Internet Voting Is 'Not Secure' and Blockchain Won't Help, Warns Scientific Body
Internet voting tools – including blockchain apps – have fundamental issues, and are not safe for real elections, a multidisciplinary science group told U.S. policy makers.
As the coronavirus pandemic continues to roil elections and voting officials look for solutions, scientific experts are warning against the dangers of voting online.
The American Association for the Advancement of Science’s Center for Scientific Evidence in Public Issues has written an open letter to U.S. governors, secretaries of state and state election directors to express concern about the security of voting via the internet or mobile apps. The AAAS letter has been signed by renowned cybersecurity and computing experts and organizations. It reflects research from the National Academies of Science, Engineering and Medicine, the National Institute of Standards and Technology and other organizations.
“At this time, internet voting is not a secure solution for voting in the United States, nor will it be in the foreseeable future,” the letter reads, pointing to undetected manipulation of votes, privacy violations, malware intrusions, and the potential for denial-of-service attacks and other vulnerabilities.
Internet voting, which includes voting via email, fax, web and mobile app, has no meaningful voter-verified paper record, the letter states, which makes it impossible to conduct a valid audit of the results.
Fundamental issues
The idea of internet voting isn’t new.
Steve M. Newell, project director at AAAS’s Center for Scientific Evidence in Public Issues points to a report facilitated by the National Science Foundation around two decades ago.
“Their conclusion was that it's not a viable product now, and it won't be for the foreseeable future. And then two years ago, the National Academies [of Science, Engineering and Medicine] put out their big comprehensive report on election security and their conclusion was basically the same thing,” he said.
New tools, such as blockchain-based voting apps, don’t appear to be a solution either.
According to the letter, the use of blockchain architecture doesn’t address the fundamental issues with internet voting, and if anything creates a larger attack surface. It also raises questions about how the information is stored, decrypted and transferred to a durable paper record.
“There are people who are saying that blockchain voting will deal with the security issues of Internet voting or online voting, and it just doesn't. Blockchains are a data structure, they’re a way of storing data, but they don't deal with it with the main security issues of internet voting,” said Barbara Simons, a fellow with the Association for Computing Machinery and the American Association for the Advancement of Science.
Bringing a blockchain system to an internet voting platform is like “bringing a combination lock to a kitchen fire,” Newell said, quoting an analogy made by MIT cryptographic expert Ron Rivest.
“It's not a tool built to address the problem that you have,” Newell said, adding the evidence indicates that not only is blockchain technology not mitigating the dangers, it’s adding more.
The letter mentions mobile voting app Voatz by name, referencing a Trail of Bits audit confirming vulnerabilities previously reported by MIT researchers “despite the app developer arguing these vulnerabilities did not exist following the MIT report.”
In particular, the letter pointed to the number of findings highlighted, the possibility of still undiscovered vulnerabilities and “a lack of transparency essential for faith in the electoral system.”
It references the potential for ballot manipulation and for exposing voters’ private information, which could put them at risk of identity theft or, in the case of overseas military voters whose information is compromised, “risks potentially providing adversaries with intelligence regarding military deployments, endangering the lives of service members and national security.”
Alternative solutions
The letter advocated for “thoughtful implementation of alternative voting methods,” such as voting by mail and early voting,
“We must not trade convenience for security, because there are many organizations and people who would like to attack our elections. Our job is to make it as difficult for them as possible, not easy. Moving to internet voting would allow anyone from anywhere to try to attack our elections, and somebody who's very good at this and very well funded might very well succeed. We just can't allow that in a democracy,” Simons said.
Internet voting should not be used until verifiability, security and secrecy can be guaranteed with ballots transmitted online, the letter said. At present, “no known technology” can do so.
Newell said it’s important for people who see the theoretical benefits of internet voting to know it’s not backed by evidence or science and that the insecurity of internet voting is an unambiguous, widely held opinion. For example, he said, groups ranging from the American Civil Liberties Union to the Heritage Foundation are strongly opposed to internet voting.
“I think a lot of people are looking for answers and wondering if internet voting is one of them,” he said. “And I think it makes sense for us to say here, this evidence says it's really not and so, if you want to follow the evidence and heed the science, it's really warning you to avoid internet voting. It's just not a secure solution."
STORY CONTINUES BELOW
Read the full letter below: