MIT cybersecurity experts do not trust blockchain-based voting systems

“I haven’t yet seen a blockchain system that I would trust with a county-fair jellybean count, much less a presidential election.”

While certain parties in the United States continue to challenge the integrity of the election process, a group of researchers is advocating against using Internet-based and blockchain-based voting systems in the future.

According to a Nov. 16 report from researchers at the Massachusetts Institute of Technology’s Computer Science and Artificial Intelligence Laboratory, relying on blockchain voting technology is not a reliable means of promoting greater turnout and may increase the risk of hackers tampering with elections.

The cybersecurity team of Sunoo Park, Michael Specter, Neha Narula and Ronald L. Rivest concluded that blockchain was “unsuitable for political elections for the foreseeable future” when compared with software-independent methods including voting in person and mail-in ballots. Some of the concerns they raised were the potential lack of ballot secrecy — traceable on the blockchain — and the lack of auditing in the event of a contested race.

“While current election systems are far from perfect, blockchain would greatly increase the risk of undetectable, nation-scale election failures,” said Rivest, an MIT professor and the senior author of the report. “Any turnout increase would come at the cost of losing meaningful assurance that votes have been counted as they were cast.”

The researcher continued:

“I haven’t yet seen a blockchain system that I would trust with a county-fair jellybean count, much less a presidential election.”

The team argues one of the main differences when using blockchain technology for a democratic process like voting versus financial transactions is that when hacks or fraud occurs, financial institutions sometimes have methods to compensate victims for their losses. Credit card companies can reimburse funds, and even some crypto exchanges have been able to freeze tokens associated with a hack.

“For elections there can be no insurance or recourse against a failure of democracy,” the report states. “There is no means to make voters whole again after a compromised election.”

Blockchain-based voting also invites opportunities for “serious failures” according to the MIT team. For instance, should hackers find a way to attack votes without being caught, then authorities would essentially have to hold an entirely new election for reliable results. A blockchain-based voting system with just a single point of attack could potentially provide hackers with the ability to alter or remove millions of votes, whereas “destroying a mail-in ballot generally requires physical access.”

Many countries are trying to further integrate blockchain technology into the voting process following small-scale deployments. Russia’s blockchain-based voting system on Vladimir Putin’s term limit reportedly did not allow for ballot secrecy, as users and third parties could decipher votes before the official count.

In February, a different MIT team — which included researcher Michael Specter — released a report identifying security vulnerabilities within the blockchain-based voting app Voatz. However, both the Democratic and Republican parties used the app for voting at conventions prior to the general election this year, and Utah reportedly allowed certain residents to cast their ballots in the presidential election using Voatz.

“Democracy — and the consent of the governed — cannot be made contingent on whether some software correctly recorded voters’ choices,” said Rivest.

Cointelegraph reached out to Voatz for comment, but had not receive a response at the time of publication.

Learn more

Be the first to comment

Leave a Reply