secure online voting system Wiki

.............................about the voting system.....................

Mainly , it uses tcp sockets like any java client-server app but comm is encrypted using a few algorithms :

• Signed Diffie-Hellman
• Bouncy-Castle API + blind signatures
• AES , DES/CBC , RSAPSS ,HMACSHA1 and MD5 ,RSA with 1024 bits keys

Basically it works like this :

     President receives an argument to the command line ( console ) indicating a config file to read - not implemented thos way for speed executing reasons , but can be modified easily to do that.

The config file contains a line for : tcp port for clients , election name,date and time for election start,date and time for election end, list of candidates , the file that contains the names of the clients that already voted,keystore with the private and public keys Krp and kup , truststore with wth the public keys of the clients.

   Ballot works in a similar way , having a port for clients and one for the manager - it counts the votes.The truststore has the public key of president.
   At start , ElectionPresident asks for a password (9Px123 - in the code ), which is used to create a secret key , to  encrypt the clients that voted file.This file has the ids of all the clients that received signatures to vote and the file is read at every start-up. ElectionPresident doesn't let  a client to register for vote ( getting a signature ) more than once. I used SecretKeyFactory with PBEKeySpec to create the key , 

and CipherStream to encrypt the file.

   In a similar way , at start up , Ballot asks for a password (9Py123 -it's in the code ) , used to create a key to encrypt the file which

contains the votes. This file is updated after each vote and is read every time the server starts. I used SecretKeyFactory with PBEKeySpec to create the key and Cipher(Input|Output)Stream to encrypt/decrypt the file. If the password is invalid , the system exits.

   
    The Client is a simple graphical app which receives an argument on the command line ( not implemeted this way , but can be modified easily) a config file , containing : address of ElectionPresident : host:port , address of ElectionBallot : host:port , keystore with private key , truststore with the public keys of the servers.
    After starting the client , there is  a list of options :
         * send a command  to get the election name and the list of candidates with there photos attached;
         * the user can select a candidate and hit the the register button : this sends a tuple <election_name,randNumber,vote> to the ElectionPresident server ; the server signs the message , which is blinded , and sends it back to the client . After receiving the signature , the client retreives the blinding factor and sends it to the ElectionBallot server , to register and store the vote.

This server doesn't store repeated votes , so a client that voted cannot vote again : it compares , bit with bit , each received vote with the already sotred votes.

  
     ElectionManager is a command-line app , which connects with the ElectionBallot server in order to get the results of a voting session. If the session is not over , than it gets a message with the time that rests till the end of it ( the implementation is rather simplistic ). It also verifies that each vote contains the President's signature.
    A client can only vote during time limits of a session.

(TODO) Define minimum secucrity policies to run client app with the security manager of JVM ( -Djava.security.manager on the command-line )