傳統投票仰賴紙本與人事作業，除了高成本低效率以外，更存在許多篡改舞弊的可能性；電子投票不僅提升了投票的可行性與參與性，亦大幅降低了作業成本；然而，信賴基礎係被定義的公正第三方，仍是現存機制最大的疑慮。
自從比特幣蓬勃發展後，以區塊鍊為基礎的應用也隨之成為潮流。區塊鍊不只是提供了更有規模性的運算能力，更被認為是安全可靠的分散式帳本 。
本篇論文主旨為提出基於區塊鍊演算法實作之安全性儲存服務，並以電子投票系統為例呈現。此服務將利用區塊鍊之安全性、正確性及其可驗證性取代傳統儲存空間 (如: MongoDB)，並且導入區塊鍊去中心化之概念，解決上述傳統投票系統與現行電子投票系統之疑慮；在此篇論文中，我們更加入訊息認證碼演算法檢查並確認資料在傳輸期間是否遭竄改，透過進階加密標準之密碼區塊鍊節演算法實作EtM機制，強化訊息認證碼的驗證效能，增加訊息來源的可靠度。然而，受限於資料庫程序存取問題，我們重新設計了實驗的架構去檢視我們系統的可靠度與安全性。最後，我們呈現了不同驗證節點的情境，並推論出驗證節點與惡意節點的相依性。

Traditionally, we used to vote with paper ballots which is costly and inefficient because it highly relies on paper and human resources. What's more, there is a lot of possibility of fraud. Electronic Voting advances the accessibility for participants and significantly costs down; however, it is critically challenged that it should be based on the fair third party.
Since Bitcoin network has become as the most powerful distributed computing network, the numbers of implementation based on Blockchain grow rapidly. Blockchain not only provides scalable computing but also seems as a secure transaction database.
In this thesis, we propose a storage service based on Blockchain algorithm. We take three properties of Blockchain: security, accuracy, and verifiability to replace traditional storage (e.g. MongoDB) and clarify the concern mentioned above. Also, we check if the data tampered during the transmit procedure with HMAC (Message Authenticate Check). Differ from the normal MAC mechanism, we implement EtM by AES-CTR to strengthen the difficulty of verification. Confined to single process accessing of database, we design a new experiment to examine the reliability of our system. We show performance with different numbers of validation nodes separately. Consequently, we conclude a pattern between validation and malicious nodes.

Abstract I
中文摘要 II
Acknowledgments III
Table of Contents IV
List of Tables VI
List of Figures VII
Chapter 1 Introduction 1
Chapter 2 Related Work 5
2.1 Electronic Voting System 5
2.1.1 Analysis and Evaluate of Electronic Voting Systems 5
2.1.2 An Electronic Voting System Based on Blockchain 7
2.2 Blockchain 8
2.2.1 Types of Blockchain 8
2.2.2 Blockchain as Database 11
2.3 Docker 12
2.3.1 Overview 12
2.3.2 Dockers is to Blockchain 14
2.4 RocksDB 14
2.4.1 Overview 14
2.4.2 RocksDB vs. LevelDB 17
2.4.3 RocksDB is to Us 18
Chapter 3 System Architecture 20
3.1 Request Accepter 21
3.1.1 Overview 21
3.1.2 Event API 21
3.1.3 Poll API 22
3.1.4 Query API 22
3.1.5 Tracking API 23
3.1.6 Https 23
3.2 Data Resolution 24
3.2.1 Overview 24
3.2.2 Validation Peer 24
3.2.3 Chaincode 26
3.2.4 EtM 26
3.3 Summary 28
Chapter 4 Simulation Environment 29
4.1 Request Accepter Server 29
4.1.1 Overview 29
4.1.2 Environment Setting 29
4.2 Data Resolution Server 29
4.2.1 Overview 29
4.2.2 Deploy Hyperledger Fabric Project 29
Chapter 5 Experimental Result 32
5.1 Security Experiments 32
5.1.1 Overview 32
5.1.2 Design of Experiments 32
5.1.3 Result of Experiments 34
Chapter 6 Conclusion and Future Work 38
Bibliography 41

[1] Google, "ElectronicVoting ". [Online]. Available: https://en.wikipedia.org/wiki/Electronic_voting
[2] Bederson, B. B., Lee, B., Sherman, R. M., Herrnson, P. S., & Niemi, R. G. (2003). Electronic voting system usability issues. Paper presented at the Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, Ft. Lauderdale, Florida, USA.
[3] Google “How to know if the Election was Hacked? Look at the Ballots”. [Online]. Available: https://medium.com/@jhalderm/want-to-know-if-the-election-was-hacked-look-at-the-ballots-c61a6113b0ba
[4] Google “Blockchain Voting System”. [Online]. Available: http://www.economist.com/sites/default/files/northeastern.pdf
[5] Google “Blockchain” . [Online]. Available http://www.europarl.europa.eu/RegData/etudes/ATAG/2016/581918/EPRS_ATA%282016%29581918_EN.pdf
[6] Kohno, T., Stubblefield, A., Rubin, A. D., Wallach, D. S., & Society, I. C. (2004). Analysis of an electronic voting system 2004 Ieee Symposium on Security and Privacy, Proceedings (pp. 27-40). Los Alamitos: Ieee Computer Soc.
[7] Norris, P. (2001). US campaign 2000: Of pregnant chads, butterfly ballots and partisan vitriol. Government and Opposition, 36(1), 3-26. doi:10.1111/1477-7053.00051
[8] Clarkson, M. R., Chong, S., Myers, A. C., & Soc, I. C. (2008). Civitas: Toward a secure voting system Proceedings of the 2008 Ieee Symposium on Security and Privacy (pp. 354-368). Los Alamitos: Ieee Computer Soc.
[9] Springall, D., Finkenauer, T., Durumeric, Z., Kitcat, J., Hursti, H., MacAlpine, M., & Halderman, J. A. (2014). Security Analysis of the Estonian Internet Voting System. Paper presented at the Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, Scottsdale, Arizona, USA.
[10] Ming Chow (2016). Followmyvote white paper https://followmyvote.com/online-voting-technology/blockchain-technology/.
[11] Pierre Noizat (2015) Handbook of Digital Currency Chapter 22 Available: https://www.weusecoins.com/assets/pdf/library/blockchain-electronic-vote.pdf
[12] Nakamoto, S.: Bitcoin: A peer-to-peer electronic cash system, http://www.bitcoin.org.
[13] Christidis, K., & Devetsikiotis, M. (2016). Blockchains and Smart Contracts for the Internet of Things. Ieee Access, 4, 2292-2303. doi:10.1109/access.2016.2566339
[14] Sikorski, J. J., Haughton, J., & Kraft, M. (2017). Blockchain technology in the chemical industry: Machine-to-machine electricity market. Applied Energy, 195, 234-246. doi:10.1016/j.apenergy.2017.03.039
[15] Stackoverflow, "Consensus PoW". [Online]. Availabile: https://ethereum.stackexchange.com/questions/118/whats-the-difference-between-proof-of-stake-and-proof-of-work
[16] C. Cachin. Architecture of the hyperledger blockchain fabric. In Workshop on Distributed Cryptocurrencies and Consensus Ledgers, 2016.
[17] M. Vukolić. 2017. Rethinking Permissioned Blockchains. In ACM Workshop on Blockchain, Cryptocurrencies and Contracts (BCC’17). Available at: http: //vukolic.com/rethinking-permissioned-blockchains-BCC2017.pdf
[18] M. Castro, B. Liskov, "Practical byzantine fault tolerance", Proc. of the 3rd USENIX Symp. on Operating Systems Design and Implementation (OSDI ‘99), pp. 173-186, 1999.
[19] R. Kotla, M. Dahlin, "High throughput byzantine fault tolerance", Proc. of the 2004 Int'l Conf. on Dependable Systems and Networks (DSN ‘04), pp. 575-584, 2004.
[20] T. Distler, R. Kapitza, "Increasing performance in Byzantine fault-tolerant systems with on-demand replica consistency", Proc. of the 6th ACM European Conf. on ComputerSystems (EuroSys ‘11), pp. 91-105, 2011.
[21] Google, “Byzantine Fault Tolerance Blockchain”. [Online]. Available: https://atrium.lib.uoguelph.ca/xmlui/bitstream/handle/10214/9769/Buchman_Ethan_201606_MAsc.pdf?sequence=7
[22] English M, Auer S, Domingue J. Block chain technologies & the semantic web: a framework for symbiotic development. Technical report, University of Bonn, Germany; 2016. <http://cscubs.cs.uni-bonn.de/2016/proceedings/paper-10.pdf
[23] Stackoverflow. “Turing-Complete Ethereum”. [Online]. Available: https://ethereum.stackexchange.com/questions/2464/what-does-it-mean-that-ethereum-is-turing-complete
[24] McConaghy, T., R. Marques, A. Müller, D. de Jonghe, T. McConaghy, G. McMullen, R. Hendersen, S. Bellemare, and A. Granzotto, "BigchainDB: A Scalable Blockchain Database", 2016. https://www.bigchaindb.com/whitepaper/, accessed: 12.06.2016.
[25] Google “AWS Button”. [Online]. Available: https://aws.amazon.com/tw/iotbutton/getting-started/
[26] Google “HTTPS”. [Online]. Available: https://en.wikipedia.org/wiki/HTTPS.
[27] Bellare, M., & Namprempre, C. (2000). Authenticated encryption: Relations among notions and analysis of the generic composition paradigm. In T. Okamoto (Ed.), Advances in Cryptology Asiacrypt 2000, Proceedings (Vol. 1976, pp. 531-545). Berlin: Springer-Verlag Berlin.
[28] Rogaway, P. (2002). Authenticated-encryption with associated-data. Paper presented at the Proceedings of the 9th ACM conference on Computer and communications security, Washington, DC, USA.
[29] Google, "Hyperledger Fabric Project". [Online]. Available: https://www.hyperledger.org/
[30] Google, “PBFT validation”. [Online]. Available: https://read01.com/O22oM0.html.
[31] Google, "Docker compose file". [Online]. Available: https://www.docker.com/.
[32] Gitbooks. "Docker". [Online]. Available: https://philipzheng.gitbooks.io/docker_practice/content/introduction/what.html.
[33] Github. "Golang". [Online]. Available: https://github.com/golang.
[34] Gitbook. "Golang". [Online]. Available: https://www.gitbook.com/book/wizardforcel/gopl-zh/details
[35] Github. "chaincode". [Online]. Available: https://www.google.com.tw/search?q=chaincode&oq=chaincode&aqs=chrome.0.69i59j69i60l3j69i57j69i61.1524j0j9&sourceid=chrome&ie=UTF-8
[36] Lin, L. H., Chen, K. Z., & Zhong, S. P. (2017). Enhancing the Session Security of Zen Cart based on HMAC-SHA256. Ksii Transactions on Internet and Information Systems, 11(1), 466-483. doi:10.3837/tiis.2017.01.025
[37] Wikipedia. “HMAC”. [Online]. Available: https://en.wikipedia.org/wiki/Hash- based_message_authentication_code