MIT Researchers: Voting Risks Associated with Blockchain

Proving that the losing party did, in fact, lose in an election is an important part, one that is very difficult to solve electronically.

Researchers from the Massachusetts Institute of Technology (MIT) have said that claims that “voting on the Blockchain” would increase the security of elections are misleading and erroneous.

In their article “Going from Bad to Worse: From Internet Voting to Blockchain Voting”, it was said that internet and Blockchain-based voting would “greatly increase the risk of undetectable, nation-scale election failures”.

The senior author, Institute Professor Ron Rivest of MIT’s famous Computer Science and Artificial Intelligence Laboratory said “I haven’t yet seen a blockchain system that I would trust with a county-fair jellybean count, much less a presidential election”. Rivest is known mostly as the “R” in the RSA encryption algorithm.

Their paper evaluates and analyzes research previously done on the security risks of offline and online voting systems. According to the researchers, Blockchain technology doesn’t solve the basic security challenges faced by all e-voting systems. It could even bring about more challenges.

Blockchain solutions are “ripe” for what is called “serious failures”. These are circumstances where the results of an election may have been altered, by a malicious party or through an error. The alteration may be inconspicuous. If it is even detected, the only resolution that can be taken is for a whole new election to be run.

They wrote, “Exposing our election systems to such serious failures is too high a price to pay for the convenience of voting from our phones. What good is it to vote conveniently on your phone if you obtain little or no assurance that your vote will be counted correctly, or at all?”.

All electronic systems, blockchain included, are prone to large-scale attacks, because exploiting a single loophole could affect the whole ballot system. Mail-in and in-person ballots are much harder to manipulate.

The researchers suggested five requirements for the security of elections: • Ballot secrecy: To prevent buying of votes or intimidation. • Software independence: For verification of results through a paper trail. • Voter-verifiable ballots: So the voters can confirm their votes have been recorded correctly. • Contestability: So anyone who sees an error can convince others of the realness of the error. • Some kind of auditing process.

Currently, the researchers argued that only paper ballots are voter-verifiable. Their paper also lists over 40 “critical questions” that need to be considered about any suggested voting system when analyzing their security.

These 40 questions include questions about comprehending the responsibilities and capabilities of stakeholders and their opponents, how many corrupt people are needed to steal an election and the intrinsic details of protection of privacy, transparency and legal constraints.

A core concept of the researchers is an evidence-based election. They wrote “A key goal of an election is to prove to the losing party that they did, in fact, lose. An election system must therefore provide convincing evidence to all parties that the election result is correct, even in the face of intense scrutiny”.

Dr. Vanessa Teague, an Australian cryptographer with an interest in the security of voting systems said to ZDnet that evidence is “critically important” and “building evidence remotely is really, really hard. The more we study this problem, the more we learn that one little thing on a list of 50 questions might actually turn out to be really, really hard to solve”.

Dr. Teague alongside her colleagues, have continually found errors in election systems used in the United States, Switzerland, Australia and other countries. “Many, many things can go badly wrong, even in carefully designed systems implemented by people who know what they’re doing. The systems being used in practice that I’ve seen are generally neither”.

Apparently, e-voting of any kind is still the “wrong answer to the wrong question”. Focus should be more on the basic democratic principles of elections than on futuristic ways of voting and swift results.

E-voting would require solving the challenges of secure software, secure hardware and trustworthy processes run by humans. According to the new MIT paper, the addition of Blockchain cannot solve any of these issues.

By Marvellous Iwendi.

Source: ZDNet