Voting is usually a notable event for any country. And the paper-based system, working in most cases, is not a modern way to hold the voting process. Digital voting employs electronic devices, like voting machines (e-voting) or web browser (i-voting), to cast votes.
The main concern of digital voting was always its security. When such monumental decisions are at stake, there must be no doubt about data security and system defense against potential attacks. Here comes the blockchain technology – it can solve security issues and provide a high level of data safety.
Existing Digital Voting System Example
Estonia started to vote using the digital i-voting system in 2005 for the first time, then in 2007, and during the 2015 parliamentary election. 30.5% of all votes were made through the national i-voting system. This system uses citizen’s national ID card, containing the unique encrypted files for identifying its owner, and allowing to carry out online and electronic activities such as:
- online banking services,
- sign documents with the digital signature,
- access information on government databases,
- cast a vote in the i-voting system.
The process of voting in short:
- The voter inserts his/her card into a card reader, then access the voting website on a computer, or access it via mobile phone in case of having the specific SIM card.
- A voter enters a PIN code, then waits for eligibility check results.
- After receiving the confirmation of eligibility, voters may cast or change their vote up until four days before election day.
- Voter submits his or her vote, then it’s forwarded through the public server to the storage server, where it is encrypted and stored until the end of the voting period.
- All identifying information is cleaned from the vote, encrypted, and transferred with DVD to a vote counting server. This server is disconnected from all networks.
Vote counting server decrypts then counts votes and outputs results. Each stage of the i-voting process is logged and audited.
Image 1. Estonian Digital I-Voting System
Source: R. Verbij, “Dutch e-voting opportunities.” Master thesis, University of Twente, 2014
Potential risks of such an i-voting system
- It is centralized, thus, and there is always a risk of a malware attack on the client-side, for instance, intercepting the user’s voting information and changing their vote then.
- Another risk is the direct infection of the DVD (supposed to transfer voting information) by some malware.
Blockchain Technology offers security, transparency, and trust for digital voting
Blockchain provides trust
A blockchain-based voting system must allow casting votes directly onto the blockchain to ensure a steady verification process. This approach assures voters that their votes were counted. Also, independent auditors can check the system integrity at any stage.
Blockchain voting system pros:
- zero votes are lost or modified after casting onto the blockchain,
- high resilience to DDOS attacks,
- no centralization, able to grant malware infection,
- the output is available as soon as the election ends.
Blockchain provides privacy with zero-knowledge cryptography
Zk-SNARK (aka “Zero-Knowledge Succinct Non-Interactive Argument of Knowledge”) is proof constructions, allowing the prover to prove the verifier that the statement is true without revealing any information beyond the validity of the statement and without any interaction between the prover and the verifier.
For example, with a digital voting system, a zk-SNARK could allow a voter to pass the verification of belonging to the census and cast a vote after this without revealing their identity, and with a permit to trace their vote by others. This way, we could have a blockchain-enabled end-to-end solution, where we’ve got a ballot without any signature (no tracing back to an address possibility) and completely verifiable at once. On top of that, a voter doesn’t pay any fees, so no token is involved.
What blockchain-powered digital voting system won’t fix
- Accessibility and universal authentication: both require involving government and complex technological solutions. These issues might be resolved by running iterated pilot projects, plus investing in secure authenticating mechanisms.
- The user client app safety and security: this bottleneck of a digital voting system would likely require the trust in a particular operating system and the app implementation.
The first examples of blockchain digital voting already exist and have been successfully tested. For instance, Vocdoni, an open-source project, bringing cutting-edge solutions to decentralized voting problems. It is publicly available and successfully field-tested on organizations, including one of the European cultural organizations with 200.000 voters.
- Existing e-voting and i-voting systems are centralized, and this opens the way to cybersecurity attacks.
- A blockchain-based digital voting system may provide the solution to the trust and privacy dilemma, plus resolve the issues of resilience to attacks.
- Digital voting systems employing blockchain won’t fix all issues and can’t be 100% secure since it depends on involving governments, third-party OS, and the user client app developers. Still, the blockchain-based voting system is more secure and trusted than physical voting.