A Project by David Culbreth for St. Mary's University CS6361 : Computer Network Security
Note that [SCHN96] in the description refers to the following book. The book is available online.
- Title: Applied Cryptography
- Author: Bruce Schneier
- Publisher: Wiley, New York, 1996
- ISBN: 0-471-11709-9
This project implements the secure election protocol described in [SCHN96](Voting with Two Central Facilities).A more theoretical discussion is found in [SCHN96]. The implementation will provide a secure way for people to vote online, which el iminates the hassle of physically being present at designated election locations. Since computerized voting will not replace general elections unless there is a protocol that both maintains individual privacy and prevents cheating, the ideal protocol must meet these requirements:
- Only authorized voters can vote.
- No one can vote more than once.
- No one can determine for whom anyone else voted.
- No one can duplicate anyone else's votes.
- Every voter can make sure that his vote has been taken into account in the final tabulation.
- Everyone knows who voted and who did not
The design should use two central facilities: Central Tabulating Facility (CTF) and Central Legitimization Agency (CLA). CLA's main function is to certify the voters. Each voter will send a message to the CLA asking for a validation number, and CLA will return a random validation number. The CLA retains a list of validation numbers as well as a list of validation numbers' recipients to prevent a voter from voting twice. Then, the CLA completes its task by sending the list of validation number to the CTF. CTF's main function is to count votes. CTF checks the validation number against the list received from the CLA. If the validation number is there, the CTF crosses it off (to prevent someone from voting twice). The CTF adds the identification number to the list of people who voted for a particular candidate and adds one to the tally. After all the votes have been received, the CTF publishes the outcome.
- docker (built using Docker 18.09.3)
And that's it! The docker images will take care of any dependencies within the containers at runtime. However, For local development, it's still useful to know my baseline libraries
- Python 3.7.2 and libraries:
- Node.js 10.15.1
- react-create-app
- axios
- ... and some other stuff. look in the
package.json
If you've followed all of the below instructions, you should be able to just start the whole thing with the following commands:
git clone https://github.com/AndroxxTraxxon/digivote.git
cd digivote
./setup.sh
docker-compose up --build
The setup.sh
is necessary to generate the certificate files used by the cla
and ctf
.
After running setup.sh
, you will need to add the .../digivote/certificates/auth.crt
to the list of registered Certificate Authorities in your browser of choice.
Once that has been done, the application should be accessible at http://digivote.cyber.stmarytx.edu
, and the services at https://cla.cyber.stmarytx.edu
and https://ctf.cyber.stmarytx.edu
respectively.
The Certificates for the CLA and CTF services were omitted on this git repo because they are used for security. Publishing a private key makes it a bit less secure.
The certificates can be generated by running setup.sh
. It will generate a authority certificate and certificates for both services, signed by the authority cert/key.
If you did not add .../digivote/certificates/auth.crt
to your browser's registered CA's, then your browser will notify you that you are using an unverified connection.
- Acquire certificates signed by a certificate root.
- Deploy CLA and CTF services using a WSGI server
- See
- If you are unable to access either of the CLA/CTF services or the UI at their designated sites, you can re-enable the DNS logging within Docker by commenting out these two lines in the
dps
image withindocker-compose.yml
:-
logging: driver: none
- It is currently only set up to work on a linux machine, due to the volume config:
/etc/resolv.conf:/etc/resolv.conf
-
If You encounter the following error in the CLA or CTF:
Traceback (most recent call last):
File "./cla_server.py", line 23, in <module>
context.load_cert_chain('cla.crt', 'cla.key')
FileNotFoundError: [Errno 2] No such file or directory
You likely still need to run the setup.sh
script to generate/install the certificates in the appropriate location.