Why security experts hate that “blockchain voting” will be used in the midterm elections
Voting in West Virginia just got a lot more high-tech—and experts focused on election security aren’t happy about it.
Recommended for You
This fall, the state will become the first in the US to allow some voters to submit their federal general election ballots using a smartphone app, part of a pilot project primarily involving members of the military serving overseas. The decision seems to fly in the face of years of dire warnings about the risks of online voting issued by cybersecurity researchers and advocacy groups focused on election integrity. But even more surprising is how West Virginia officials say they plan to address those risks: by using a blockchain.
The project has drawn harsh criticism from election security experts, who argue that as designed, the system does little to fix the problems inherent in online voting.
This piece first appeared in our twice-weekly newsletter Chain Letter, which covers the world of blockchain and cryptocurrencies. Sign up here—it’s free!
We first heard of the West Virginia pilot in May, when the state tested a mobile app, developed by a startup called Voatz, during primary elections. The test was limited to overseas voters registered in two counties. Now, citing third-party audits of those results, officials plan to offer the option to overseas voters from the whole state. Their argument is that a more convenient and secure way to vote online will increase turnout—and that a blockchain, which can be used to create records that are extremely difficult to tamper with, can protect the process against meddling.
But that premise has been controversial from the start. After two fellows from the Brookings Institution penned an essay praising West Virginia for pioneering the use of blockchain technology in an election, Matt Blaze, a cryptography and security researcher at the University of Pennsylvania, pushed back hard. It’s not that blockchains are bad, said Blaze, who testified (PDF) before Congress last year on election cybersecurity. It’s that they introduce new security vulnerabilities, and securing the vote tally against fraud “is more easily, simply, and securely done with other approaches,” he said.
Blaze and many other election cybersecurity experts oppose online voting of any kind because, they feel, it’s fundamentally insecure. Although a number of countries have embraced the practice, in 2015 a team of cryptographers, computer scientists, and political scientists looked closely (PDF) at the prospect of internet voting in the US and concluded that it was not yet technically feasible. Protecting connected devices against hacking is hard enough, and, even if that could be achieved, developing an online system that preserves all the attributes we expect from democratic elections would be incredibly difficult to pull off.
The Voatz system uses biometric authentication to identify individual users before allowing them to mark an electronic ballot, and the votes are then recorded in a private blockchain. The company says that in a general election pilot, its system will use eight “verified validating nodes,” or computers (all controlled by the company) that algorithmically check that the data is valid before adding it to the chain.
The system isn’t so much a blockchain-based app as it is a mobile app with a blockchain attached, says Marian K. Schneider, president of Verified Voting. The blockchain can’t protect the information as it travels over the internet, and doesn’t guarantee that a user’s choices will be reflected accurately. “I think they’ve made a lot of claims that really don’t justify any increased confidence in what they are doing versus any other internet voting system,” Schneider says.