簡易檢索 / 詳目顯示

回結果列表
研究生: 陳俊曄
Chen, Chun-Yeh
論文名稱: 具高度安全性與可信度之混合大規模電子投票系統設計
Design of a Hybrid Large-scale E-voting System with Enhanced Security and Credibility
指導教授: 莊允心
Chuang, Yun-Hsin
學位類別: 碩士
Master
系所名稱: 工學院 - 工程管理碩士在職專班
Engineering Management Graduate Program
論文出版年: 2026
畢業學年度: 113
語文別: 英文
論文頁數: 64
中文關鍵詞: 電子投票數位簽章同態加密零知識證明
外文關鍵詞: e-voting, digital signature, homomorphic encryption, zero knowledge proof
相關次數: 點閱:15下載:0
分享至:
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報

    • 隨著數位科技的快速發展,電子投票已成為提升選舉效率與便利性的重要趨勢。然而,在大規模選舉情境下,如何同時確保選民隱私、資料安全與選票可驗證性,仍是現有電子投票系統所面臨的主要挑戰。本文提出一套符合臺灣選舉環境與現行法律架構的半實體電子投票系統架構,旨在於安全性、可近性與公眾信任之間取得平衡。
    本系統採用自然人憑證作為身分驗證機制,以確保選民身分的真實性與選票的完整性,並結合匿名憑證與唯一追蹤碼設計,使選民得以在不揭露個人身分資訊的前提下,自主驗證其選票是否已被正確記錄與計入。為確保選舉公平性,系統架構導入嚴謹的數學驗證機制,以防止重複投票與無效選票,同時整合以硬體為基礎的簽章安全機制,確保整體計票結果具備高度的防竄改能力與可審計性。
    此外,透過保留實體投票所的監督機制,本模型有效降低遠端投票可能衍生的選民脅迫風險,在維持傳統選舉流程透明度與問責性的同時,大幅提升數位化作業效能。整體而言,本文所提出之架構提供了一套安全、可驗證且具擴充性的電子投票解決方案,可作為臺灣逐步邁向數位選舉制度的重要實務基礎。

    With the rapid advancement of digital technologies, electronic voting has emerged as a key trend for enhancing electoral efficiency and convenience; however, ensuring voter privacy, data security, and ballot verifiability in large-scale elections remains a primary challenge for existing systems. This study proposes a semi-physical electronic voting framework tailored to Taiwan’s electoral environment and legal constraints, aiming to balance security, accessibility, and public trust. The system utilizes the Citizen Digital Certificate for identity authentication to ensure voter authenticity and ballot integrity, while incorporating anonymous tokens and unique tracking codes that allow voters to independently verify that their ballots have been correctly recorded without disclosing personal information. To guarantee electoral fairness, the architecture implements rigorous mathematical verification to prevent duplicate or invalid voting and integrates hardware-based security for data signing to ensure that all aggregated tallying results are highly tamper-resistant. By retaining physical polling station oversight, the model effectively mitigates the risk of voter coercion often associated with remote voting, preserving the transparency and accountability of traditional procedures while significantly enhancing digital performance. Ultimately, this framework offers a secure, verifiable, and scalable approach that serves as a practical foundation for Taiwan’s gradual transition toward digital election systems.

    ABSTRACT ii 摘要 iii ACKNOWLEDGEMENT iv LIST OF TABLES vii LIST OF FIGURES viii CHAPTER 1 INTRODUCTION 1 1.1 Motivation 1 1.2 Contributions 2 1.3 Thesis Organization 4 CHAPTER 2 RELATED WORK 5 CHAPTER 3 PRELIMINARY 9 3.1 NFC 9 3.2 Digital Signatures 11 3.3 EdDSA 12 3.4 HSM 15 3.5 Zero Knowledge Proof 17 3.6 Homomorphic Encryption 19 CHAPTER 4 HYBIRD LARGE-SCALE E-VOTING SYSTEM 22 4.1 E-voting System Design Requirements 22 4.1.1 Integrity 23 4.1.2 Privacy 24 4.1.3 Verification 25 4.1.4 Security 25 4.1.5 Contingency Mechanism 26 4.2 The Proposed Hybrid Large-Scale E-voting System 27 4.2.1 Pre-Election Phase 28 4.2.2 Voting Phase 34 4.2.3 Calculating Phase 37 4.3 Zero-Knowledge Proof for Ballot Validity 39 4.3.1 Proof Generation: The Voter (Prover) Steps 40 4.3.2 Proof Verification: The System (Verifier) Steps 42 4.3.3 Security Properties 43 CHAPTER 5 ANALYSIS AND COMPARED 44 5.1 Integrity 44 5.2 Privacy 45 5.3 Verification 46 5.4 Security 47 5.5 Compensation Mechanism 48 CHAPTER 6 CONCLUSIONS 51 References 53

    [1] Springall, Michael, et al. "Security Analysis of the Estonian Internet Voting System." Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security (CCS), 2014, pp. 703–715. https://doi.org/10.1145/2660267.2660315.
    [2] Duenas-Cid, D. (2024). “Trust and distrust in electoral technologies: What can we learn from the failure of electronic voting in the Netherlands (2006–2007).” arXiv. https://arxiv.org/abs/2412.05052
    [3] Blanchard, E., Gallais, A., Leblond, E., Sidhoum-Rahal, D., & Walter, J. (2022). “An analysis of the security and privacy issues of the Neovote online voting system.” In Lecture Notes in Computer Science (Vol. 13459). Springer. https://doi.org/10.1007/978-3-031-15911-4_1
    [4] U.S. Senate Select Committee on Intelligence. Report on Russian Active Measures Campaigns and Interference in the 2016 U.S. Election. Volume 1, July 2019. https://www.intelligence.senate.gov/sites/default/files/documents/Report_Volume1.pdf.
    [5] Germann, M., & Serdült, U. (2017). Internet voting and turnout: Evidence from Switzerland. Electoral Studies, 47, 1–12. https://doi.org/10.1016/j.electstud.2017.04.001
    [6] Halderman, J. Alex and Vanessa Teague. "The New South Wales iVote System: Security Failures and Verification Flaws in a Live Online Election." arXiv preprint arXiv:1504.05646, 2015. https://arxiv.org/abs/1504.05646.
    [7] El-Hajj, M., & Beune, P. (2024). “Lightweight public key infrastructure for the Internet of Things: A systematic literature review.” Journal of Industrial Information Integration, 41, 100670. https://doi.org/10.1016/j.jii.2024.100670.
    [8] Jianying Zhou, & Gollman, D. (n.d.). A fair non-repudiation protocol. In Proceedings 1996 IEEE Symposium on Security and Privacy. IEEE Comput. Soc. Press. https://doi.org/10.1109/secpri.1996.502669.
    [9] Huang, A.-N. (2005). The research for the associate electronic voting system with MOICA card (Master’s thesis). Yuan Ze University, Taiwan. Retrieved from National Digital Library of Theses and Dissertations in Taiwan.
    [10] Poettering, Björn and Douglas Stebila. "Double-Authentication-Preventing Signatures." International Journal of Information Security, vol. 16, 2017, pp. 1–22.
    [11] Adida, Ben. "Helios: Web-based Open-Audit Voting." USENIX security symposium. Vol. 17. 2008.
    [12] Adida, Ben, et al. "Electing a University President Using Open-Audit Voting: Analysis of Real-World Use of Helios." EVT/WOTE, vol. 9, no. 10, 2009.
    [13] Tarasov, Pavel and Hamid Tewari. "Internet Voting Using Zcash." Cryptology ePrint Archive, 2017. https://eprint.iacr.org/2017/585.
    [14] Sallal, Mohammed F., Renaud D. Fréin and Abdullah Malik. "PVPBC: Privacy and Verifiability Preserving E-Voting Based on Permissioned Blockchain." Future Internet, vol. 15, 2023, article 121.
    [15] Zaghloul, Ehab, Tao Li and Jing Ren. "d-BAME: Distributed Blockchain-Based Anonymous Mobile Electronic Voting." IEEE Internet of Things Journal, 2021, pp. 1–1. https://doi.org/10.1109/JIOT.2021.3074877.
    [16] Spanos, Athanasios and Ioanna Kantzavelou. "EtherVote: A Secure Smart Contract-Based E-Voting System." Research Square, 2024. https://doi.org/10.21203/rs.3.rs-4107818/v1.
    [17] Yang, Xiaoqing, et al. "A Secure Verifiable Ranked Choice Online Voting System Based on Homomorphic Encryption." IEEE Access, vol. 6, 2018, pp. 20506–20519. https://doi.org/10.1109/ACCESS.2018.2817518.
    [18] Madlmayr, Gerald, et al. "NFC Devices: Security and Privacy." Proceedings of the 3rd International Conference on Availability, Reliability and Security, 2008, pp. 642–647.
    [19] Alimi, V. (2012). An Ontology-Based Framework to Model a GlobalPlatform Secure Element. In 2012 4th International Workshop on Near Field Communication. IEEE. https://doi.org/10.1109/nfc.2012.13.
    [20] Alharbi, R., Vafaie, N., Liu, K., Moran, K., Ledford, G., Pfammatter, A., … Alshurafa, N. (2017). Investigating barriers and facilitators to wearable adherence in fine-grained eating detection. In 2017 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops). IEEE. https://doi.org/10.1109/percomw.2017.7917597.
    [21] Gu, Y., Zhang, J., Zheng, G., Ji, S., & Wang, J. (2015). An indoor positioning method based on virtual reference RFID tags. In 2015 IEEE International Conference on Consumer Electronics - Taiwan. IEEE. https://doi.org/10.1109/icce-tw.2015.7217032.
    [22] Menezes, A. J., van Oorschot, P. C., & Vanstone, S. A. (2018). Handbook of Applied Cryptography. CRC Press. https://doi.org/10.1201/9781439821916
    [23] Rivest, Ronald L., Adi Shamir and Leonard Adleman. "A Method for Obtaining Digital Signatures and Public-Key Cryptosystems." Communications of the ACM, vol. 21, no. 2, 1978, pp. 120–126.
    [24] National Institute of Standards and Technology. Digital Signature Standard (DSS). FIPS PUB 186-4. U.S. Department of Commerce, 2013. https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf.
    [25] Josefsson, Simon and Ilari Liusvaara. "EdDSA: Edwards-Curve Digital Signature Algorithm." RFC 8032, 2017. https://doi.org/10.17487/RFC8032.
    [26] M. Sommerhalder, “Hardware Security Module,” in Trends in Data Protection and Encryption Technologies, V. Mulder, A. Mermoud, V. Lenders, and B. Tellenbach, Eds., Cham: Springer Nature Switzerland, 2023, pp. 83–87, https://doi: 10.1007/978-3-031-33386-6_16.
    [27] Agrawal, Shashank, Chiraag Ganesh and Payman Mohassel. "Non-Interactive Zero-Knowledge Proofs for Composite Statements." Lecture Notes in Computer Science, 2018, pp. 643–673. https://doi.org/10.1007/978-3-319-96878-0_22.
    [28] Vaikuntanathan, Vinod. "Computing Blindfolded: New Developments in Fully Homomorphic Encryption." Proceedings of the 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science (FOCS), 2011, pp. 5–16. https://doi.org/10.1109/FOCS.2011.13.
    [29] Kiayias, Aggelos, Thomas Zacharias and Bingsheng Zhang. "Ceremonies for End-to-End Verifiable Elections." Proceedings of the 2015 IEEE Symposium on Security and Privacy (SP), 2017, pp. 311–326. https://doi.org/10.1109/SP.2015.26.
    [30] Paillier, Pascal. "Public-Key Cryptosystems Based on Composite Degree Residuosity Classes." Advances in Cryptology – EUROCRYPT '99, edited by Jacques Stern, vol. 1592, Springer, 1999, pp. 223–238. https://doi.org/10.1007/3-540-48910-X_16.
    [31] Nystrom, M., et al. "RFC 7292: PKCS# 12: Personal Information Exchange Syntax v1. 1." 2014.

    QR CODE