Remote E-Voting Using the Smart Card Web Server

Abstract

Voting in elections is the basis of democracy, but voting at polling stations may not be possible for all citizens. Remote Internet e-voting uses the voter's own equipment to cast votes, but is potentially vulnerable to many common attacks, which affect the election's integrity. Security can be improved by distributing vote processing over many web servers installed in tamper-resistant, secure environments, using the Smart Card Web Server SCWS on a mobile phone Subscriber Identity Module SIM. A generic voting model is proposed, using a SIM/SCWS voting application with standardised Mobile Network Operator MNO management procedures to process the votes cast. E-voting systems Pret i Voter and Estonian I-voting are used to illustrate the generic model. As the SCWS voting application is used in a distributed processing architecture, e-voting security is enhanced: to compromise an election, an attacker must target many individual mobile devices, rather than a centralised web server.