I’m a Canadian citizen, and I have voted in municipal, provincial, and federal elections for the past sixteen years, since I became old enough to vote. Every vote I’ve ever casted has been done with a paper ballot. Counting paper ballots can be very time consuming and tedious, but the old-fashioned system we use in Canada has always made me feel confident about a very low risk of election fraud. Electronic voting systems, both by electronic voting machines and over the internet, don’t make me feel as good. But given how electronic voting systems are becoming more common, especially in the United States, should we embrace it?
The cybersecurity vulnerabilities of electronic voting
There are a number of electronic voting security vulnerabilities which have been identified in reports from the Brennan Center for Justice at New York University School of Law.
Voting machines wear out over time. Some can’t function properly for more than ten years of service, and many of the voting machines used in the United States are fifteen years old or older. Hardware physically wears out. And the software on the machines, given their age, many have critical vulnerabilities in code which have been publicly known for years. Often the software isn’t patched or even easily patchable. Also many American states use voting machines that are so old that replacement parts cannot be acquired for them.
From an op-ed by the Brennan Center’s Lawrence Norden:
“Computer security experts have conducted several in-depth studies of paperless touchscreen voting machines. They have consistently found them to be vulnerable to glitches and even covert tampering. Because touchscreen voting machines record votes on a computer chip, there is no way to independently verify the results. When machines crash or malfunction, as all computers do, hundreds of votes can be irretrievably lost...
Last year, a Princeton research team created a vote-stealing virus for one of the most popular voting machine models. It spreads from machine to machine and silently alters voting records to favor a particular candidate.”
Voting over the internet isn’t any better. Ron Rivest, MIT professor and cryptographer of RSA algorithm fame said, “The biggest concern I have about internet voting is that we don’t know how to do it securely. It sounds wonderful but it’s an oxymoron. We don’t have the internet experts who know how to secure big pieces of the internet from attack.”
Conducting elections over the internet opens the voting system to a massive attack service, as the internet is accessible by most people around the world. University of Surrey computer science professor Stephen Schneider discussed his concerns about internet voting with the BBC:
“Prof Schneider says the main security threat to online voting would be from malware on personal computers, which could potentially change votes cast via the internet.
Similarly, the use of internet-enabled voting machines in polling stations is ‘not really very secure’, he says. Many older machines, some used in the US, are ‘more easy to subvert’.”
Blockchain is a specific technology of cryptographically linked transactions or records. It’s primarily used in cryptocurrencies such as Bitcoin, but tech companies have found a lot of other useful applications. Blockchain shows a lot of promise as a means for keeping voting records verifiable and secure. A proper implementation of blockchain can help to protect the confidentiality and integrity components of the famed CIA triad of cybersecurity.
Good blockchain implementation protects confidentiality of voting records by encrypting them and making them accessible only to the necessary party which needs to count votes. Good blockchain implementation also protects the integrity of voting records by assuring that the votes aren’t tampered with by a malicious third party, also by its application of cryptography. Each chain in the block relies on its own private key to validate and document that it belongs to the blockchain, essentially certifying that it has not been tampered with.
Blockchain driven electronic voting has already been tried in Sierra Leone. In early March, Sierra Leone had the world’s first blockchain driven presidential election, and it seems to have been successful. Blockchain startup Angora provided the technology, but the use of it was limited to the country’s most populous district where their capital city of Freetown is located. Nonetheless, about 400,000 votes went through Angora’s blockchain implementation.
It’s worth noting that the technology Angora provided was a form of permissioned blockchain rather than public blockchain. Public blockchain records can theoretically be validated by anyone, whereas permissioned blockchain can only be validated by an authorized party. If the authorized party to the blockchain Sierra Leone used is trustworthy and unbiased, then in my opinion permissioned blockchain may have been the more secure option in this context.
Although electronic voting methodologies pose significant potential for election fraud, there are ways to make them more secure.
Elections officials and volunteers must receive some cybersecurity training.
Online voting can be made more secure with the proper implementation of cryptography and electronic identity cards, as seen in Estonia’s elections:
“Since Estonia's i-voting began, there have been no serious security issues, Mr Koitmae (deputy head of Estonia's Electoral Office) says. The technology and processes used are updated regularly based on technical advances and experiences from each election.
A crucial part of Estonia's system is that online voting is linked to the country's state-of-the-art electronic identity cards - carried by every citizen and resident.
Digital ID cards allow for the secure authentication of the owner online, and enables a digital signature to be linked to the account. Newer cards include an electronic copy of the owner's fingerprints.”
And as I mentioned, the blockchain technology deployed by Angora in Sierra Leone is reason for optimism.
Any electronic voting system, whether offline, on an internal network, or over the internet must be seriously vulnerability tested by third-party cybersecurity experts before it’s used to replace good old-fashioned paper ballots. It’s also essential to properly finance government election departments so that technology can constantly be tested, fixed, patched, or replaced. Only then can we vote electronically with confidence without significant risk of election fraud.