Skip to content

AndroxxTraxxon/digivote

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits

digivote-cla

digivote-cla

 
 

digivote-ctf

digivote-ctf

 
 

digivote-ui

digivote-ui

 
 

sandbox

sandbox

 
 

.gitignore

.gitignore

 
 

README.md

README.md

 
 

cla.ssl.conf

cla.ssl.conf

 
 

ctf.ssl.conf

ctf.ssl.conf

 
 

docker-compose.yml

docker-compose.yml

 
 

index.txt

index.txt

 
 

setup.sh

setup.sh

 
 

Repository files navigation

Digivote Digital Networked Voting Platform

A Project by David Culbreth for St. Mary's University CS6361 : Computer Network Security

Project Requirements

Note that [SCHN96] in the description refers to the following book. The book is available online.

  • Title: Applied Cryptography
  • Author: Bruce Schneier
  • Publisher: Wiley, New York, 1996
  • ISBN: 0-471-11709-9

Virtual Election Booth

This project implements the secure election protocol described in [SCHN96](Voting with Two Central Facilities).A more theoretical discussion is found in [SCHN96]. The implementation will provide a secure way for people to vote online, which el iminates the hassle of physically being present at designated election locations. Since computerized voting will not replace general elections unless there is a protocol that both maintains individual privacy and prevents cheating, the ideal protocol must meet these requirements:

  • Only authorized voters can vote.
  • No one can vote more than once.
  • No one can determine for whom anyone else voted.
  • No one can duplicate anyone else's votes.
  • Every voter can make sure that his vote has been taken into account in the final tabulation.
  • Everyone knows who voted and who did not

The design should use two central facilities: Central Tabulating Facility (CTF) and Central Legitimization Agency (CLA). CLA's main function is to certify the voters. Each voter will send a message to the CLA asking for a validation number, and CLA will return a random validation number. The CLA retains a list of validation numbers as well as a list of validation numbers' recipients to prevent a voter from voting twice. Then, the CLA completes its task by sending the list of validation number to the CTF. CTF's main function is to count votes. CTF checks the validation number against the list received from the CLA. If the validation number is there, the CTF crosses it off (to prevent someone from voting twice). The CTF adds the identification number to the list of people who voted for a particular candidate and adds one to the tally. After all the votes have been received, the CTF publishes the outcome.

Prerequisites

  • docker (built using Docker 18.09.3)

And that's it! The docker images will take care of any dependencies within the containers at runtime. However, For local development, it's still useful to know my baseline libraries

Setup

If you've followed all of the below instructions, you should be able to just start the whole thing with the following commands:

git clone https://github.com/AndroxxTraxxon/digivote.git
cd digivote
./setup.sh
docker-compose up --build

The setup.sh is necessary to generate the certificate files used by the cla and ctf. After running setup.sh, you will need to add the .../digivote/certificates/auth.crt to the list of registered Certificate Authorities in your browser of choice. Once that has been done, the application should be accessible at http://digivote.cyber.stmarytx.edu, and the services at https://cla.cyber.stmarytx.edu and https://ctf.cyber.stmarytx.edu respectively.

Generating X.509 Certificates for the CLA and CTF

The Certificates for the CLA and CTF services were omitted on this git repo because they are used for security. Publishing a private key makes it a bit less secure.

The certificates can be generated by running setup.sh. It will generate a authority certificate and certificates for both services, signed by the authority cert/key. If you did not add .../digivote/certificates/auth.crt to your browser's registered CA's, then your browser will notify you that you are using an unverified connection.

Further work for a production environment application

  • Acquire certificates signed by a certificate root.
  • Deploy CLA and CTF services using a WSGI server
    • See

Troubleshooting notes

  • If you are unable to access either of the CLA/CTF services or the UI at their designated sites, you can re-enable the DNS logging within Docker by commenting out these two lines in the dps image within docker-compose.yml: 
    • logging:
  driver: none
    • It is currently only set up to work on a linux machine, due to the volume config:
      • /etc/resolv.conf:/etc/resolv.conf

If You encounter the following error in the CLA or CTF:

Traceback (most recent call last):
  File "./cla_server.py", line 23, in <module>
    context.load_cert_chain('cla.crt', 'cla.key')
FileNotFoundError: [Errno 2] No such file or directory

You likely still need to run the setup.sh script to generate/install the certificates in the appropriate location.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages