Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×
Government Privacy Security United States Politics Technology

Blockchains Are Not Safe For Voting, Concludes NAP Report (nytimes.com) 52

Posted by BeauHD from the ensuring-the-integrity-of-elections dept.
The National Academies Press has released a 156-page report, called "Securing the Vote: Protecting American Democracy," concluding that blockchains are not safe for the U.S. election system. "While the notion of using a blockchain as an immutable ballot box may seem promising, blockchain technology does little to solve the fundamental security issues of elections, and indeed, blockchains introduce additional security vulnerabilities," the report states. "In particular, if malware on a voter's device alters a vote before it ever reaches a blockchain, the immutability of the blockchain fails to provide the desired integrity, and the voter may never know of the alteration."

The report goes on to say that "Blockchains do not provide the anonymity often ascribed to them." It continues: "In the particular context of elections, voters need to be authorized as eligible to vote and as not having cast more than one ballot in the particular election. Blockchains do not offer means for providing the necessary authorization. [...] If a blockchain is used, then cast ballots must be encrypted or otherwise anonymized to prevent coercion and vote-selling." The New York Times summarizes the findings: The cautiously worded report calls for conducting all federal, state and local elections on paper ballots by 2020. Its other top recommendation would require nationwide use of a specific form of routine postelection audit to ensure votes have been accurately counted. The panel did not offer a price tag for its recommended overhaul. New York University's Brennan Center has estimated that replacing aging voting machines over the next few years could cost well over $1 billion. The 156-page report [...] bemoans a rickety system compromised by insecure voting equipment and software whose vulnerabilities were exposed more than a decade ago and which are too often managed by officials with little training in cybersecurity.

Among its specific recommendations was a mainstay of election reformers: All elections should use human-readable paper ballots by 2020. Such systems are intended to assure voters that their vote was recorded accurately. They also create a lasting record of "voter intent" that can be used for reliable recounts, which may not be possible in systems that record votes electronically. [...] The panel also calls for all states to adopt a type of post-election audit that employs statistical analysis of ballots prior to results certification. Such "risk-limiting" audits are designed to uncover miscounts and vote tampering. Currently only three states mandate them.

Blockchains Are Not Safe For Voting, Concludes NAP Report More | Reply

Blockchains Are Not Safe For Voting, Concludes NAP Report

Comments Filter:

  • Oh the irony (Score:4, Insightful)

    by the_skywise ( 189793 ) on Thursday September 06, 2018 @06:49PM (#57266466)

    All elections should use human-readable paper ballots by 2020. Such systems are intended to assure voters that their vote was recorded accurately. They also create a lasting record of "voter intent" that can be used for reliable recounts,

    Now I agree with this and am happy to move back to paper ballots - But the entire reason we moved away from paper ballots was because of the 2000 elections where Florida used punch cards and political officers kept trying to argue over "partial punches", "dimpled chads" and "dangling chads" where they tried to reassess what the voter's INTENT was.
    And, of course, let's not forget magical disappearing and appearing boxes of ballots.
    Any system can be hacked but the electronic one is harder to track hacking than the good ol' traditional methods with paper ballots.

    • Their have been academic papers proposing electronic system that would be safe, where you could verify that your vote was counted (IE received at the server.)

      In theory with open software, hardware, and multiple servers (again all open source) we could have a very robust electronic voting system. This would require a large project likely done with universities, and it may even be similar to some bitcoin concepts.

      The technology side is very solvable, getting the project started, past the politics, and accept

  • Key statement (Score:2, Insightful)

    by Anonymous Coward

    They key statement in the finding that most technology solutions fail to solve is this:

    "Such systems are intended to *assure* voters that their vote was recorded accurately."

    In the end, paper ballots may seem inefficient from a processing perspective, but that inefficiency becomes inherently difficult to tamper with and builds in systems for checks and recounts. The argument here is that blockchain is vulnerable before the data is stored in the blockchain, at the UI and the machine level, and blockchain th

    • Blanket arguments against computer algorithms for secure voting (or secure anything) are illogical, emotional, and flawed.

      People argue to the effect: Because many programs have been found to have a security flaw in either A) the algorithm mathematics and logical assumptions, or in B) the implementation, therefore ALL programs must have some flaw in A) or B) therefore there is no such thing is a secure computer program. That is just bullshit. It's incorrect, unsupported generalization from specific examples.

      • Ok, there's a stupid bug in slashdot apparently, not including my less-than sign.
        There. One bug.
        What's up with that. Let me try again. Hmm. There was a less-than in there just to the left of this sentence. That's lame on slashdot software's part.
        So you proved that ALL programs have bugs?
        Didn't think so.

  • Paper ballots are by far the most secure solution (Score:4, Insightful)

    by Seven Spirals ( 4924941 ) on Thursday September 06, 2018 @06:56PM (#57266484)
    Gimme a break. Use paper. Computers will be better tools for tabulating and processing the votes after they are cast, but it's tough to beat paper for a recount. Even paper has it's flaws, but the hand waving crypto-bullshit is pathetic "Oh but this counter signature will detect if the previous initialization vector was properly zeroed inside of the S-Box" *rolls eyes*. KISS baby. Things don't get more secure by making them more complex and I can't think of any way to make something more complex than to introduce computers. Computers are great at some things, ideal for some tasks: not for voting. They suck at that.

  • paper ballots (Score:1)

    by Anonymous Coward

    The only way you can have some measure of accountability while keeping votes anonymous.

  • Make a simple mark on a paper ballot indicating your vote, fold it, put it in a box.

    done

    Now theoretically you could bribe people who do the counting, but you'd have to bribe a *LOT* of people to make any kind of difference because each individual ballot box with the folded ballots contains but a tiny fraction of the number of votes, and nobody ever counts the ballots from more than one or sometimes two different boxes.

  • Blockchains are perfect, right? WRONG. And also right. They are mathmatically flawless BUT if you outprocess the rest of the network, you can finalize a block with whatever the hell you want in it. You can form a block that says you own all bitcoins, all transactions put them in your wallet, and you're also the queen of England. The reason this "51% attack" doesn't happen it because that amount of processing power doesn't exist. That many ASICs don't exist on Earth. But let's set up a separate blockchain an

    • Re: (Score:2)

      by Kaenneth ( 82978 )

      Even with a 51% attack, the Bitcoin blockchain is filled with digital signatures; noone but your own nodes would accept the blocks, and you would only be 'fooling' yourself.

      Electronic voting could only work if every citizen had their own private, secure, digital signature key. Which can't happen in the US because poor people can't afford them, and a certain party would never give anything for free, while the other would protect the poor.

  • The report goes on to say that "Blockchains do not provide the anonymity often ascribed to them." It continues: "In the particular context of elections, voters need to be authorized as eligible to vote and as not having cast more than one ballot in the particular election.

    It's who casts the vote. Before we even worry about Blockchain, we need to ensure people casting the ballots are legally eligible to vote. Guaranteeing a vote was cast is no more important than guaranteeing who cast the vote was eligible to actually cast that vote.

  • Let me start out saying 100% electronic voting is going to be a disaster, triply so when done remotely and not at a secure voting machine. But what most people don't realize is we currently use unencrypted images of paper ballots in many states as backups. These are very insecure. Why not use paper ballots for the primary method, blockchain for the electronic backups? This ultimately seems far more secure than what we are doing now. We also could use open source machines and have audits at each polling

Slashdot Top Deals

The hardest part of climbing the ladder of success is getting through the crowd at the bottom.

Close