure, comfortable, and universal, it is essential to use modern cryptographic techniques for ensuring the anonymity of information in the electronic voting system. In many emerging applications like electronic voting data anonymity as well as un-traceability are the most essential security properties. To ensure these properties we present here in this paper a more secure and comparatively efficient blind signcryption scheme using the Elliptic Curve Cryptosystem (ECC). The existing e-voting schemes are based on El-Gamal and the Rivest-Shamir-Adleman (RSA) cryptosystems which are not only expensive approaches but also lack the security features like unlinkability and forward secrecy. In our proposed scheme we use a low-cost elliptic curve cryptosystem with 160 bits key as compared to El-Gamal 2048 bits key and RSA 1024 bits key. In this scheme signer signs the message blindly without knowing the original contents then the voter forward signcrypted vote to polling server. The polling server is the actual voter data verifier or validator. The polling server checks the validity/authenticity of the voter and has the right to accept or reject the vote. Moreover, this scheme offers forward secrecy, unlinkability, and non-repudiation in addition to the basic security features like confidentiality, authenticity, integrity, and unforgeability. Overall performance evaluation proves that our scheme is comparatively more efficient in terms of computational and communicational costs. Furthermore, this scheme is suitable for the e-voting system due to its lower cost and extra security features.

Oksana Kulyk,Stephan Neumann,Jurlind Budurushi,Melanie Volkamer,Rolf Haenni,Reto Koenig,Philemon Von Bergen

DOI: https://doi.org/10.1109/ares.2015.75

2015-08-01

Abstract:Efficiency is the bottleneck of many cryptographic protocols towards their practical application in different contexts. This holds true also in the context of electronic voting, where cryptographic protocols are used to ensure a diversity of security requirements, e.g. secrecy and integrity of cast votes. A new and promising application area of electronic voting is boardroom voting, which in practice takes place very frequently and often on simple issues such as approving or refusing a budget. Hence, it is not a surprise that a number of cryptographic protocols for boardroom voting have been already proposed. In this work, we introduce a security model adequate for the boardroom voting context. Further, we evaluate the efficiency of four boardroom voting protocols, which to best of our knowledge are the only boardroom voting protocols that satisfy our security model. Finally, we compare the performance of these protocols in different election settings.

Aggelos Kiayias,Thomas Zacharias,Bingsheng Zhang

DOI: https://doi.org/10.1007/978-3-662-54388-7_11

2017-01-01

Abstract:State-of-the-art e-voting systems rely on voters to perform certain actions to ensure that the election authorities are not manipulating the election result. This so-called \"end-to-end E2E verifiability\" is the hallmark of current e-voting protocols; nevertheless, thorough analysis of current systems is still far from being complete. In this work, we initiate the study of e-voting protocols as ceremonies. A ceremony, as introduced by Ellison [23], is an extension of the notion of a protocol that includes human participants as separate nodes of the system that should be taken into account when performing the security analysis. that centers on the two properties of end-to-end verifiability and voter privacy and allows the consideration of arbitrary behavioural distributions for the human participants. We then analyse the Helios system as an e-voting ceremony. Security in the e-voting ceremony model requires the specification of a class of human behaviours with respect to which the security properties can be preserved. We show how end-to-end verifiability and voter privacy are sensitive to human behaviour in the protocol by characterizing the set of behaviours under which the security can be preserved and also showing explicit scenarios where it fails. We then provide experimental evaluation with human subjects from two different sources where people used Helios: the elections of the International Association for Cryptologic Research IACR and a poll of senior year computer science students. We report on the auditing behaviour of the participants as we measured it and we discuss the effects on the level of certainty that can be given by each of the two electorates. The outcome of our analysis is a negative one: the auditing behaviour of people including cryptographers is not sufficient to ensure the correctness of the tally with good probability in either case studied. The same holds true even for simulated data that capture the case of relatively well trained participants while, finally, the security of the ceremony can be shown but under the assumption of essentially ideally behaving human subjects. We note that while our results are stated for Helios, they automatically transfer to various other e-voting systems that, as Helios, rely on client-side encryption to encode the voter's choice.

Dwi Ely Kurniawan,Mohd Iqbal,John Friadi,Fendi Hidayat,Ririt Dwiputri Permatasari

DOI: https://doi.org/10.1088/1742-6596/1783/1/012041

2021-02-01

Journal of Physics: Conference Series

Abstract:Abstract During the Covid-19 pandemic, almost all jobs and activities to be limited, relying on the internet network. Data security in an internet network is most important and needs to be a concern for internet users. The internet network is a public network, which is vulnerable to security attacks. Attacks may occur to retrieve user data in the form of a username and password. This study conducts system design to improve the security of the username and password data when logging into web applications. Login using One-Time Password (OTP) verification by implementing the AES algorithm and Blowfish to encrypt the verification code. The verification code uses an SMS gateway. Testing is done by looking at security performances and comparing the performance of the Blowfish and AES algorithm. The results of the design research show that OTP is running well where the AES algorithm performance has advantages in terms of encryption and decryption speed compared to the Blowfish algorithm with a difference of ± 0.015 milliseconds for encryption and ± 0.04 milliseconds for decryption.

English Else

Olamide Olanubi,Opeyemi Joshua Adelowo,Emmanuel Ifeanyi Obeagu

DOI: https://doi.org/10.9734/ajrcos/2023/v16i4379

2023-10-13

Asian Journal of Research in Computer Science

Abstract:Background: The growing concern over phishing attacks on voting systems, particularly with the rise of online voting, has highlighted vulnerabilities in elections. The convenience of internet voting has led to security risks like clone phishing attacks. While online voting offers accessibility benefits, security, privacy, and usability issues have arisen. Multi-factor authentication (MFA) has been proposed to enhance security in mobile internet voting systems. Visual cryptography, dividing images into shares for decentralized data storage, is suggested to counter clone phishing. MFA's effectiveness in various sectors is established, and secure voting systems combining visual cryptography and blockchain have been proposed. This research sought to bolster the security of the voting system using visual cryptography and multi-factor authentication (MFA), with the goal of increasing voter trust and the reliability of the voting procedure, by designing a secure system and evaluating its performance, accuracy, and accessibility. Methodology: The researchers developed an improved voting system using visual cryptography and multi-factor authentication, assessed its performance against Eligo and Voxvote, utilized Java for programming, MYSQL via XAMPP for the database, HTML, CSS, JavaScript, and PHP (Laravel) for client-server sides. The Scrum agile methodology was followed, employing brief sprints for adaptive development. Evaluation was done through web tools and benchmarks. The system's architecture and flowchart were presented, featuring an interactive GUI, Java 2 platform, MySQL, PHP 7, and specific hardware/software requirements. System setup included database and server configuration, fingerprint scanner installation, and Java runtime setup. Deployment involved executing a built Java program, and system testing was conducted on Windows 10, utilizing the Apache server and initiating the "Electronic Voting" program for online multi-factor authentication. Results: Achieving a performance rate of 92%, the developed system surpassed its competitors Eligo and Voxvote, which achieved scores of 15% and 33% correspondingly, as indicated by the data. Eligo and Voxvote attained scores of 88% and 80% individually, whereas the newly designed system obtained a rating of 93% in terms of accessibility. Nonetheless, the research also highlighted specific downsides, encompassing intricacy, reluctance to embrace change, and technological barriers. To tackle these issues and enhance the adoption of such systems, these limitations underscore the necessity for further investigation and advancement. Conclusion: The study demonstrates that integrating multi-factor authentication and visual cryptography significantly enhances voting system security, reducing clone phishing risks. Visual cryptography secures decryption keys, preserving voting integrity, while multi-factor authentication adds defence against unauthorized access. The researcher's online voting system outperforms competitors in performance metrics and accessibility. The study underscores the importance of combining these techniques for improved voting system reliability and security.

Heru Pranata,Leon Andretti Abdillah,Usman Ependi

DOI: https://doi.org/10.48550/arXiv.1508.05457

2015-08-22

Abstract:Development of information technology, especially in the field of computer network allows the exchange of information faster and more complex and the data that is exchanged can vary. Security of data on communication in the network is a major thing. Secure socket layer (SSL) is the solution to the problem, but further research on the security of the SSL protocol transactions should be done to determine the extent of SSL can secure the data on the network. When the computer sends data across the network, the data is transmitted in packets. Sniffing is a technique of monitoring of every packet traversing the network. Security threat presented by sniffers is their ability to capture all incoming and outgoing packets through the network, which includes the passwords, usernames and other sensitive issues. Packet sniffer captures the data addressed to other devices, which will then be stored for later analysis later. Sniffing can also be used by system administrators to monitor the network and solve problems in the network.

Cryptography and Security

Shahram Najam Syed,Aamir Zeb Shaikh,Shabbar Naqvi

DOI: https://doi.org/10.48550/arXiv.1801.02430

2018-01-05

Abstract:A novel hybrid design based electronic voting system is proposed, implemented and analyzed. The proposed system uses two voter verification techniques to give better results in comparison to single identification based systems. Finger print and facial recognition based methods are used for voter identification. Cross verification of a voter during an election process provides better accuracy than single parameter identification method. The facial recognition system uses Viola-Jones algorithm along with rectangular Haar feature selection method for detection and extraction of features to develop a biometric template and for feature extraction during the voting process. Cascaded machine learning based classifiers are used for comparing the features for identity verification using GPCA (Generalized Principle Component Analysis) and K-NN (K-Nearest Neighbor). It is accomplished through comparing the Eigen-vectors of the extracted features with the biometric template pre-stored in the election regulatory body database. The results of the proposed system show that the proposed cascaded design based system performs better than the systems using other classifiers or separate schemes i.e. facial or finger print based schemes. The proposed system will be highly useful for real time applications due to the reason that it has 91% accuracy under nominal light in terms of facial recognition. with bags of paper votes. The central station compiles and publishes the names of winners and losers through television and radio stations. This method is useful only if the whole process is completed in a transparent way. However, there are some drawbacks to this system. These include higher expenses, longer time to complete the voting process, fraudulent practices by the authorities administering elections as well as malpractices by the voters [1]. These challenges result in manipulated election results.

Cryptography and Security,Computers and Society,Quantitative Methods

Meher Gayatri Devi TIWARI,Anil Kumar KAKELLI

DOI: https://doi.org/10.48048/wjst.2021.8972

2021-07-31

Walailak Journal of Science and Technology (WJST)

Abstract:The development of a secure online voting system using visual cryptography is highly essential for present voting systems. Based on the current requirements and design aspects of an existing online voting system, emerging technologies are required in online voting schemes, and these are examined in this work. The emerging cryptographic techniques which are suitable for secure online voting systems are analyzed. Techniques like password hashed-based schemes, visual cryptography, and threshold decryption cryptosystem are highlighted for secure online voting systems. Visual cryptography (VC) is a technique where visual information can be encrypted on the user side, with the information decrypted on the admin side, which can be helpful in allowing participation in voting systems securely and ensuring fast vote counting and monitoring of the voting process to achieve high accuracy while being scam-free. The proposed secure online voting system using visual cryptography is efficiently developed using Python and achieves better performance on minimum software and hardware configuration systems.

Aditya Kurniawan,Yulian Findawati

DOI: https://doi.org/10.21070/pels.v1i2.1045

2021-08-04

Procedia of Engineering and Life Science

Abstract:Voting in a democratic country is an important part of the means of choosing leaders. The village head election process in Indonesia still uses conventional voting methods, namely using ballot paper media in the election process. Voting that is carried out conventionally has several obstacles, including the lack of guaranteeing the authenticity of voters' votes, so that people think the results of voting results are often manipulated. In addition conventional selection is deemed inaccurate and time-consuming and costly. In this study the aim of this research is to design an information system e-voting that can be used for the Election of the Village Head of Cemandi, Sedati, Sidoarjo, East Java, where by using this system the election process becomes easier by ensuring the accuracy of the vote count. This system development method uses the model of software engineering waterfall. The test results blackbox show that the functions of the features in the system are running well. Based on the UAT test, the system received an average percentage rate of 86%.

Thi Minh Chau Le,Xuan Thang Pham,Vinh Thinh Le

DOI: https://doi.org/10.54644/jte.2024.1523

2024-02-28

Journal of Technical Education Science

Abstract:In the dynamic field of Internet security, verifying and analyzing security protocols is crucial for ensuring secure and effective communication. This paper presents an analysis of leading tools used for the verification, falsification, and analysis of security protocols, focusing particularly on Scyther and Tamarin. We examine the methodologies, capabilities, and applications of these tools in various contexts, including cloud computing and IoT, highlighting their unique approaches and contributions to the field. The paper starts with an examination of the Scyther tool, emphasizing its innovative approach to automated falsification and verification, and its application in multi-protocol analysis. We then transition to exploring the use of Scyther in verifying key agreement protocols in cloud computing. A comparative analysis of Scyther and Tamarin is also presented, shedding light on their effectiveness in identifying security properties and revealing the strengths and weaknesses of different protocols. This is further enriched by a detailed look at the unbounded verification capabilities of Scyther. Additionally, the paper covers the capabilities of the Tamarin prover, exploring its advanced features in symbolic analysis, its ability to handle complex security properties, and its application in verifying protocol implementations. Through this paper, we aim to provide a comprehensive overview of the current landscape in security protocol verification, offering insights into the methodologies, challenges, and future directions in this essential area of research.

Teguh Pasmahendri

DOI: https://doi.org/10.35472/indojam.v3i2.1587

2023-11-13

Indonesian Journal of Applied Mathematics

Abstract:Abstract: Data security is very necessary for companies, institutions, organizations and individuals who have confidential information. The use of data security is intended so that information cannot be stolen by others. The rise of personal data leakage cases in Indonesia has made people worried about the security of their personal data such as identity cards (KTP), emails, and so on. One way to secure data in the form of a digital image is to encrypt it. One of the encryption algorithms is Logistic Map. Logistic map is one of the chaos algorithms that is often used in image cryptography because this algorithm is able to generate a complex array of random numbers with a simple recursive polynomial equation. In this research, the author encrypts a digital ID card image with a size of 3×3 pixels with an RGB image. Based on this explanation, it can be concluded that the encryption and decryption process using the Logistic Map Algorithm using parameter values in the interval range [3.57;4] and initial values in the interval range [0;1] can successfully encrypt a digital image. In this research, changes were made to the initial value (x_0) and different parameter values (r). The results obtained based on experiments conducted by the author using a digital image measuring 1572 × 966 pixels are with the value of x_0 = 0.8672 and r = 3.7541 experiencing a very varied color intensity distribution compared to the histogram produced with the initial value and other parameter values in the research conducted. Keywords: Citra Digital, Data Security, Logistic Map Abstrak: Keamanan data sangat diperlukan bagi perusahaan, institusi, organisasi maupun perseorangan yang memiliki informasi rahasia. Penggunaan keamanan data ditujukan agar informasi tidak dapat dicuri oleh orang lain. Maraknya kasus kebocoran data pribadi di Indonesia membuat khawatir dengan keamanan data pribadinya seperti Kartu Tanda Penduduk (KTP), email, dan lain sebagainya. Adapun salah satu cara untuk mengamankan suatu data berbentuk citra digital adalah dengan mengenkripsikannya. Salah satu algoritma enkripsinya adalah Logistic Map. Logistic map adalah salah satu algoritma chaos yang sering digunakan dalam kriptografi citra karena algoritma ini mampu menghasilkan deretan bilangan acak yang kompleks dengan persamaan polinomial rekursif yang sederhana. Dalam penelitian kali ini penulis mengenkripsikan citra digital KTP dengan ukuran pixel dengan citra RGB. Berdasarkan penjelasan tersebut dapat diambil kesimpulan yaitu proses enkripsi dan dekripsi menggunakan Algoritma Logistic Map dengan menggunakan nilai parameter direntang interval dan nilai awal direntang interval berhasil mengenkripsikan suatu citra digital. Pada penelitian kali ini di lakukan perubahan terhadap nilai awal dan nilai parameter yang berbeda-beda. Hasil yang didapatkan berdasarkan percobaan yang telah dilakukan penulis dengan menggunakan citra digital berukuran pixel adalah dengan nilai dan mengalami penyebaran intensitas warna yang sangat bervariasi dibandingkan dengan histogram yang dihasilkan dengan nilai awal dan nilai parameter lainnya dalam penelitian yang dilakukan. Kata Kunci: Citra Digital, Keamanan Data, Logistic Map

Dwi Yuny Sylfania,Fransiskus Panca Juniawan,Laurentinus Laurentinus,Harrizki Arie Pradana

DOI: https://doi.org/10.14710/jtsiskom.7.3.2019.116-120

2019-07-31

Jurnal Teknologi dan Sistem Komputer

Abstract:In the campaign period of regional heads election, fraud can occur, such as money politics, blaming campaign facilities, campaign time violations, and black campaign. This study implemented a secure SMS application for election fraud complaints as a tool for the society to report all forms of election fraud that have occurred to the election supervisory department safely. The RSA algorithm was applied to encrypt the messages for sender privacy protection. The application was able to perform the message randomization function properly with a 10.44% avalanche effect. Brute force attack using a 16-bit key length needs 3.7 milliseconds for each try to find 32.768 possible private keys.

Jehangir Arshad,Muhammad Farooq-i-Azam,Ayesha Khan,Muhammad Irshad,Sohail M. Noman

DOI: https://doi.org/10.21203/rs.3.rs-762430/v1

2021-08-10

Abstract:Abstract In democratic countries, free and fair elections are required to quantify the populace's sentiments to form a government of representatives. It is challenging to maneuver due to the procedural variation from country to country and complexity. As paper-based electoral systems are slow and prone to error that take hours and ample manpower to announce the results, thus a secure efficient electoral system is always preferred. In this paper, we have proposed a secure implementation of auto-registration fingerprint identification-based electronic voting systems to overcome the aspect of accuracy and transparency. We have included a novel feature of automated registration to authenticate the user through identity before the vote casting. Moreover, credentials of voters are collected in a database including fingerprints, and communication of encrypted data between server and machine with secured Secure Socket Layer (SSL). Additionally, the voter can cast their votes through a touch screen Graphical User Interface (GUI), and once the voting time end, the screen can automatically disappear by authorizing admin to print Form-45. Conclusively, the proposed system count votes automatically that is much faster and accurate than the traditional voting techniques. Moreover, the results will be available to the general public in 1-2 hours which ensures fair elections.

Fahmi Basya,Mardi Hardjanto,Ikbal Permana Putra

DOI: https://doi.org/10.36805/bit-cs.v3i1.2046

2022-01-19

Buana Information Technology and Computer Sciences (BIT and CS)

Abstract:This paper discusses the comparison of the results of testing the OTP (One Time Password) algorithm on two encryptions, namely SHA512 and MD5 which are applied to the Reconciliation Application of the Dinas Pemberdayaan Masyarakat dan Desa Kabupaten Sukabumi. This study uses the Vulnerability Assessment and Penetration Testing (VAPT) method, which combines two forms of vulnerability testing to achieve a much more complete vulnerability analysis by performing different tasks in the same focus area. The vulnerability assessment uses the Common Vulnerability Scoring System (CVSS) method. The results showed that the Vulnerability Assessment and Penetration Testing (VAPT) method was proven to be able to identify the level of security vulnerability in the Reconciliation Application at the Dinas Pemberdayaan Masyarakat dan Desa Kabupaten Sukabumi with a vulnerability level score of 5.3 in the SHA512 environment with a medium rating and 7.5 in the MD5 environment. with high ratings. So, it can be concluded that the best algorithm for implementing OTP is SHA512