- Veröffentlicht: 19. Januar 2017
Organizers of a contest around such systems especially wanted to ensure they would be able to surmount what is perhaps the highest hurdle facing e-voting: the public’s reluctance to try something new.
In the wake of the recent election, it is clear that while the rise of electronic voting continues, public skepticism around digital balloting persists. A survey by the Democracy Fund, for example, shows 39 percent of voters were “very” or “somewhat” concerned that an electronic security breach or hack impacted national vote counts in the recent election.
The blockchain offers one possible remedy. As the accounting methodology behind bitcoin and other electronic currency initiatives, blockchain provides a technology framework for transparent recordkeeping. It’s an encrypted digital ledger shared among distributed computers. All transactions are transparent; everything leaves a trail.
The blockchain can keep track of money. But can it tally votes? That’s what global cybersecurity company Kaspersky Lab set out to discover when it launched a competition in which university teams were asked to conceptualize blockchain-based election systems.
“Different peers in different systems are essentially checking each other’s transactions. Everyone can know what every single transaction is,” said Juan Guerrero, senior security expert with the Global Research and Analysis Team at Kaspersky Lab. This could be used to ensure the integrity of electronic voting. “If one of them gets hacked or one of them gets altered, all the others would be able to notice that change.”
Of 19 submissions, Kaspersky recently named three winners:
- New York University won $10,000 for its a “permissioned blockchain” configuration, in which a central authority admits voting machines to the network and generates a distributed ledger of votes.
- University of Maryland, College Park’s Maryland Cybersecurity Center took home $5,000 for a solution rooted in global public keys that encrypt ballots and provide voter receipts.
- Newcastle University in the UK won $3,000 for a model rooted in three protocols: the Open Vote Network, along with DRE-i and DRE-ip encryptions.
Given public wariness around e-voting, Kaspersky set a high bar for system designers. The contest asked for solutions that could ensure voter privacy, safeguard against voters being pressured to cast a ballot, prohibit the publication of interim results (illegal in some places), account for votes left blank and allow for a recount if required.
Contest organizers especially wanted to ensure the blockchain systems would be able to surmount what is perhaps the highest hurdle facing e-voting. That is, the public’s reluctance to try something new.
“One of the biggest issues with voting will be refusal to adopt the new technology. This is something people don’t want to change,” said Brian Bartholomew, senior security researcher and senior security expert on the Global Research and Analysis Team at Kaspersky Lab.
Some contestants sought to encourage voting from home, a pretty radical departure. The NYU and Maryland teams instead addressed the issue of user acceptance by devising systems that look and feel familiar.
“They made a big effort to keep as much process in place as possible, to keep the current system and only change certain things at the core, so that the change would be almost invisible to the user,” Bartholomew said. “This is an elegant way of introducing a major change without making people feel uncertain about what is happening.”
Voters likely will be concerned about privacy too should the blockchain idea gain popularity as an election mechanism. Blockchain’s strength is in its transparency: Everyone can see the ledger. Can you do that and still keep an individual’s ballot choice secret?
“You want to strike a balance between being able to audit and being able to maintain privacy,” said Kevin Kirby, a student and project manager for the NYU team. One solution would assign a random identity number to each voter. An audit could reveal how that ID number voted, but would not associate the number with an individual.
That’s essentially what the University of Maryland proposed too. “Your vote is encrypted in the blockchain, but you still have a way to check and make sure your vote is actually there,” said student Willem Wyndham. “It’s a way of having a transaction that is visible, but still private.”
The team drew its inspiration from the use of the blockchain in electronic bidding, where potential buyers want to see that their offer has been properly tallied, while still remaining anonymous.
Concerns about voting under duress proved tougher to crack. “Those who went with remote voting used a panic password, a way for the user to create an emergency password they could use to let the system know they were voting under duress,” Bartholomew said. It’s a complex solution, though, and most teams opted instead to stay with traditional polling places.
Kaspersky initiated the competition in order to shed some light around a topic that is gaining traction in the public domain, but is not yet well understood or firmly established either in public perception or in policy.
“Digital voting has been implemented in some places, but there are issues with accountability, the ability to audit these systems, the ability to adapt systems to meet the voting needs of different countries,” Guerrero said. “It makes people uneasy, and rightly so.”
There is evidence that the public would support a move toward an enhanced digital voting infrastructure, despite its reservations.
In a poll of U.S. voters released in December, Edelman Intelligence found 35 percent are concerned about the accuracy of the voting technology used at their local polling places, and 69 percent would support initiatives to improve voting technology.
The outcome of this contest won’t resolve all the questions around e-voting and the blockchain, but organizers hope these proposals will help to move the needle.
“It’s not like this an issue that will get solved in a 20-page paper,” Guerrero said. “There are issues of implementation and adoption. But once you start to describe a system the way these teams have, then you get people interested in finding proof-of-concepts. It gets the discussion going.”
Autor(en)/Author(s): Adam Stone
Quelle/Source: Government Technology, 11.01.2017