TABLE OF CONTENTS

TOPIC PAGE NO.

ABSTRACT------------------------------------------------------------------------3
INTRODUCTION----------------------------------------------------------------4
PROPOSED SYSTEM----------------------------------------------------------4
REQUIREMENTS FOR ONLINE E-VOTING SYSTEM-------------5
MODULE’S INFORMATION------------------------------------------------6
E-VOTING SYSTEM DESIGN----------------------------------------------7
THE VOTING PROCESS-----------------------------------------------------8
WORKING-------------------------------------------------------------------------9-10
FLOWCHART OF OVERALL VOTING PROCESS--------------------10
SYSTEM REQUIREMENTS--------------------------------------------------11
PROPOSED WORK-------------------------------------------------------------12

INTRODUCTION TO HTML------------------------------------------------12-14
INTRODUCTION TO BOOTSTRAP---------------------------------------15-16
INTRODUCTION TO PYTHON--------------------------------------------17-18
DEMOSTRATIONS AND SCREENSHOT-------------------------------19-25
SOURCE CODES----------------------------------------------------------------26-27
CONCLUSION--------------------------------------------------------------------28
REFERENCES--------------------------------------------------------------------29-30

1
 LIST OF FIGURES

Fig No. Title Page No.

Fig no.1 E-Voting Design 7
Fig no.2 The Voting Process 8
Fig no.3 Working diagram 9
Fig no.4 Overall Voting Process 10
Fig no.5 Breakdown of HTML Tag 12

2
 ABSTRACT

The advancement in the mobile devices, wireless and web technologies given rise to the new
application that will make the voting process very easy and efficient. The E-voting promises
the possibility of convenient, easy and safe way to capture and count the votes in an
election[1]. This research project provides the specification and requirements for E-Voting
using an Android platform. The e-voting means the voting process in election by using
electronic device. The android platform is used to develop an evoting application. At first, an
introduction about the system is presented. Sections II and III describe all the concepts
(survey, design and implementation) that would be used in this work. Finally, the proposed
evoting system will be presented. This technology helps the user to cast the vote without
visiting the polling booth. The application follows proper authentication measures in order to
avoid fraud voters using the system. Once the voting session is completed the results can be
available within a fraction of seconds. All the candidates vote count is encrypted and stored
in the database in order to avoid any attacks and disclosure of results by third person other
than the administrator. Once the session is completed the admin can decrypt the vote count
and publish results and can complete the voting process.

3
INTRODUCTION

The proper execution of democratic rights has become linked to the availability and reliable
functioning of advanced information and communication technology (ICT). While modern
societies fully rely on ICT for business, work and leisure time activities, the use of ICT for
democratic decision making is still in its infancy. In fact, the out date technological concepts
for voting have been blamed in part for lost and uncounted votes and could therefore be
responsible for biased political decisions making . Countries all over the world are examining
e-voting , for it has some striking advantages over traditional paper voting, including security
for casting votes, accuracy of counting and analyzing votes, options to conduct voting in a
centralized and decentralized manner, etc. The reasons why the e-voting technology has not
matured to equivalent levels as known for business and leisure time activities lies mostly in
an inherent lack of trust and fear of electronic threats. While most countries are still
conceptualizing or testing evoting systems, three cantons in Switzerland have pioneered the
development of e-voting to its full technological maturity. The world is always in
improvement and growth in technology, that's why we should go parallel with it, to be able as
much as we can get benefit from these improvements.

PROPOSED SYSTEM

The application can be installed in the android phones and voting will be enabled by the
administrator on the polling day. If there are different stages of polling then application will
enable the user only on the polling day. The user can enter into the application by giving his
voter id/Aadhar number (unique number) and a secret password which is provided to the
user. As soon as the user enters into the application he selects his constituency and his booth
number or place then the user can cast his vote and logout from the application. The vote
should be kept secret and it should be available on the voting day in the counting center. To
keep the vote secret an encryption and a decryption algorithm is used. So as soon as the user
casts his vote the vote is encrypted so that it is secret and the same is encrypted on the polling
day.

4
REQUIREMENTS FOR ONLINE E-VOTING SYSTEM

Basic requirements for electronic voting

 Privacy – All votes should be kept secret

 Completeness – All valid votes should be counted correctly
 Soundness – Any invalid vote should not be counted
 Unreusability – No voter can vote twice
 Eligibility – Only authorized voters can cast a vote
 Fairness – Nothing can affect the voting

Extended Requirements for electronic voting

 Robustness – faulty behavior of any reasonably sized coalition of participants can be

tolerated. In other words, the system must be able to tolerate to certain faulty

conditions and must be able to manage these situations.

 Universal Verifiability – any party can verify the result of the voting

 Receipt-freeness – Voters are unable to prove the content of a particular his/her vote

 Incoercibility – Voter cannot be coerced into casting vote by a coercery.

MODULES

5
The proposed project contain following modules:

Administrator
User
Account

ADMINISTRATOR:

• User Information: Consists of all information of the user those who are eligible for voting.

• User Verification: Verify the user during registration and user Login.

• Voting Information: Storage for storing the vote information casted by the user.

USER:

• Registration: Registers with administrator to obtain a password for voting.

• Login: Initiates voting using the password provided by the administrator.

• Encryption: Encrypting the vote after the vote casted by the user

ACCOUNT:

• Registration: The user should register before using the application.

• Login: Logging into the application using user name and password.

E-VOTING SYSTEM DESIGN

6
Like most of the systems in the world, the security consideration is very important. We are
taken into account this part through sending password to users email account. Further
encrypting the vote while sending it to the admin. It is clear that the user information should
be stored in the database, so that the valid users can register themselves to get the password.
It also stores the password once it is sent to the user until the user cast s the vote. It is also
possible to get information of user who doesn't participated in voting process. The application
should be secure because it should not reveal vote information. So the vote should be
encrypted once user confirms the vote. Also the password is sent to users e-mail account in
order to avoid the misuse of password . Since the e-mail account is confidential we used that
feature to avoid the misuse of our applications password.

Fig no.1- E-Voting Design

The registration process is illustrated as in the figure1 shown above. When user chooses
registration option and provides required details those details are compared with the
information maintained by the admin. If user provided data is found to be correct a password
is generated and given to the user through mail service in order to make it safe and secure.

THE VOTING PROCESS

7
 Fig no.2- The Voting Process

WORKING

8
 This allows the user to vote. Admin can see the voting results according to vote
options[3].System can maintain the data about the voter like Name, ID number and other
relevant data. Even though the system enables voters to poll their vote from anywhere,
initially the voters should register themselves to get a password for voting purpose. This
constraint is imposed to ensure that only the genuine person is allowed to vote in the
elections. The aim of this work is to design and implement an electronic voting website that
will enable people to vote securely from anywhere.

Fig no.3- Working digaram

The application is also aimed at being localized [4]. Figure Below shows the overall voting
process. Electronic voting refers to the use of computers or computerized voting equipment to
cast ballots in an election. Electronic systems can be used to register voters, tally ballots, and
record votes [5].The Caltech/MIT Voting Technology Project [6] came into being in order to

9
develop a new voting technology in order to prevent a recurrence of the problems that
threatened the 2000 U. S. Presidential Elections. The report assesses the magnitude of the
problems, their root causes and how technology can reduce them. They address a wide range
of “What is” issues including voting procedures, voting equipment, voter registration, polling
places, absentee and early voting, ballot security, cost and public finance of elections, etc.

FLOWCHART OF OVERALL VOTING PROCESS

Fig no.4-Overall Voting Process

SYSTEM REQUIREMENTS

SOFTWARE REQUIREMENTS

10
 Software tools:

 SQL Server Management Studio (SSMS)

 Microsoft Visual Studio 2010
 Microsoft Office Power point- Used during presentation

Text editor:

 Notepad, Notepad++

Web Server:

 IIS Server

HARDWARE REQUIREMENTS
Operating System: MAC OS x

 MAC Book Air

 8GB RAM
Intel core i5
IBM Testing LAB

PROPOSED WORK

FRONT-END

11
  HTML
 BOOTSTRAP

BACK-END

 PYTHON

INTRODUCTION TO HTML

First developed by Tim Berners-Lee in 1990, HTML is short for Hypertext Markup
Language. HTML is used to create electronic documents (called pages) that are displayed on
the World Wide Web. Each page contains a series of connections to other pages called
hyperlinks. Every web page you see on the Internet is written using one version of HTML
code or another.

HTML code ensures the proper formatting of text and images so that your Internet browser
may display them as they are intended to look. Without HTML, a browser would not know
how to display text as elements or load images or other elements. HTML also provides a
basic structure of the page, upon which Cascading Style Sheets are overlaid to change its
appearance. One could think of HTML as the bones (structure) of a web page, and CSS as its
skin (appearance).

What does an HTML tag look like?

Fig no.5

BACKGROUND

12
HTML is the World Wide Web's core markup language. Originally, HTML was primarily
designed as a language for semantically describing scientific documents. Its general design,
however, has enabled it to be adapted, over the subsequent years, to describe a number of
other types of documents and even applications.

AUDIENCE

This specification is intended for authors of documents and scripts that use the features
defined in this specification, implementers of tools that operate on pages that use the features
defined in this specification, and individuals wishing to establish the correctness of
documents or implementations with respect to the requirements of this specification. This
document is probably not suited to readers who do not already have at least a passing
familiarity with Web technologies, as in places it sacrifices clarity for precision, and brevity
for completeness. More approachable tutorials and authoring guides can provide a gentler
introduction to the topic. In particular, familiarity with the basics of DOM is necessary for a
complete understanding of some of the more technical parts of this specification. An
understanding of Web IDL, HTTP, XML, Unicode, character encodings, JavaScript, and CSS
will also be helpful in places but is not essential.

SCOPE

This specification is limited to providing a semantic-level markup language and associated

semantic-level scripting APIs for authoring accessible pages on the Web ranging from static
documents to dynamic applications. The scope of this specification does not include
providing mechanisms for media-specific customization of presentation (although default
rendering rules for Web browsers are included at the end of this specification, and several
mechanisms for hooking into CSS are provided as part of the language). The scope of this
specification is not to describe an entire operating system. In particular, hardware
configuration software, image manipulation tools, and applications that users would be
expected to use with high-end workstations on a daily basis are out of scope. In terms of
applications, this specification is targeted specifically at applications that would be expected
to be used by users on an occasional basis, or regularly but from disparate locations, with low
CPU requirements. Examples of such applications include online purchasing systems,
searching systems, games (especially multiplayer online games), public telephone books or
address books, communications software (e-mail clients, instant messaging clients, discussion
software), document editing software, etc.

WRITTING SECURE APPLICATIONS WITH HTML

13
When HTML is used to create interactive sites, care needs to be taken to avoid introducing
vulnerabilities through which attackers can compromise the integrity of the site itself or of the
site's users. A comprehensive study of this matter is beyond the scope of this document, and
authors are strongly encouraged to study the matter in more detail. However, this section
attempts to provide a quick introduction to some common pitfalls in HTML application
development. The security model of the Web is based on the concept of "origins", and
correspondingly many of the potential attacks on the Web involve cross-origin actions.
[ORIGIN]p1254 Not validating user input Cross-site scripting (XSS) SQL injection When
accepting untrusted input, e.g. user-generated content such as text comments, values in URL
parameters, messages from third-party sites, etc, it is imperative that the data be validated
before use, and properly escaped when displayed. Failing to do this can allow a hostile user to
perform a variety of attacks, ranging from the potentially benign, such as providing bogus
user information like a negative age, to the serious, such as running scripts every time a user
looks at a page that includes the information, potentially propagating the attack in the
process, to the catastrophic, such as deleting all data in the server. When writing filters to
validate user input, it is imperative that filters always be safelist-based, allowing known-safe
constructs and disallowing all other input. Blocklist-based filters that disallow known-bad
inputs and allow everything else are not secure, as not everything that is bad is yet known (for
example, because it might be invented in the future). There are many constructs that can be
used to try to trick a site into executing code. Here are some that authors are encouraged to
consider when writing safelist filters: • When allowing harmless-seeming elements like
imgp310, it is important to safelist any provided attributes as well. If one allowed all
attributes then an attacker could, for instance, use the onloadp930 attribute to run arbitrary
script. For example, suppose a page looked at its URL's query string to determine what to
display, and the site then redirected the user to that page to display a message, as in:

 Say Hello
 Say Welcome
 Say Kittens

If the message was just displayed to the user without escaping, a hostile attacker could then
craft a URL that contained a script element: https://example.com/message.cgi?say=%3Cscript
%3Ealert%28%27Oh%20no%21%27%29%3C/script%3E If the attacker then convinced a
victim user to visit this page, a script of the attacker's choosing would run on the page. Such a
script could do any number of hostile actions, limited only by what the site offers: if the site
is an e-commerce shop, for instance, such a script could cause the user to unknowingly make
arbitrarily many unwanted purchases. This is called a cross-site scripting attack.

INTRODUCTION TO BOOTSTRAP

14
Bootstrap is a free and open-source framework for creating websites and web applications.
It's the most popular HTML, CSS, and JS framework for developing responsive, mobile first
projects on the web.

One Framework, Every Device

Bootstrap is promoted as being One framework, every device. This is because websites built
with Bootstrap will automatically scale between devices — whether the device is a mobile
phone, tablet, laptop, desktop computer, screen reader, etc.

Mobile-First
Not only is Bootstrap responsive, it is mobile-first. This means that it is primarily designed
for mobile devices, then scales up from there (as opposed to being designed for desktop, then
trying to scale it down to mobile devices).

Bootstrap Components
Bootstap includes components such as buttons, navbars, dropdown menus, alert boxes, and
more. In most cases, you can make use of a component simply by using the appropriate class
name.

We'll be looking at these components throughout this tutorial. We've got plenty of interactive
examples that enable you to see exactly how these components work.

Advantages of Bootstrap

15
One of the main benefits of development frameworks like Bootstrap is that they can help
speed up development times, while maintaining quality and consistency across the site. You
no longer need to re-design every element. And you don't need to spend hours trying to get
everything looking and working right across browsers, platforms, and devices. By using
Bootstrap, all (most) of the hard work is done for you.

Given Bootstrap is the most popular frontend development framework on the web, this
skillset could be a useful one to learn. Adding Bootstrap to your bag of tricks could help you
in many ways — from building websites faster, to landing your dream job.

Also, athough Bootstrap comes with its own set of styles, these are easy to override. You're
not locked into the "Bootstrap design". You are free to use whichever Bootstrap components
you choose, while adding your own on top. There are thousands of websites out there that are
built on Bootstrap, but with their own design.

Who's Using Bootstrap?

Bootstrap can be used to build websites of any scale, from small blogs to large corporate
websites. Organizations that use Bootstrap include NASA, University of Washington, FIFA,
Newsweek, VOGUE and many more.

INTRODUCTION TO PYTHON

scikit-learn, scikit-image, OpenCV, SciPy, Pillow, NumPy, matplotlib.

We have built our project over isolated python virtual environment. This makes it easy to
manage our project’s dependencies and packages. We have used virtualenv package to create
a virtual environment, which can be installed and activated by running these commands

16
- cd lpr/ virtualenv
-p python3 env
source env/bin/activate

We have included a requirements file named as requirements.txt inside our project folder. To
install all the modules and dependencies required for the project run the following command
in terminal as

- pip install -r requirements.txt

1. scikit-learn: scikit-learn is a Python module for machine learning built on top of SciPy.
It provides a range of supervised and unsupervised learning algorithms via a consistent
interface in Python.

2. scikit-image: For performing Image Processing, we have used scikit-image. It’s a Python
package for image processing

3. SciPy: SciPy is a free and open-source Python library used for scientific computing and
technicalcomputing. It contains modules for optimization, linear algebra, integration,
interpolation, special functions, FFT, signal and image processing, ODE solvers and
other tasks common in science and engineering

.
4. OpenCV: OpenCV (Open Source Computer Vision Library) is an open source computer
vision and machine learning software library. OpenCV was built to provide a common
infrastructure for computer vision applications and to accelerate the use of machine
perception in the commercial products.

5. Pillow: Python Imaging Library (abbreviated as PIL) is a free library for the Python
programming language that adds support for opening, manipulating, and saving many
different image file formats.

17
6. NumPy: NumPy is a library for the Python programming language, adding support for
large, multidimensional arrays and matrices, along with a large collection of high-level
mathematical functions to operate on these arrays.

7. matplotlib: Matplotlib is a plotting library for the Python programming language and its
numerical mathematics extension NumPy. It provides an object-oriented API for
embedding plots into applications using general-purpose GUI toolkits like Tkinter,
wxPython, Qt, or GTK+.

DEMOSTRATIONS AND SCREENSHOT

INDEX PAGE

18
VOTER’S LOGIN PAGE

19
VOTER’S_SIGNUP PAGE

20
VOTER’S_PROFILE PAGE

21
DONATION PAGE

22
23
VOTER’S PAYMENT CONFIRMATION MAIL

24
SOURCE CODE

25
1.VIEWS.PY

2.VOTER_PROFILE.html

26
CONCLUSION

27
Online E-voting system is a prototype developed by using PTC Web services. As the need for

voting system has started to increase and some organizations or countries has started to look

for the solutions, this can be the starting point to improve and deploy in the real world

scenarios.

In this project I have tried to explain the importance of Paillier cryptosystem, , its unique

properties and its application areas especially in e-voting.

We need to keep in mind htat voting is not the only process during the whole voting

processes. There might be some other security concerns that need to be considered when such

an application is built for practical reasons.

Lastly, Paillier Cryptosystem efficiency can be improved as suggested in many papers [1],

[8]. Random numbers pre-computation is one of the ways implemented in this project. It has

increased the calculation more than one of the ways. In the next section, I will be listing all

improvements that can be done to this web service and application.

REFERENCES

28
[1] http://cris.joongbu.ac.kr/publication/evoting_implementation-APIEMS2004.pdf

Implementation issues in a secure e-voting schemes, Riza Aditya, Byoungcheon Lee, Colin

Boyd and Ed Dawson.

[2] http://www.euractiv.com/en/egovernment/estonia-country-world-introduce-internet-

voting/article-145735, Estonia first country in the world to introduce internet voting, October

2005.

[3] http://www.cs.virginia.edu/~pev5b/writing/academic/thesis/thesis.html

Vote Early, Vote Often, and VoteHere: A Security Analysis of VoteHere, Philip E. Varner,

May 11, 2001.

[4] http://en.wikipedia.org/wiki/Public-key_cryptography Public-key cryptography.

[5] http://www.trustycom.fr/pdf/FoPoSt00.pdf P. Fouque, G. Poupard, J.Stern, Sharing

Decryption in the Context of Voting or Lotteries, Financial Cryptography 2000 Proceedings.

[6] http://www.captcha.net/ , the Official CAPTCHA web site.

[7] http://www.vote.caltech.edu/reports/alv-nag_loyola.pdf R. Michael Alvarez, Jonathan

Nagler, The Likely consequences of Internet Voting for Political Representations.

[8] P. Paillier, Public-Key Cryptosystems Based on Composite Degree Residuosity Classes,

Eurocrypt ‘99

[9] P. Fouque, G. Poupard, J.Stern, Sharing Decryption in the Context of Voting or Lotteries,

Financial Cryptography 2000 Proceedings.

[0] I. Damgard, M. Jurik, J. Nielson, A Generalization of Paillier’s Public-Key System with

Applications to Electronic Voting, Aarhus University, Dept. of Computer Science.

[1] A. Shamir, How to Share a Secret, Communications of the ACM 1979

29
[2] A.J. Menezes, P. C. van Oorschot, and S.A. Vanstone, Handbook of Applied Cryptography,

CRC Press, 1997.

[3] D. Naccache, Double-Speed Safe Prime Generation, Gemplus Card International.

[4] M. Wiener, Safe Prime Generation with a Combined Sieve, Cryptographic Clarity.

[5] B. Wilson, C. E. Chow, Paillier Threshold Cryptography Web Service User’s Guide,

University of Colorado – Colorado Springs Master’s Project, 2006.

[16]http://www.cs.rit.edu:8080/ms/static/spr/2005/4/kar1141/report.pdf , Progress on

Probabilistic Encryption Schemes, Kert Richardson, July 2006.

[17] http://www.cs.umd.edu/~jkatz/THESES/staub.pdf.gz An Analysis of Chaum’s voter-

verifiable election scheme, Julie Ann Staub, 2005

[18] http://www.brics.dk/RS/00/45/BRICS-RS-00-45.pdf Ivan Damgard and Mads J. Jurik,

A Generalization, a Simplification and Some Applications of Paillier’s Probabilistic Public-

Key System, PKC 2001.

[19] http://www.cryptovirology.com/cryptovfiles/newbook/Chapter4.pdf Implementing

Perfect Questionable Encryptions, Adam L. Young and Moti M. Yung.

[20] http://www.rsa.com/rsalabs/cryptobytes/CryptoBytes_January_2002_final.pdf

CryptoBytes, Dan Boneh, Hovav Shacham, Spring 2002.

[21] http://www.gemplus.com/smart/rd/publications/pdf/Pai99pai.pdf Public-Key

CryptoSystems Based on Composite Degree Residuosity Classes, Pascal Paillier, 1999

[22] http://en.wikipedia.org/wiki/Paillier_cryptosystem , Paillier Crytosystem from

Wikipedia, the free encyclopedia.

30
31