A scathing report from researchers at the Massachusetts Institute of Technology (MIT) has noted moving from internet voting to blockchain-based voting may be ‘going from bad to worse.’
The paper was authored by Neha Narula, director of MIT’s digital currency initiative (DCI), Sunoo Park, Ronald L. Rivest, one of the creators of RSA encryption, and Michael Specter. The authors argued studies were ‘inconclusive’ with regard to online voting, potentially even increasing disenfranchisement. Ensuring votes were logged on a blockchain would not solve this, the researchers noted.
“Given the current state of computer security, any turnout increase derived from with internet- or blockchain-based voting would come at the cost of losing meaningful assurance that votes have been counted as they were cast, and not undetectably altered or discarded,” the paper explained. “This state of affairs will continue as long as standard tactics such as malware, zero days, and denial of service attacks continue to be effective.”
Describing the ‘surprising power of paper’, the researchers cautioned against ‘throwing the baby out with the bathwater, saying cryptocurrencies have fewer risk-absorption mechanisms than traditional banking, with no third party to provide relief. Online voting, the paper added, was a starkly different ‘and much harder’ security problem to solve than online shopping or banking.
Companies who are trying to make a success of blockchain-based voting include Voatz, FollowMyVote, and Votem. Voatz, as readers of this publication will recall, said in August that its platform complied with federal guidelines, per a commissioned report by Pro V&V.
For the most recent US presidential election, AP News distributed race calls to Everipedia, a Wiki-based online encyclopaedia which uses EOS to generate edits and store information. The latter was for confirming results in, rather than dealing with the actual voting process.
The MIT report ultimately came to three conclusions, adding that blockchain-based voting methods ‘fail to live up to their apparent promise’:
- Blockchain technology does not solve the fundamental security problems suffered by all electronic voting systems
- Electronic, online and blockchain-based voting systems are more vulnerable to serious failures than available paper-ballot-based alternatives
- Adding new technologies to systems may create new potential for attacks
“I haven’t yet seen a blockchain system that I would trust with a county-fair jellybean count, much less a presidential election,” commented Rivest, as affirmed by DCI.
You can read the full report here (pdf, no email required).