I-voting: politically contentious due to cyber-security security concerns, could blockchain technology ameliorate these issues?

By Tom Sandall

In most countries, voting is managed through traditional means through a paper-based ballot, requiring to show up in person or through postal services. However, since 2005 Estonia has utilised a form of voting that allows them to vote at home via the Internet in a system called I-voting. Around 46% of Estonians vote through this I-voting system. To do this, Estonians use their ID cards (or via a Mobile-ID Simcard) to authenticate themselves to the server, which contains two RSA key pairs: one to authenticate the user and another to produce digital signatures. Users also have a personal pin as an added safeguard. Users first download an election-specific app to vote, which in turn sends the vote to a vote forwarding server (which the user can verify its transmission through QR code). The vote then gets sent to an additional vote storage server, where a log server collects the events and information sent between the two (so election staff can verify vote legitimacy), and finally to an air-gapped vote counting server.

Image: An Overview of Estonia’s I-Voting system Image source

I-voting has seen limited use in Australia, Switzerland, Russia, and the United States. Blockchain technologies have been used as a security method within the latter two. Block-chain technology first came to facilitate bitcoin - a decentralised currency - by verifying and authenticating bitcoin transactions through an immutable and irrevocable ledger. Bitcoin uses public blockchain methods as anyone is free to participate in the system, however as voters have to be citizens of the country to vote, a different type of blockchain is employed. This type of blockchain is known as private or permissioned blockchain. In the United States, the state of West Virginia used a voting system created by the company Voatz for its military personnel stationed overseas. First, the system verifies the user, matching government-issued ID to a video selfie through facial recognition technology. The vote server then verifies this via a smart contract that records the votes on a Hyperledger platform. The Hyperledger essentially replaces the role of the log server seen in the above diagram. More recently, papers have been released that explore quantum computing as a means to provide anonymous and secure voting.

I-voting has, however, failed to offer a compelling enough alternative to traditional methods at a level larger than Estonia's system. Estonia as a country only has a population of around 1.3 million, half that of Manchester and less than half of Estonia vote through the I-voting system. The larger the country, the more that is at stake. These novel forms of voting discussed here do not address the fundamental problems of attempting to vote through the Internet. Fundamentally the stakes are too high. Attacks to digital systems are easier to execute, harder to detect, and can affect more people than attacks against paper ballot systems. Even Direct Recording Electronic (DRE) voting machines have questionable security. West Virginia ditched its Voatz system last year due to security concerns raised by both the MIT and the department of homeland security. The system in Estonia is not without its faults; this report in 2014 exposed a plethora of issues.

E-voting is vulnerable to many issues; conducting such processes online exacerbates existing issues. These are:

  • Voter fraud: A voter may be either maliciously or unintentionally falsely identified, leading to incorrectly logged votes. As internet voting allows for remote voting, citizens may be coerced into voting against their interests or exchange their vote for monetary gain.
  • Malware or spyware: Malicious software may be installed as a trojan horse, as hardware devices are produced overseas, even system updates could contain such software.
  • Bugs: Estonia has made most of its software open source, so those interested can scrutinise the system to expose issues. However, it cannot publish its software entirely due to security concerns, so bugs may be unnoticed.
  • Insider attacks: An insider may covertly manipulate the technology
  • Man in the middle attack: an attacker can intercept the data and alter it before sending it on.

With these issues and as online voting does not increase turnout, as studies have shown, conducting Important elections in nations with populations larger than Estonia will not arise until the technology has sufficiently matured. Quantum computing or blockchain technology does not address the fundamental issues surrounding I-voting, as the issues are at the point of use, when the data is transmitted and in the servers that process votes or within those severs used for storing information. In time online voting will become inevitable, but right now, the convenience it offers is not worth the cost. Too much is at stake with elections; the prize for bad actors to corrupt election results is too high. We may see I-voting employed in special circumstances, such as granting individuals who live in remote areas the ability to vote or when the stakes are lower. Right now, traditional methods trump those that require digital methods. E-voting itself remains controversial, and criticisms were central to the attempts to overturn The 2020 United States election. As I-voting technology is new top-down conspiratorial allegations can easily slip into the public conscious. Trump made the unsubstantiated claim that this election was "a major fraud on our nation", creating the pretence for the 2021 Capitol attack. I will be exploring this more deeply in my next post, Mass Insurrection and Q.

Additional sources of interest:

Blockchain-Based E-Voting System: An overview of how Block voting systems function.

Going from bad to worse: from Internet voting to blockchain voting: An in-depth look at the problems of blockchain voting and I-voting more generally.

Securing the Vote: An in-depth look at American Voting Infrastructure.