Chin, Hsin Tien (2020) An e-voting application using cryptography technology. Final Year Project, UTAR.
Abstract
The project is mainly a web application for the purpose of online voting. This online voting system is mainly to provide an online platform for voters and candidates to vote through the Internet or sign up to participate in voting projects. In addition, the voting network system also allows managers to establish a poll for voting through the network. The main challenge to accomplish this goal is the security and confidentiality of the online voting system. This project will be completed by ASP.NET in Visual studio. In order to improve the security and confidentiality of the system, this system will also use the hashing function to complete. Hashing function mainly encrypts the user's confidential information to prevent theft by other users and the encrypt method can be implement from Visual Studio which is SHA-256 (Secure Hash Algorithm- 256 bits), a cryptographic hash function designed by US NSA (United States National Security Agency). This encryption method is one-way encryption, meaning that it cannot be revealed in the reverse direction, so no one can know what the encrypted data is except for the input user, and even the administrator cannot know what the encrypted data is. This will ensure that users can achieve the effect of anonymous voting during the voting process, and only the system itself can know. In addition, the system also uses some auxiliary functions to ensure that the user's input can be authenticated. There are several types used in this system. One is OTP, also known as One-time password, also known as dynamicpassword or one-time valid password. It is mainly used to send OTP to users by email, so that users can input the provided OTP to continue for further operation of the system, and this OTP is only one-time, the validity period is only one login session or transaction. The second is the relatively simple captcha (Completely Automated Public Turing test to tell Computers and Humans Apart). This process that requires users to enter a pre-determined code to authenticate users is not a robot. Besides that, ASP.NET itself provides multiple validation methods to validate user input and effectively improve the security and confidentiality of the system. Last but not least is the secure connection of the system. HTTPS is used instead of HTTP to achieve this effect. The biggest difference between HTTPS and HTTP is security. HTTPS communication protocol is encrypted using Transport Layer Security (TLS) or its predecessor, Secure Sockets Layer (SSL). In this system, SSLcertificate was applied to create an encrypted connection and establish trust to the web application. The main motivation of HTTPS is to authenticate the visited websites and protect the privacy and integrity of the data exchanged during transmission, so it provides a great help to the online voting system, greatly improving the security of the system to prevent hackers from invading.
Actions (login required)