New research from MIT says a decentralized protocol is a must for secure online voting, however the current online voting platform is too centralized and vulnerable.
The pandemic has forced many companies to move their operations online. It has also brought the question of online voting to the forefront of conversation in the United States, which is facing an election year.
According to a June 7 paper from researchers at the Massachusetts Institute of Technology and University of Michigan, Democracy Live’s popular online voting platform, OmniBallot, is vulnerable to vote manipulation. Many states have tried OmniBallot, which uses Amazon Web Services to lock in votes, but it has faced security issues. A more decentralized online voting is part of the solution to protect ballots, the researchers say.
Cryptographic end-to-end verifiability plays a key role
The researchers believe that a decentralized approach in which a voter does not need to trust a particular client device or official election software or servers is essential for secure remote voting.
As a solution, the researchers put forward an end-to-end verifiability protocol like cryptographic E2E-V. They say such a protocol would allow each voter to independently check whether their vote is correctly recorded and included in the election result. They emphasis that:
“Although experts hold that E2E-V should be a requirement for any Internet voting system, they simultaneously caution that “no Internet voting system of any kind should be used for public elections before end-to-end verifiable in-person voting systems have been widely deployed and experience has been gained from their use”
Online voting platform vulnerability
Studies found out that the OmniBallot platform’s simplistic web-based approach system and its extensive usage of third-party services and infrastructure is putting voters’ privacy and vote accuracy in jeopardy.
OmniBallot reportedly has no intention to seek any decentralized solution. The protocol it uses provides no way for anyone to verify that accuracy of the ballout sections. This will lead cyberattackers to gain control of the platform and change recorded votes without anyone even noticing.
In order to make votes more accessible to all, OmniBallot has turned the traditional voting of letting voters print ballouts and returning it through the mail to allowing voters to return their ballouts online. This web-based system handles blank ballot delivery, ballot marking, and online voting.
As Cointelegraph reported previously, Congress is looking into developing a blockchain-based end-to-end encrypted system to allow remote Senate voting.