pan-democrat ce primary e-voting system
DESCRIPTION
Presentation to Lifestyle Award of ICT Awards 2012 on Feb 17 2012TRANSCRIPT
• First primary election held in Hong Kong
• Establish a precedence for future
elections and possible territory-wide
opinion polls/referendums
• First large-scale e-voting or e-polling
system in Hong Kong
• Polling held on January 8, 2012 in 74
polling stations from 10am to 7pm
• Results were announced to public at 8pm
• Results
– Total number of voters voted: 33,932
– Votes for Mr Albert Chun-Yan Ho
(#1): 22,148 (67.24%)
– Votes for Mr Frederick Fung Kin-kee
(#2): 10,791 (32.76%)
– Abstain: 993 (2.93%)
泛民初選投票結果
05,00010,00015,00020,00025,00030,00035,000
11:00 12:00 13:00 14:00 15:00 16:00 17:00 18:00 19:00 時間
總投
票數
總投票數 每小時票差
Pan-dem CE Primary Election Results
Total number of votes
(Accumulative)
Total no. of votes (Hourly)
Voting Trend (Hourly)
Time
• Onsite staff verifies the
HKID card of voter
– Required to be permanent
resident over 18 years of
age
• Staff enters full HKID
card number to system
– HKID# is hashed to a unique,
irreversible string to be
stored in database to be
compared against duplicate
voting
• Soft keypad used to
prevent keylogging
• Notebook/iPad passed to
voter to vote
• Voter votes for his/her
desired CE candidate
• Press “Vote” and the
voting process is
completed
• The whole voting
process can be
completed in less than
1 min.
• E-voting with real-time monitoring
• Internet Web-based system, with voting
over ~400 notebooks/tablets, supplied
by student volunteers
• Multi-layered security measures to
ensure privacy and against hacking
attempts
• No need for vote counting
• Programming
– Cryptographic algorithm to counter Rainbow
Table attacks
– Web infrastructure design and optimization
• Cloud-based backup for database server for
failover on AWS (Amazon Web Service)
– Real-time vote casting, automated vote counts
and verification
• Website for information and promotion
– www.pdce-primary.hk
• Access control – important as we used “public computers”
– Unique one-time login/passwords/URL combination (sent by SMS to staff on
the morning of election day)
– Soft keypad against keylogging
• DDoS mitigation design
– Used CloudFlare (content delivery network used as cloud-based firewall) –
over the 9 hours operation (although the web address was not announced
until the morning of the operation):
• 18% of traffic were external attacks from outside Hong Kong
• 29 phishing websites found
• SSL encryption to prevent against man-in-the-middle attack
• All data (including hashed data) removed on the evening on voting
day
• Report provided to Privacy Commissioner’s Office after primary
election day
• Point/touch-and-click --
easy to use for voters,
no training required
– Can be completed in < 1
minute
• Voting demonstration
video on website and
YouTube
• Real-time vote
counting/verification
• 74 voting locations
around Hong Kong
• First primary in Hong Kong, setting precedence for
2017 CE direct election and beyond
• 33,932 Hong Kong permanent residents voted
– 3,772 per hour
– Voting open only until 7pm
• Cost effectiveness
– E.g. 2010 Legco by-election cost ~$300M with 559,966
people voted, i.e. <$500 per vote
– Total expense of this by-election = $0.5M, i.e. <$15
per vote (more than 30 times more economical!)
• First public e-voting in Hong Kong
• Infrastructure design against attacks
and privacy concerns
• Scalable and expandable
• Real-time
• Using system design to overcome resource
constraints such as availability of
notebooks/tablets
• Promote public engagement
• Future reference model
– E.g. HKU POP’s POPvote (March 23,
2012)
• Environmental friendly
– No paper voting
• Charles Mok, member, Pan-democrat CE Primary
Election Organizing Committee; Chair, The
Professional Commons; Director, Computancy
Limited
• Ben Cheng, System Architect, Oursky Limited
• Kenneth Lam, System Architect, 3TECH
Engineering Limited
• Jason Leung, Project Coordinator, Computancy
Limited
• Sang Young, CISSP – Security team leader
• Charles Mok, Honorary
President, HKITF; various
judging capacity for Hong Kong
ICT Awards 2012
• Other team members
– SC Leung, HKPC/HKCERT