Principles of checking an i-vote with a smart device
Checking of vote enables to get more information about the security of the computer used for voting. If the computer is infected with malware that changes or blocks the i-voter’s i-vote, checking enables to identify such a situation.
Smart device with Android, Windows Phone and iOS operating system can be used for checking. The smart device must have a camera and internet connection.
Explaining of vote checking through an example
The voter makes their choice “12. James” and the computer generates a random number “92862847293”. These two elements, the choice and the random number, are encrypted together with the public key of the voting system.
As a result of encrypting, a cryptogram or an encrypted text is created. This text is signed digitally.
The obtained cryptogram with a digital signature is sent to the elections server. The server generates the session code “1357”, which is sent to the voter application.
Random number “92862847293” and session code “1357”are displayed on the screen of the voter’s computer as a QR code. The verification application started in the smart device will read them with the help of a camera.
The smart device sends the session code “1357” to the elections server, after which the server will identify the corresponding vote and return the encrypted vote to the smart device. The server will also send the list of the candidates in the voter’s district (e.g.: 1…139, including also “12. James”) to the smart device.
The smart device cannot de-encrypt the i-vote, BUT it knows the random number “92862847293” and also the public key of the elections system, with which the data are encrypted.
After receiving the code and the list, the server, knowing the random number and going through the numbers of the candidates, will encrypt the cryptograms corresponding to all candidates (1...139) in the voter’s district. When it finds the cryptogram that corresponds to the vote received from the server (12. James), the choice is established.