Government News

MIT, Harvard experts warn against blockchain voting


The current American political climate has made voting particularly topical this month, with the COVID-19 pandemic making in-person voting a daunting and even deadly task. While Estonia has supported electronic voting since 2005, other nations are increasingly tempted to explore alternative solutions, even Blockchain and distributed ledger technology (DLT). However, a recent draft study titled ‘Going from Bad to Worse: From Internet Voting to Blockchain Voting’ written by technology experts from MIT and Harvard, recommends the opposite.

In regards to just electronic voting, these systems are seen as extremely vulnerable, for example through system attacks or device exploitations. This is where a bad actor modifies hardware, software, or any other equipment to access the system or its information. In a voting environment, these actors may have total control over the voting systems and user interactions. Attacks can be extremely cheap to execute and scalable, and so can be used many times once developed. Most importantly, these can be executed in an almost entirely undetectable manner.

This is where one might think the security capabilities of Blockchain and DLT could solve the problem. But Blockchain poses multiple issues on its own.

Firstly, Blockchain only works if everyone agrees to it working. Suppose a significant number of voters and miners decide to disrupt the system. In that case, they could potentially create multiple versions of a blockchain, confusing users as to which one is the correct chain.

Furthermore, Blockchain does not appear to seamlessly adhere to secure voting system requirements, including a secret ballot and the voter’s ability to verify their selection. 

The authors also point out that in permissioned blockchains, there are often fewer servers compared to large pubic blockchains. Fewer servers increase the possibility of all of them becoming compromised, ‘especially if they run on the same operating system or run the same software.’

Another issue is key management. If a voter loses their private key, they won’t be able to vote. If a bad actor gains access to that key, they can vote for the user without anyone knowing it. There are examples where cryptocurrency users lost their private keys and, therefore all their cryptocurrency. The authors also reference the 2014 Mt Gox hack, where the exchange lost around $460 million worth of cryptocurrency due to poor key management.

Then, of course, the very devices and network infrastructures used to access the blockchain-based voting system, like a mobile phone, can be subject to vulnerabilities. The authors argue that Blockchain just ends up creating more issues, such as additional software complexity and challenges with bug fixing. Due to Blockchain’s decentralized nature, changing any protocol to address vulnerabilities takes much more time and effort than centralized systems.

The article summarizes its findings:

  1. “Blockchain does not solve the fundamental security problems suffered by all electronic voting systems.
  2. Electric, online, and blockchain-based voting systems are more vulnerable to serious failures than available paper-ballot-based alternatives.
  3. Adding new technologies to systems may create new potential for attacks.”

These findings might not come as a surprise. MIT researchers released a report this February identifying multiple security vulnerabilities in Voatz’s blockchain-based election voting app, which would allow ‘adversaries to alter, stop, or expose a user’s vote.’ Despite this, in July this year, a certified Voting System Test Laboratory, Pro V&V, gave Voatz an endorsement in its compliance with the voting system federal law.

In the same month, Russian citizens in Moscow and Nizhny Novgorod had the opportunity to vote electronically on a constitutional change, the technology was based on Blockchain. However, the web portal for the remote voting ended up crashing, and Russian press reporting voter details had been stolen.

The MIT authors argue that electronic voting in and of itself is so inherently vulnerable to serious security flaws that it may even ‘undermine election integrity – and thereby, democratic legitimacy’.