Ballot Blockchain mobile raises voting security questions

The smartphone vote will have a test during the US elections in November. In the context of a new pilot program, West Virginia has partnered with Voatz, a technology startup based in Boston, to allow some members of the army stationed overseas to transmit cards with devices connected to a system of registration of the votes enabled to the blockchain.

experts had mixed reactions to the plan, with some saying that blockchain technologies are not yet ready for important tasks such as voting security. But the defenders argue that the pilot program will allow veterans stationed in remote places to make their voices heard during the mid-term elections, provided that adequate security measures are put in place.

Is Blockchain ready for the big moment?

Joseph Lorenzo Hall, chief technician of the Center for Democracy and Technology, a group for digital rights, believes that the vote on smartphones is too little used during the election of this year.

"I do not know why everyone's solution is ultimately" rubs some blockchain on it ", he said." Blockchain voting methods generally mean you're voting on the Internet – which is a horribly bad idea – and engaging encrypted votes on the blockchain. "

Current cryptography schemes will be interrupted in the coming years, predicted by Hall, meaning a secret run-off this year could become public domain in the future.

"Imagine if you are a uniformed military officer abroad, excited to be able to run a run-off … using a remote blockchain voting system. So imagine that in 20 years, the entire content of your vote is decryptable and publicly available. You could risk the ridicule or other types of kickbacks from your vote 20 years ago. "

Given these risks, Hall urged caution, emphasizing that the voting process is not something to be handled before conducting a" serious and profound investigation and interrogation. "

The advantages of the blockchain-based run-off [19659004] West Virginia Secretary of State Mac Warner, on the other hand, defended the pilot program According to Mike Queen, Warner's deputy chief of staff, the retired Army officer had not been in able to vote during his deployments, and wants to provide the army members with better opportunities.

During a tour in Afghanistan, Queen noticed that Warner did not have access to a telephone line or a mailbox, which means that he was excluded from voting in previous elections Many other soldiers and women face the same problem During the general election of 2016, military members and other US citizens living abroad or about 930,000 absentee ballots required, 68.1% of which were returned, according to the US Election Assistance Commission.

This is not the first vote for smartphone and blockchain trial for West Virginia. A smaller pilot allowed veterans of two counties to vote on smartphones during the May primary election, but, as noted by Queen, less than 20 did.

Given the May numbers, officials do not expect a large portion of veterans to participate in the November process. According to Queen, the November pilot project will allow foreign military personnel from around 15 West Virginia counties to vote on smartphones.

How can governments address security challenges?

Even so, the next trial will employ other security measures in addition to blockchain. The voting system will use two-factor authentication (2FA) – fingerprints and facial recognition – to identify and verify voters, Queen said.

"We are not suggesting that the blockchain is 100% safe," he said, but blockchain, combined with other security measures, "is as safe as possible"

Some blockchain experts believe that system security voting will largely depend on its implementation and the ability to identify the correct user of a given device. They claim that a blockchain established using multiple distributed nodes, they argue, should make the voting system compromise extremely difficult.

With a robust blockchain, user authentication could be the most crucial security measure, said Andre McGregor, global investment partner and consulting firm TLDR Capital and a former agent special cyber of the FBI.

"While it is exciting to see the blockchain used in a very public and necessary environment like the elections, we need to realize that the security compromise will almost always be due to the end-user – or, in this case, the elector, "said McGregor. "Voting interception malware is a real concern." The biometric compromise of a false voter is even more worrying. "

It would also be possible for an authenticated voter to send his phone to someone else for the vote, he said. This is "the digital equivalent of having someone else enter the voting booth under your name," McGregor added.

"The ease with which a mobile phone vote can transfer hands in a fraction of a moment could greatly undermine the voting process and could even question a candidate's victory."

But while some blockchain of cryptocurrency manage thousands of nodes, Voatz will provide "up to 16 nodes" for the voting pilot. However, Voatz said the system is safe, with its voting app subjected to "frequent and rigorous testing by the red team" by independent security auditors.

Even a blockchain system with only 16 nodes would be extremely difficult to compromise, as long as the nodes are set up securely, said Kyle Fournier, crypt analyst at the blockchain training provider CryptoManiaks. The standard compromise of the blockchain, called the 51% attack because the attackers should have taken more than half the system's nodes, would be difficult if the nodes were tested and verified against the rules of the system, he said.

"For a 51% attack that occurs on a 16-knot blockchain, a bad actor should gain control of at least nine knots, assuming that the nodes share the same responsibility," Fournier said. "If the servers used as nodes were verified in real sense, I would say that a 51% attack should not be feasible."

What does the future hold for the vote based on Blockchain?

Fournier said he sees the potential in the vote based on the blockchain.

"Our current method of voting is not simply good enough," he said. "Requiring people to move to physical locations causes a low turnout, hand counting is slow, and even if bringing the online process seems to open up to hacking, hacking already exists in the way we do things now. "

However, Jeff Anderson, a blockchain expert and certified security professional, has suggested it may be too early to move towards smartphone ratings via blockchain. The vote based on the blockchain will require a lot of training to help voters ensure that their votes are properly recorded, he said.

Technology may be ready in five to ten years, when more people will feel comfortable with the blockchain, Anderson added. [19659002] "Blockchain is still an incredibly precocious technology," he said. "The vote is something we want to guarantee is done on tested platforms."

Source link