National Academy of Sciences study: Blockchain may make voting more vulnerable

While the General Assembly contemplates how Blockchain might solve some undefined problem in our voter registration system, we point to a National Academy of Sciences study Securing the Vote, Protecting American Democracy <view> starting on page 103:

While the notion of using a blockchain as an immutable ballot box may seem promising, blockchain technology does little to solve the fundamental security issues of elections, and indeed, blockchains introduce additional security vulnerabilities. In particular, if malware on a voter’s device alters a vote before it ever reaches a blockchain, the immutability of the blockchain fails to provide the desired integrity, and the voter may never know of the alteration. Blockchains are decentralized, but elections are inherently centralized. Although blockchains can be effective for decentralized applications, public elections are inherently centralized—requiring election administrators define the contents of ballots, identify the list of eligible voters, and establish the duration of voting…

As they point out lists of eligible voters is also a central function, subject to the same limitations to “to solve the fundamental security of elections.

While it is true that blockchains offer observability and immutability, in a centralized election scenario, observability and immutability maybe achieved more simply by other means. Election officials need only, for example, post digitally signed versions of relevant election-related reports for public observation and download. Ballots stored on a blockchain are electronic. While paper ballots are directly verifiable by voters, electronic ballots (i.e., ballots on a blockchain)
can be more difficult to verify. Software is required to examine postings on blockchain. If such software is corrupted, then verifiability may be illusory. Software independence is not, therefore, achieved through posting ballots on a blockchain…

The blockchain abstraction, once implemented, provides added points of attack for malicious actors…Furthermore, blockchain protocols generally yield results that are a consensus of the miners/stakeholders. This consensus may not represent the consensus of the voting public. Miners/stakeholders with sufficient power might also cause confusion and uncertainty about the state of a blockchain by raising doubts about whether a consensus has been reached…

Blockchains do not provide the anonymity often ascribed to them. In the particular context of elections, voters need to be authorized as eligible to vote and as not having cast more than one ballot in the particular election. Blockchains do not offer means for providing the necessary authorization. Blockchains do not provide ballot secrecy.



Leave a Reply

You must be logged in to post a comment.