To help combat the security vulnerabilities mentioned in Part 1 of this series, biometrics has been called upon to add an extra layer(s) of security.
Some of the e-voting technologies of today use only use one biometric modality as the exclusive means of security (primarily that of fingerprint recognition), and this is not the perfect solution to be utilised either.
Rather, the approach of using a multimodal security is greatly needed, in which biometrics serves as one angle to it.
Other security mechanisms which could also work well here include the use of non-biometric security devices such as that of smart cards, to provide a secondary means in which to confirm the identity of the voter.
Also, the principles of cryptography can also be used to help secure the transmission of the e-votes which have been cast.
The biometric technologies which are being used today to help fortify the security levels an e-voting infrastructure include the following:
- Fingerprint recognition
- Iris recognition
- Facial recognition
- Hand geometry recognition
- Signature recognition
It should be noted that an e-voting infrastructure encompasses all the market applications in which biometrics is being used for today. It is not just being used to secure the e-voting kiosk. For example, these are the typical facets which require extra layers of security.
Physical access entry
By using any of the biometric modalities listed above, this ensures that only the legitimate government and election officials can have access to not only the polling stations but also to the servers that process and tabulate the e-votes and any other tangible assets that are involved with the e-voting infrastructure.
Time and attendance
This type of biometric application can be used to ensure the proper clocking in and clocking out of all the government and election officials who are employed to oversee the smooth functioning and processing capabilities of the e-voting infrastructure.
Single sign on solutions
Today, with the heavy usage of wireless devices, remote e-voting can also take place. This simply means that a voter does not have to visit a particular polling place, he or she can vote directly from their smartphone via the use of a special mobile app. Thus, extra efforts are required to fully ensure that only the legitimate and fully authenticated voters can cast their e-votes. In this regard, a two-layer approach has been used, namely that of fingerprint recognition and a PIN number. There have been calls from e-voting security advocates that a third layer is needed, namely that of iris recognition.
The use of biocryptography in remote e-voting
In remote e-voting applications, the principles of biocryptography can be a prime tool which can be used to fortify the security levels of an existing e-voting infrastructure further, using a Virtual Private Network (VPN).
Essentially, a VPN is literally a private network which is encompassed into the overall, worldwide Internet infrastructure. The data packets which traverse across the VPN are encapsulated into another data packet, to provide for that extra layer of protection.
A subset of the VPN is known as the ‘OpenVPN.’ Specifically, the OpenVPN makes use of the VNI Architecture as well (which stands for Virtual Network Interface). Essentially, this tool captures all incoming network traffic (which are data packets) before they are encrypted, and then sounds out the network traffic to the appropriate places of destination after the data packets have been decrypted.
In an e-voting infrastructure, the OpenVNI performs the following functions:
- It receives the e-votes from all the voters who have cast their ballots electronically, and after collection, the data packets which correspond to the e-votes are then further compressed.
- After the compression process has been completed, the data packets are then encrypted (via the usage of the appropriate mathematical algorithms).
- These compressed and encrypted data packets are then sent across the virtual private tunnel to the receiving end (which are the servers).
- At this receiving end, the OpenVPN tool then double checks for the authenticity and the integrity by performing reverse cryptographic functions (this is dependent upon once again on the mathematical algorithms which are being used).
- The data packets are then decompressed.
- The data packets are then reconstructed into a readable and decipherable format to the end user (which in the case of the e-voting infrastructure, it would be the election and government officials).
With the remote e-voting process, the biometric template of the voter is securely bound to a cryptographic key in such a fashion that neither key or the biometric template can be retrieved, except only in those cases where the voter’s identity has been successfully confirmed in a verification (or 11) scenario.
To further elaborate upon this biometric encryption principle, as it has been proposed for use in an e-voting infrastructure, a separate biometric key generator is first generated for the voter when they are first enrolled into the biometric system at the e-voting kiosk.
Also, a separate digital cryptographic key is generated during this enrolment process and is later regenerated again for the verification process (when the identity of the voter is being confirmed).
Using the appropriate mathematical hashing functions, the biometric template is then “hashed.” This resultant hash then becomes the actual digital cryptographic key. This specific key is then correlated with the appropriate fingerprint and is a private key.
Subsequently, a public key is also generated (which is associated with the private key) utilising the Standard Hashing Algorithms (also known as SHA). This then becomes the private/public key combination if a public key infrastructure is utilised in an e-voting infrastructure.
So, when a voter then casts his or her specific ballot, this e-vote is then broken up into a series of data packets, and are then further encapsulated into other data packets (as it was mentioned earlier), and then literally tunnelled over a secured network.
Then, at the receiving end (which are the servers in the e-voting infrastructure), these encapsulated data packets are then de-encapsulated via the AES 128 Encryption algorithm.
Our next article will examine some real-world case studies of e-voting systems.