On Blockchain Voting – Security Boulevard

Blockchain voting is an incredibly stupid idea for a variety of reasons. I have generally quoted Matt Blaze:

Why is blockchain voting a stupid idea? I’m glad you asked.

For beginners:

  • It does not solve any problems that civil elections actually have.
  • It is fundamentally incompatible with “software independence” which is considered an essential property.
  • It can make electoral secrecy difficult or impossible.

I also mentioned this XKCD comic.

But now I have this excellent paper from MIT researchers:

“Going from bad to worse: from Internet voting to blockchain voting”
Sunoo Park, Michael Specter, Neha Narula and Ronald L. Rivest

Abstract: Voters are understandably concerned about electoral security. News reports of possible election interference by foreign powers, unauthorized voting, deprivation of voting rights, and technological failures question the integrity of elections around the world. This article examines suggestions that “voting on the internet” or “voting on the blockchain” would increase electoral security and finds those claims lacking and misleading. While current electoral systems are far from perfect, internet and blockchain-based voting would greatly increase the risk of nationally undetectable election failures. Online voting can seem tempting – voting from a computer or smartphone can seem convenient and accessible. However, studies have been inconclusive, showing that online voting could have little or no effect on voter turnout in practice and could even increase civil rights deprivation. More importantly: Given the current state of cybersecurity, any increase in turnout from internet-based or blockchain-based voting would come at the cost of losing significant certainty that votes were counted as they were cast and not altered or discarded. imperceptibly. This state of affairs will continue as long as standard tactics such as malware, zero days, and denial-of-service attacks continue to be effective.This article analyzes and systematizes previous research on the security risks of online and electronic voting and shows that it does not only these risks persist in blockchain-based voting systems, but blockchains can introduce further problems for voting systems. Finally, we suggest questions to critically assess the security risks of the new voting system proposals.

You may have heard of Voatz, which uses the blockchain for voting. It’s an insecure mess. And this is my general essay on the blockchain. Brief summary: it is completely useless.

*** This is a Security Bloggers Network syndicated blog by Schneier on security and written by Bruce Schneier. Read the original post at: https://www.schneier.com/blog/archives/2020/11/on-blockchain-voting.html

Source link