Security and trust are seen as the most important issues in electronic voting systems. Therefore, it is necessary to use cryptographic procedures to ensure anonymity, security, privacy, and reliability in these systems. In recent years, blockchain has become one of the most commonly used methods for securing data storage and transmission through decentralized applications. E-voting is one of these application areas. However, data manipulation is still seen as a major potential problem in e-voting systems. In theproposed model, administrators or miners are prevented from previewing election results which are normally accessible data due to the blockchain structure. A double-layer encryption model is proposed and tested to prevent manipulations that may occur with the election results. It is ensured that the election results can be counted after the participation of all stakeholders at the end. In this way, potential manipulations may be prevented during the election period. As a result of the model, the privacy of voters is ensured, no central authority is needed, and the recorded votes are kept in a distributed structure.

1. Introduction

A fair election is desirable by everyone. Frequently, there are doubts in the minds of voters related to the voting procedures, counting processes, and the announcement of results [13]. The election systems have evolved depending on the needs and developments of the time during which they were developed. Technological developments offer possible innovations to every field; likewise, it is thought that digitalization mechanisms to be added to voting systems can minimize human errors [4]. But, unlike paper-based electoral systems, problems such as system failure, network security, and information security may arise with an electronic voting system.

One of the most important issues in e-voting systems is the security weaknesses made by people inside or outside who are authorized to access the system. A decentralized design and cryptographic data storage security approach may have the potential for solving these problems. Normally, cryptography is mainly used to encrypt information such as voter data, votes, and voting results before data are stored on the server. Therefore, the system can ensure the authenticity and security of the voting information [5]. In this context, various additional features and solutions have been proposed to be integrated into election systems. Development work is still ongoing. Different types of improvements to e-voting have been done to provide easy election organization, easy participation, and low cost. Accordingly, various enabling technologies have been adapted ranging from biometric authentication to remote voting [6, 7] to kiosk systems [8] or to mobile voting systems [9]. Nowadays, the security and privacy of blockchain platforms have attracted great attention. Recently, blockchain-based voting systems have been proposed [1013]. However, it is stated that such systems still have trust problems. Abuidris et al. [14] and Ghosh et al. [15] state the risks and vulnerabilities of blockchain applications. In e-voting systems, the guaranteeing the security of the votes is seen as one of the most important problems. An attacker can copy and decipher passwords if he has sufficient computational power or when the encryption algorithm is proven unsafe. Therefore, the e-voting system’s ability to secure data and defend against potential attacks has always been viewed with suspicion.

On the other hand, due to its privacy features, homomorphic encryption has been used in other studies [1620]. Operations such as adding and multiplying on the message encrypted with homomorphic encryption can be done using the Paillier algorithm [20]. However, the proposed structures should be carefully examined. Although homomorphic encryption is generally agreed to be secure, for example, in the scheme proposed by Li et al. [12] and analysis conducted by Wang et al. and Qu et al., weaknesses were also identified [2123]. Fontaine and Galand [24] argue that in general the proposed schemes are not very suitable for every use and their properties should be carefully studied. As e-voting systems contain a vital sequence of processes, the applications should be inspected with care.

In addition, blockchain technology, infrastructures, and its security properties may solve certain security issues identified, and it is emphasized that more studies are needed to adapt and enrich these features to developed desired e-voting systems [25, 26]. It is also known that although the blockchain includes many security measures, for example, attackers can still leak information by analyzing network traffic and transaction information [27].

Alongside these limitations related to the application of blockchain to e-voting, the most important problem in election systems can be seen as the manipulation of election results or the emergence of a situation that may affect the result. In places where the election results go hand in hand, there may be situations that may affect the result with little difference. It is also known that there are such disputes as a result of many elections. One of the most critical issues that can affect the outcome is the risk of results being foreseen by the leading candidate in the constituency. It has been determined that such information can be leaked during the election as a result of storing votes in a central place or being held by malicious people, even in a distributed structure.

Preliminary or forseen results could affect the decisions of other voters. Therefore, it is critical to prevent disclosure of any results during the election period. The main contribution of this work is the following: we proposed a model for e-voting systems that can ultimately combine the security layer of the paper-based system with the security layers of the voting system. As a part of this undertaking, we proposed a model that eliminates data privacy and data reversibility problems that arose during the election.

The general focus wason prevention of data breaches during the election period and proposing requirements for such a suitable decentralized block chain-based electronic voting system. The particular objective of the project was to develop an e-voting system using double-layer encryption that prevents the occurrence of situations that could impact the voter’s decision. The system requirements have been defined and performance evaluation was made in the application scenario of the designed system. In the proposed system, the votes are encrypted first, and, secondly, the encrypted votes are divided into pieces and distributed to the nodes. In this way, the data that is open in the blockchain system alone becomes meaningless. To obtain the election results, a certain number of nodes come together to make the data meaningful and then can declare the results. As the results of the proposed model, the privacy of voters was ensured, while it was ensured that there was no central authority, and the recorded votes were kept in a distributed structure. It was guaranteed that the stored data cannot be predicted during the voting, and only the election results could be obtained after the participation of all stakeholders. As a result of the encryption and distribution algorithm together, the time to distribute the data increases according to the number of nodes to be connected.

The rest of this paper is organized as follows. Section 2 provides the literature on e-voting and threats. Section 3 provides a description of the blockchain concepts and the e-voting systems based on blockchain. Section 4 describes the system implemented, encryption methods, and analysis of the implementation. The last section provides the concluding remarks and outlines future work.

2. Literature on E-Voting and Threats

Advances in information technology are also affecting the election processes and methods. Researchers are working to contribute to existing methods and to improve the contribution of such systems to voting systems. Electronic voting is evaluated from different angles to traditional voting systems, such as convenience, reducing the margin of error, and getting quick results.

Election commissions may face various problems during the election. The most common problems are improper approval regarding voting, duplication, or illegal voting. Secure authentication is very important to ensure that the eligible voter actually casts the vote. As an example, regarding the vote duplication problem, Mahiuddin recommended a biometric iris recognition control system integrated into the voting system to avoid duplication [28]. Rana et al. and Olaniyi et al. advised fingerprint scan for the same purpose [29, 30].

Although electronic voting is an interesting topic, some researchers have published studies emphasizing that the shortcomings and risks of these systems need to be investigated comprehensively. Olumide et al. and Kohno et al. also emphasize these risks in their studies [31, 32]. For security reasons, different solutions are recommended as follows: biometric [28,33, 34], fingerprint [29, 30], chip ID card (Near-Field Communication card) [35], and different encryption methods [17, 21, 36, 37], and suggestions are still examined by researchers.

Experts have been working on safe and effective e-voting proposals for more than three decades. In an early article published by Chaum [38] in 1981, an anonymous communication channel to encrypt the ballot is used for the first time. After that, various e-voting systems were used in many countries since the 2000s. Various countries from each continent used e-voting in local and general elections. Some of these are as follows: USA (2000), India (2002), UK (2002), Estonia (2005), Canada (2006), and Norway (2011) [3942].

E-voting refers to the end-to-end process of registration, voting, and counting on a digital election management platform. Electronic voting systems try to be as easy to use and secure as the ideal traditional choices and eliminate human error. Electronic voting systems can generally be divided into two categories [43]. Ballots can be used remotely, as well as through closed systems allocated in election offices. In pool site electronic voting, the voters still participate physically, but the ballots are discarded and counted electronically. In remote online voting, votes are used remotely, usually using a personal device over the Internet. Such alternative devices can be voting kiosks, computers, mobile devices, paper-based electronic systems, and even televisions [44].

Such applications and systems must be accepted by society. A practical secure e-voting plan should be structured to provide the following features:Eligibility: only registered and authorized voters can vote [45, 46]Uniqueness: no one can vote again [46] Noncoercibility: no one should be able to follow up the person for which candidate he voted for [47] Reliability: votes must be securely recorded even in case of system malfunctions [48] Integrity: no one can change the votes [49] Verifiability: make sure that the votes are counted correctly [9, 50, 51]

Electronic voting mainly is investigated for solving some of the problems identified in traditional voting systems. Earlier purpose of e-voting systems has been to integrate electronic devices into the voting system. However, as a result of this integration, various difficulties are detected. Some research results indicated that serious critical weaknesses were still revealed in current e-voting systems. Various election officials see possibilities for internal or external attackers affecting the illegal election outcome [31]. Hassan and Wang identified a set of possible problems such as unauthorized privilege, seizure, wrong cryptography usage, vulnerabilities to network threats, and software development weaknesses in the systems it examines [50]. Küsters et al. studied several e-voting machines (ThreeBallot, Wombat voting, and Helios voting system) used in actual elections. The study showed that voting machines are vulnerable to attacks being under the assumption of trust in authorities. They showed that the authorities could change the ballot papers in an unnoticeable way and thus manipulate the election without being detected [52].

Halderman and Teague conducted a detailed security analysis of the iVote system used in the elections in New South Wales, Australia, in 2015. As a result of their research, they reported that they detected vulnerabilities that could lead to manipulations or the capture of some private information [53]. In another review, Springall et al. examined in detail the security analysis of the Estonian voting system. They showed how attackers could access election servers or voters’ customers to alter election results or undermine the legitimacy of the system [54].

Estonia and USA are two countries that have been using e-voting systems on a large scale. Estonia became the first country in the world to allow online voting in 2007. However, due to the infrastructure problems used in this election system, it was determined that voters could cast more than one vote. It was also revealed that those who had access to the voting system could see partial results beforehand [54, 55]. Elections insiders’ attacks such as poll workers and local elections officials are real and imminent threats to electoral integrity [56].

Recently, blockchain technology with distributed architecture features has been proposed for e-voting systems, generally for their benefits in terms of end-to-end verifiability [57]. Like other researchers, Wei and Chang [58] point out that the blockchain can be used in electronic voting systems. Taş and Tanrıöver systematically examined the blockchain voting systems claimed by many schema authors in their study in August 2020. They found that e-voting was still far from being a safe real-life application [42].

A voting systems threat analysis was conducted by the Brennan central task force on the security of electronic voting systems used in the American elections. In this study, mainly the insertion of corrupt software, wireless and other remote control attacks, attacks on tally servers, shutting-off of voting system, they studied different scenarios such as denial-of-service attacks and attacks on the ballot. The results of the study have demonstrated that it may be possible to alter the ballot that the votes shown for one candidate are recorded and counted for another [59].

Another study by Lewis et al. showed that the system developed for Swiss elections had a trap door. The study showed that malicious managers or individuals can manipulate votes. It was stated that even if this breach was closed, it was not known whether other hidden ones were there for such manipulations [60].

In another important scheme called the Prêt à Voter voting scheme [61], security weaknesses have also been detected as a result of tests carried out by independent parties. There is a tradeoff between voting system transparency and the potential for a hacker, an organization, or the government to determine exactly how each voter has voted [62]. The Swiss Post conducted a public test of the e-voting system they developed in 2019. The analysts identified weaknesses [63] that could allow an attacker to change or place votes and produce a result that would not match with the actual voters. These results showed that the system needs to be reverified [60, 64]. Ethical hackers even organize a contest at the DefCon conference about how fast voting machines used in America can be hacked, rather than whether they can be hacked [65].

Although, during the last 5 years, various blockchain-based e-voting systems were proposed, most of the papers only highlight the general and positive characteristics of these systems [42, 66, 67]. As examples, studies in [11, 13, 68] describe their design of a blockchain-based election system. However, most of these studies do not propose a complete design of a voting system. In addition, the weaknesses in blockchain systems recently appeared in some studies [69, 70]. These challenges are stated as scalability, privacy leak, Man-in-the-Middle attack, and Distributed Denial of Service attack (DDoS) [70]. On the other hand, online voting poses numerous risks to the security of the ballots used as well as to the integrity of the general election system. Moreover, adopting features like blockchain and encryption does not solve many of the underlying security risks inherent in online voting [71]. For this reason, it is important not only to keep the ballots safe but also to prevent them from being used by malicious users.

To summarize, most traditional e-voting systems require a central and reliable third party for their processes. This causes them to be of critical importance in the storage and counting of votes. Blockchain is recommended for its decentralized features and increasing its security features. Despite getting lots of attention, the online voting system is still not widely used. The most important problems in the voting system remain the reliability of the system in storing and counting the votes and the voters’ assurance that there will be no manipulation.

3. Blockchain Terms and Concepts

In this section, we give a brief introduction to blockchain related terminology and its basic concepts. The appearance of the blockchain concept appeared in 2009 when “Satoshi Nakamoto” combined blockchain infrastructure with various rules and created the first cryptocurrency, a form of digital money that relied on cryptography for its security [72]. A block can be defined as a data structure that is added as a chain structure in a distributed way [73]. Blockchain can be seen as a distributed ledger of recorded transactions. The validity of transactions is established through a consensus mechanism, and transactions are recorded into blocks in a chain. Decentralization means that there is no central computing device for storing sent transactions [74]. Each blockchain node stores its copy and contains a reference to the previous block hash (Figure 1).

After the rising popularity of Bitcoin, blockchain technology gained popularity in numerous sectors. In a broader sense, the blockchain mechanism consists of a decentralized shared database that provides a secure, immutable, and auditable list of records. It enables anonymous parties to keep and organize their databases altogether in a completely decentralized manner and without the need to establish a centralized administration that implements a common central control [76]. The blockchain provides a permanent record of transactions on a network. Unlike a traditional database, the system copies the chain of records that occur and then allows each participant on the network to view all transactions.

The applications of blockchain range from the Internet of things applications [77] to secure digital rights management [78], pharmaceuticals [79], financial transactions, and trade and commerce [80]. Blockchain development infrastructures are also constantly evolving; however, examples that are widely used are Bitcoin [72], Ethereum [81], Hyperledger, and R3 Corda.

The blockchain infrastructure consists of six layers. From bottom to top, the layer structure is composed of data, network, consensus, incentive, smart contract, and application layer [25, 27, 82, 83] (Table 1).

The function of the data layer is to store the data in the block. A hash function is applied to produce a fixed-length output of variable size data. Being an irreversible one-way function, the processed data cannot be obtained back from the calculated hash value. Thus, a timestamp and a hash function are used for the integrity of the blockchain.

The network layer of the blockchain works on a peer-to-peer (P2P) network structure. Peer-to-peer implementations are generally managed by distributed architectures that divide tasks between peers without a reliable authority [84]. This is used as a network program protocol to communicate, process, and duplicate blockchain between two or more machines. Each node on the network is responsible for its resources, and it serves as both a server and a client.

The consensus layer manages the distributed consensus mechanism that governs the order of blocks. The purpose of the incentive layer is to provide definite incentives to get nodes to participate in the security verification of the blockchain. For contract layer, with the help of smart contract, transactions are initiated according to the rules [27, 83].

3.1. Hash Function

A hash function is an operation that creates a unique value of a fixed length with mathematical functions of various lengths of data. It is a one-way function and the original data cannot be obtained from the summary value obtained. In the hash process, the same value is generated for the same data, but when there is the slightest change, the value created by the hash function also changes.

3.2. Encryption Methods

Ensuring the confidentiality and integrity of data is an important issue. In this paper, the symmetric and asymmetric encryption fundamentals are used to ensure the confidentiality and integrity of data.

Symmetric Encryption. The same key is used in symmetric encryption and decryption steps. AES, DES, 3DES, and RC4 are the main symmetric encryption methods. The encryption key is public, as the decryption key remains private [24]. Symmetric encryption algorithms are much faster and require less computational power, but their main weakness is key sharing. Since the same key is used to encrypt and decrypt information, this key must be shared with anyone who needs access to the data. This naturally creates security risks.

Asymmetric Encryption Schemes. Different keys are used in asymmetric encryption, encryption, and decryption. These keys are referred to as public and private keys. The public key is used for encryption and authentication, while the private key is used for decryption and signing. Asymmetric encryption systems are very slow compared to symmetric systems and require more computational power due to much longer keys.

3.3. Digital Signatures

A digital signature is a cryptographic mechanism used to verify the accuracy and integrity of digital data. The process essentially consists of hashing a message along with the signer’s private key. The recipient of the message can then check whether the signature is valid using the public key provided by the signer [64].

3.4. Smart Contract

In 1994, the term smart contract was introduced by Nick Szabo, a cryptographer and a computer scientist [85]. According to Szabo’s concept, the contracts can be converted into computer code, stored and copied to the system, and controlled by a computer network that runs the blockchain. Smart contracts refer to the writing of a contract in the lines of code and the transactions are executed according to the terms of these contracts which are executed on the blockchain [86]. When the contracts are loaded on nodes, they will interact with other components on the blockchain based on rules. Smart contracts are designed to perform reliable transactions without the need for a central authority or an external application mechanism. The blockchain-based smart contract becomes incrementally popular and has been exploited by multitudinous industries [87].

3.5. Consensus Mechanisms

The establishment of a decision is based on general acceptance by taking a certain number of steps within the framework of certain rules between a group of people. Proof of Work (PoW), Proof of State (PoS), Byzantine Fault Tolerance (BFT), and Delegated Proof of Stake (DPoS) are common consensus mechanisms [88].

Proof of Work (PoW). The most widely used consensus mechanism is Proof of work (PoW). PoW requires a complex problem-solving process. Miners perform complex calculations to reach a hash value with predetermined properties in the PoW protocol. The first miner reaching the specified hash value is entitled to add a new block to the chain. The relevant block is added to the blockchain after the hash value is published to other nodes and the hash value is verified by all nodes. Then, the integrity of the chain is ensured by adding the new block to all miners. At the end of this process, the miner who publishes the block is rewarded [89].

Proof of Stake (PoS). Proof of Stake (PoS) or virtual mining protocol [15] establishes alternative selection tools that aim to keep PoW’s benefits while improving on its weaknesses [90]. Proof of Stake (PoS) is an energy-saving compromise protocol alternative to the PoW protocol. The use of PoS started to increase due to the advantage of reducing power consumption and scalability. Miners in the PoS protocol have to prove the ownership of a coin amount (value). In this protocol, people with more assets are more likely to be used for verification [91].

Delegated Proof of Stake (DPoS). Delegated Proof of Stake is similar to PoS, but nodes in the network select delegates for block creation and validation and block validation and validation can be done very quickly with a small number of elected delegates. It makes blocks using DPoS not only faster than PoW or PoS blocks but also less secure. This is because only a small group of people decide the validity of transactions for the entire network and make this mechanism more centralized. Delegates can form cartels or start working together in secret, threatening trust in the entire network [92].

Byzantine Fault Tolerance (BFT). It is the consensus protocol that can still coordinate and come to a consensus despite some difference between the nodes [93].

4. System Description and Analysis

In theory, the decentralization principle of blockchain technology can increase the integrity of elections and their controllability by different entities. The blockchain-based voting design relies on recording each data entry in the ledger across multiple nodes for constant proof of each ballot paper. For our implementation, we have decided to use a private network and use the Ethereum blockchain API. The reason for this decision is that Ethereum is a widely recognized and proven-secure infrastructure for blockchain applications. On the other hand, as smart contracts are visible and transparent to all voting participants, they are not suitable for storing sensitive data. That is why homomorphic encryption is preferred in our system due to its privacy features. The homomorphism feature allows one to operate on the ciphertexts without decrypting them. For a voting system, this property allows the encrypted ballots to be counted by any third party without leaking any information on the ballot [85, 94].

To protect the sensitive voting data, it was aimed to fragment the data and keep it distributed. Secret data sharing is a technique to strongly distribute fragments of important information between distributed networks. For this reason, the Shamir Secret Share method is applied as the second layer of security [95].

The proposed system scheme and proposed algorithm can be viewed in Figure 2 and Algorithm 1. The system procedures that should be conducted at every stage are briefly as follows:Phase 1: ID Card Delivery. Fingerprint/biometric data loaded microchip ID card distribution (Figure 3).Phase 2: Preregistration. Central Authority provides a list that is based on only eligible voters who can vote. Generally, the list of voters is held by election administrators. The election manager updates the list of eligible voters before the election if needed (Figure 3).Phase 3: Registration.Voters apply for voting services with an ID card containing fingerprint/biometric data. These data can be checked with the help of an independent special device. The voting service office manager checks the person’s right to vote. If he/she is authorized, he/she is provided to select an account in a closed envelope (Figure 3). Phase 4: Voting: The voter selects candidates. The voter votes in any of the electronic cabinets with the help of the account information given in the envelope to him/her. Phase 5: Transaction: At this stage, the vote is first encrypted with homomorphic encryption (Figure 4). It is then divided into pieces (Figure 5). Then, the transfer of transactions to all nodes is included in the system. Phase 6: Counting: Authority and assigned nodes to complete the process of combining the data for counting. Other nodes verify the results. It should achieve the same results.

Input: Voter ID
Output: Sliced Encrypted Ballot
(2)If Voter Id in Voter List Id then//Check Voter
(3)  Get the voter Token, set the password
(4)else not an eligible voter exit
(5)if (voter Id in registered voter list) then//check
    registered Voter
(6)  Check Token and Password
(7)else not registered voter exit
(8)if not voted (token and password) then
(9)  chose Candidate ID
(10) chipherData = HomomorphicEnc(Candidate ID)//data encryption
(11) chiperBallot = SecretShareSlicer (chipherData) //data share
(12) send chiperBallot to blockchain nodes
(13)else failed login exit

The operations performed in the flowchart of the proposed system are shown in Figure 2. In the first phase, every citizen should be provided with (Ci) biometric ID card. All the necessary information is uploaded to these chip cards.

Election management authority is responsible for the election system requirements. System administrators and election authorities are to organize and control the voting process by initializing the system parameters and triggering different phases of an election.

Election authority prepares voter list (Vi ← Ci), and the system administrator defines the election (Eid)), candidate list (CLi), and registration office (RegOfficeID).

Registration office authority guarantees the authorization for each voter (Vi). After the authentication is verified, the voter gets a token. This token can only be used once. After the candidate (CLi) selection, encrypted vote transaction begins (Figures 4 and 5). Voters can submit their votes from multiple points applying the following:

This ballot is being distributed to the whole blockchain nodes in the voting phase. If the following transaction data is valid, it is added to the blockchain (Figure 6).

We can summarize the vote encryption phase (Figures 4 and 5); the important parameters of the applied methods are formally as follows (plaintext refers to vote information).

Let p and q be random prime numbers, and then calculate

If random prime numbers p and q have the same lengths, generator can be chosen. If not, then choose randomwhere x expresses the decimal value of the selected candidate and y indicates the encrypted value corresponding to this value.where r value is chosen to provide randomness.

Encryption: .

Table 2 illustrates sample random encryption calculation.


The table of encryption durations (Table 3) for each user was examined in practice tests, and it was found that computation ended within an average of 93 ms.

After the conversion of the decrypted value to binary, we can find the counting result for each candidate.

The anonymity and confidentiality of the votes used are ensured by homomorphic encryption. However, although the votes cast are encrypted and stored, there is a possibility that they can be counted at the nodes that store the data in the blockchain. For this reason, it is thought that the problem can be solved if this encrypted data can be distributed among the nodes and, after the election, a certain number of nodes can come together to form the original data. Private sharing is achieved thorough dividing the private information into smaller chunks or shares and then distributing those shares across the group or network. Instead of sending encrypted votes directly to the nodes, the data will be fragmented and sent to the nodes and stored. It is aimed to be reconstructed by gathering a certain number of nodes during the count. The structure created in this way will ensure that both redundancy and data integrity are met with certain criteria.

As shown in Algorithm 2, vote data is fragmented into 4 nodes, P (p1,p2,p3,p4) (Figure 5); the number of nodes decided in the design comes together to ensure data integrity, P = decryption (p1,p2,p4); the same numbers of different nodes come together and verify. P = decryption (p2,p3,p4).

N nodes, P random prime
Input: Secret data
Output: Shared data
(1) //calculation function coefficients
(2)fori = 0 toNdo//calculate function
(4)forj = 0 toNdo//calculate slices
(6)returni = 0...N−1

N = 5 and k = 3 (5 nodes, at least 3-node threshold).

For 5 nodes, data are spitted into 5 pieces. This data fragmentation process is distributed according to the entire number of nodes and provides cross-checking by combining random nodes to create and control them.

Original data is obtained with at least 3 nodes randomly selected for recovery (Figure 7).

Fragmented values from each node are used to recover the function.

Finally, hidden data is obtained by calculating the p mod of the function.

Secret data S=a0 can be obtained from Algorithm 3.

N nodes, P prime number
Input: i = 0..N-1
Output: Secret data S
(1)forj = 0 tokdo//calculation of function coefficients from nodes
(3)forj = 0 toNdo//reconstruct function
(5)//calculate encrypted data

Nodes or observers can check the validity of all transactions, making sure the election as a whole is secure and the data is stored consistently. The data-sharing scheme prevents even an attacker with unlimited computing power from accessing data alone. To obtain the data, it must have enough shares to meet the minimum number of shares.

For secret share, the computation times with fixed thresholds (Figure 8) and with fixed nodes (Figure 9) were calculated. Threshold refers to the minimum number of nodes that need to come together when the value stored in fragmented nodes is to be recovered. It was determined that the increase in the number of nodes when the threshold remains constant causes an increase in the computation time, but the change is linear. However, when the number of nodes was fixed and when the threshold value was increased, it was determined that there were significant increases in the calculation time.

This showed that using optimum nodes and thresholds in real system design will significantly reduce the voting processing time. In our experiments, 600 nodes and 300 thresholds are considered in the acceptable range. Considering redundancy, security, and efficiency, the experimented values were acceptable, taking into account these three criteria. It was observed that when the threshold value was increased, the voting time increased logarithmically, and this negatively affected the election time. In addition, when a lower value is selected, the possibility of causing manipulation again arises. At this setting, it took about 7000 ms. ∼ 1.17 sec. (encryption + share + transaction = 93 + 1171 +  5774) for the ballot to deliver to the blockchain network. However, this duration is expected to be higher real-life elections when more simultaneous nodes with high loads are needed; where for example more than 150 million Americans voted in the last USA presidential election held on November 3, 2020 [96].

The dependability problem that may arise in e-voting will be reduced by using a printout vote and putting it in a bullet box as in classical voting. In this way, a hybrid structure may be established with ballots stored for final control. In our case, the security of the voting system is ensured by combining the use of a fingerprint ID card in the voting protocol, the use of homomorphic encryption, and the distributed structure of data. This method can be integrated into any private blockchain system. The occurrence of information leaks related to ballot information andelection results and use of multiple votes can be prevented .

An analysis of properties can be stated as follows:Privacy: All voters are allowed to vote with a randomly generated account, while no password or username to connect with people is used. All votes cast start a transaction with homomorphic encryption first. In this way, the privacy of the voter is protected. Availability: Being in a distributed permission structure, the availability percentage of the system increases. Its closed structure provides resistance to attacks. Eligibility: since voters accepted by biometric data control are allowed to vote, only those who are authorized to vote are enabled to vote. Uniqueness: Once registered for voting, the voter cannot vote again and can only vote once with his account. A smart contract does not normally allow such operations. Noncoercibility: Random key based encryption and distribution prevent tracking of votes with the combination of homomorphic encryption and secret share modeling. The user account to be used to vote is randomly created and is not tied to people and the vote cast. Reliability: Keeping the votes cast in a distributed structure enables the system to work in any situation. No data is lost. The distributed nature of the system ensures higher durability against attacks when compared to single-point systems. Integrity: Data stored on the blockchain is safe from tampering. Since the proposed system has a permission based blockchain structure and a framework with different nodes, the data in this system is secure. Verifiability: Firstly, in reaching the final results, the process is the aggregation of information of a certain number of nodes included in the consortium. Secondly, other nodes work on a consensus mechanism and hence cross-check and verify the results. Since the printed votes will be cast in the box in the election room, the net result can be calculated with the box count in case of need. Buying attack: It is recommended to use the voting process similar to the classical voting process by means of legal sanctions. In this way, people are not allowed to show whom they voted for. Replay attack, Sybil attack or Man-in-the-Middle attack: Although the system uses permission based private network, there may be Man-in-the-Middle attacks, replay attacks, or Sybil attacks. In case of incidents related to imitation of voters or attempts to change the vote cast, the results may be verified by cross counting the votes in the election offices.

5. Conclusion

Although electronic voting has been a topic of interest for many years, it is still not fully resolved. Online voting systems contain a security conflict such that it may be possible for authorities to conduct fraud or do manipulations which are difficult to detect by other participants.

In this work, a double-layer security model is proposed and tested to prevent manipulations that may occur during the elections and with the election results. It is ensured that the election results can be counted after the participation of all stakeholders. As a result of the model, the privacy of voters is ensured, no central authority is needed, and the recorded votes are kept in a distributed structure. In this way, potential manipulations may be prevented during the elections.

Validation through simulation results showed that the voting and counting phases of the proposed system worked as intended. Ballots are encrypted with homomorphic encryption and then shared among nodes in the system. Only valid voter ballots are guaranteed to be recorded as transactions, which were mined into blocks. It was also tested that the system continues to work even if a node becomes inoperable. Furthermore, it is ensured that the election results are announced with all stakeholders without data loss.

The most important limitation has been the difficulty of simulations with as many nodes as a real election system needs. In the future, it is aimed to simulate with a more realistic system, to operate the system from end to end, and to focus on optimizations for scalability of the system. Another future work is that in the proposed system the end of election is assumed to be depending on the system time. However, the system may be improved to increase the security of the time dimension.

In our opinion, transition to the e-voting method should proceed slowly by implementing in small pilot populations first and then widening the scope slowly. The implementation of such voting systems still poses many challenges and risks for developers and governments.

Data Availability

No data were used to support this study.

Conflicts of Interest

The authors declare that they have no conflicts of interest.