Assumptions *<Tab/>Central voting server and counter server have a physically secured tamper-proof hardware. So, a potential hacker has no way of physically destroying or altering the hardware of the server. *<Tab/>Terminal is tamper-proof in the sense that there is no way to open up the terminal or modify its innards without irrevocably breaking the terminal. *<Tab/>Each terminal has an accurate, …showed first 75 words of 3045 total…

…showed last 75 words of 3045 total…be break although the possibility is low. *<Tab/>Transport Mode ESP of IPSec using here is not secure enough because it has the possibility to be break also. Future Works Future works are to solve the limitations of protocol that state as above. Reference Mark A. Herschberg's master thesis (Secure Electronic Voting Over the World Wide Web) at the Cryptography and Information Security research group of MIT's Laboratory for Computer Science.