General security

The Call for Online Voting: Are We Ready?

Daniel Brecht
May 19, 2016 by
Daniel Brecht

Nowadays, people can do anything online, even vote in elections. In fact, some form of remote electronic voting (e-voting) is taking place at this moment through some segment of the U.S. population engaging in this year's U.S. Presidential election. The majority of registered, eligible voters, however, will have to cast a paper ballot at normal poll centers' voting booths. The sealed boxes will not be opened until the close of the voting period when polling officials will carry out hand-tallying of all electors' votes. Preferences will either be recorded and counted by scrutineers using the good old manual technique or counted through scanning machines.

The use of electronic devices as well as of electronic voting machines in some states has already sped up operations in many ways. Many Americans, however, are wondering if, in an era in which technology is so pervasive and already employed in so many aspects of everyday life, full e-voting through the internet should be a possibility available to all eligible voters. Computer-aided vote counting has improved the tabulating task and not only while the possibility to scan and e-mail or fax a ballot has already helped many Americans in exercising their right. What many are asking for, though, is a simple "point, click and vote" electronic voting system to select the candidate of their choice. It sounds like a great idea, and most voters would welcome the change, but how far are we from the implementation of full online voting? Are there security, privacy and secrecy issues that favor conventional voting over electronic voting?

The Call for Online Voting

Paper ballot voting has already been complemented in many states and counties across America by the use of direct-recording electronic (DRE) voting machines. These alternative voting systems, that not necessarily use Internet connection have been in place well before the 2000 presidential election and have brought a small revolution in the electoral process. These machines have their advantages, as they make it faster to cast and count votes and ensure (at least in theory) more accurate results; however, they are subject to equipment failures, service disruptions and possible hacking of the systems and votes when online connections are used. A study by the Brennan Centre for Justice at New York University found that in 43 of 50 US states machine are outdated (10 years and older) and are at great risk of crashing on election days. Problems already occurred in the 2000 election when pilot state Florida saw its machine fail to punch through 170,000 ballot cards that were eventually unreadable and rejected. The study warns now that, 16 years later, outdated machine pose even higher risks. Many computerized devices that replaced punchcard machines run outdated software (in many California poll stations, machine run on Windows 2000), and in Virginia the wireless technology used was found prone to remote tampering. Replacing all machines, however, would cost a whopping $1 billion, and 22 out of 31 affected states declared they had no idea of how they could fund the expense.

Even though these simpler e-voting devices already present issues that seem to impair their widespread use, voters are still calling for new ways to cast their ballots. In an era when almost every information and service can be received via a smartphone, citizens wonder why such a simple act as voting cannot be performed through a Web portal or a mobile app. Voting via The Internet (I-voting) is appealing to many American voters who would love to skip long lines at polling centers and use their own equipment at home. Many, also, believe online voting would make it easier and convenient for all eligible voters to make their voice heard, thus possibly increasing participation rates.

Today, most states are not even considering the possibility of allowing all their registered voters to cast their ballots online. However, many allow some of their citizens to do it in specific circumstances. For example, voters who fall under the federal Uniformed and Overseas Citizens Absentee Voting Act (UOCAVA) are allowed in certain states to use full e-voting mostly to prevent the delays that might occur for regular mail coming from some overseas posts (for example a remote military base in Iraq or Afghanistan). Alabama, Alaska, Arizona, Missouri and North Dakota allow absentee voters to cast their ballot online (some only to military personnel stationed in hostile areas), while 20 states and the District of Columbia allow for scanning or faxing of ballots.

Since 2012, Alaska is the only state that opens e-voting to all of its citizens who can pick whether to use the web portal, e-mail or fax the ballot in. Voters choose how to cast their ballot; if opting to use the web portal they need to print the "voter certificate" and "identification sheet" and sign it in front of a witness, scan it and submit it online or via standard mail.

Concerns Surrounding Internet-based Voting

Hands down, electronic voting is the most convenient system for both voters (who need not travel to voting sites) and officials (who can easily have counts and voting statistics in real time); however, as it is easy to imagine, the same concerns that affect our daily usage of internet-connected devices affect tenfold the e-voting system.

The first concern is Privacy. Will ballots really be anonymous? Ways to make sure that the voters cannot be identified by officials must be ensured, as vote secrecy is an established value in democracy. Voters must be identified and verified somehow to prevent unauthorized participation by ineligible users or multiple ballots from one person; this could lead to the possible disclosure of their vote. Verifying the authenticity of a vote is difficult, and even voters might not be able to verify their own preference as, if preferences must be kept secret, once cast their association with a particular entry should be deleted

Next in line is definitely Security. Just as for any internet communication, there is always the possibility that the vote could be intercepted, recorded, changed or canceled by malicious hackers that could compromise the election and have access to PII info on the voter. Hackers could potentially, not only access records, steal information, change votes, but could also delete entire voting records or add fake ones.

Voting systems could also be the subject of direct attacks. Denial of service (DDoS) attacks could prevent votes from reaching the database, or malicious hackers could access data and tamper with the results. This could be done from anywhere in the world with consequences easy to imagine, and that could range from compromised elections to fraudulent passing of initiatives. The Verified Voting Foundation, Inc., a non-profit organization that promotes the "accuracy, integrity and verifiability" of elections in a digital age, notes that any attack could undermine the accuracy and credibility of the vote count it produces.

However, there are even more concerns linked to online voting; some more subtle. Phishing and spoofing are concrete possibilities in an environment where voters expect having to provide information for identity verification. Spoofing through fake voting websites, phishing and spear phishing (similar to that experienced by taxpayers every year around tax time with a surge of fake IRS-related e-mail requesting information) could deceive voters and trick them into revealing PIIs. Motives could be multiple, but whatever the reason, personal gain, monetary interests or political motives, the result could be the compromising of the vote, the exposure of voters' preferences or identity theft.

As real, full Internet voting is still not involving in a lot of populations; there are no reported major incidents. However, there have been some tests run in the past that have brought to life that show how important it is to heighten the security of e-electoral systems before implementing them in full scale. In 2010, the District of Columbia Board of Elections and Ethics tested an application to send ballots to voters through the internet. Two days after the opening the system was hacked, luckily not by malicious users but by a team of computer scientists from the University of Michigan led by Professor J. Alex Halderman. The team was able to collect 937 pages of names, addresses and PIN numbers of test voters and took full control of the application effectively showing that they could have easily changed the votes on ballots or revealed voters' choices. More alarmingly, they discovered in the process that real hacking attempts were being carried forward from China and Iran. The research on the D.C. Digital Vote-By-Mail (DVBM) System and the security analysis of the Secure Electronic Registration and Voting Experiment (SERVE) "pointed out many architectural and conceptual weaknesses that apply to remote Internet voting systems in general."

In addition, the possibility to compromise Internet-connected DRE machines has been analyzed with a few studies. In 2012, the Argonne National Laboratory conducted a security review of electronic voting machines and exposed how easy they were to hack. In another instance, another DRE system, the Diebold AccuVote-TS model, the most widely deployed electronic voting platform in the United States also faced fundamental security challenges; an independent study, entitled 'Security Analysis of the Diebold AccuVote-TS Voting Machine' by Princeton University, experts, in fact, found that the voting machine's hardware and software were susceptible to malicious code injection attacks, enabling voting-machine viruses.

Solutions to Online or Electronic Voting Systems

Securing an online voting system presents unique problems. Differently than online businesses like e-commerce, banks, and service companies, the government cannot account even for a limited amount of data loss or fraud; systems need to be virtually foolproof to protect users' information and, above all, the secrecy of the ballots. The privacy of voters must be protected while still ensuring non-repudiation, verification, and integrity of each ballot.

In countries like Estonia, a forerunner when it comes to online elections, citizens have been issued documents with microchips that allow for the use of cryptographic keys that enable voters to sign their ballots digitally. Readers for the cards are necessary as well as two servers on the receiving side: one collects the votes, and one counts them at the end of the elections thanks to a decryption key. The system is safe as long as no one attempts to compare the two databases and match citizens' identity to the vote cast.

A "Safe Election via the Internet" could be possibly achieved through a blind digital signature that functions as an electronic certificate so it can be used to authenticate the voter at the time of casting the vote without revealing its contents. This solves the issues of confidentiality of electronic votes while still allowing verification of eligibility. Voters select a code that is unknown to anyone including the electoral commission. They connect to an electoral systems server first to issue a card and then to cast the vote. If codes are published at the end of the election, it would be possible for voters to make sure their preference has been properly counted and attributed.

A number of companies are now offering solutions for e-voting systems, and different states are implementing them or considering fully-customizable open software. Off-the-shelf products might offer more security features but might provide less control to the government regarding customization, data handling, and safety. One of the main issues will be the standardization; from a logistical point of view, this also opens a new range of problems: experts will need to provide ways for the different infrastructures now in place in hundreds of counties, regions, states to communicate while still ensuring the same level of security. Also, there is also the problem of taking into consideration the security of the systems (personal computers or mobile devices) that will eventually interact with the e-voting apparatus. Online voting in major elections either done electronically or via the Internet as it exists today raises concerns and makes Americans wonder if paper ballots are, in actuality, more practical in the long run, says David Jefferson, former chairman of the technical committee of the California Internet Voting Task Force, who said "no matter how secure the Internet voting servers, voters' own computers would still be vulnerable to hackers."

Conclusion

In a recent speech at the South By Southwest Interactive in Texas, President Obama expressed his support to initiatives that allow for easier voting and increased participation to election days: "We take enormous pride in the fact that we are the world's oldest continuous democracy, and yet we systematically put up barriers and make it as hard as possible for our citizens to vote. And it is much easier to order pizza or a trip than it is for you to exercise the single most important task in a democracy, and that is for you to select who is going to represent you in government. […] And so one of the things that we're doing is engaging folks who are already doing interesting work in the online space, how can we create safe, secure, smart systems for people to be able to vote much easier online, and what are the technologies to help people get aware of what they're voting about, who they're voting for."

It appears that much needs to be done regarding securing government systems, machines, and networks that will need to be employed to give voters confidence in e-voting. Computerized voting technology is evolving from the times of the punch card voting systems and computer tally machines to Internet voting from secure kiosks installed in public areas and direct recording electronic (DRE) voting mechanisms for use in Federal elections. Moving forward in the field of electronic voting, the DRE-based elections system has brought technological advancement in elections: voters make their selection on touch-screens, and their entry is then stored in memory until it is ready to be then transmitted to the county Board of Elections (BOE) servers, or a central tabulation server. We are still far, however, from voting through home computers and mobile devices in the entire United States. So how are Americans going to vote in future presidential elections? Will it be through mail, through ballots cast via electronic channels (fax, email and Internet portals) or through electronic voting machines, if not in-person on Election Day?

While the Internet is eventually bound to play a major role in future voting in elections, there are still concerns for its safety, and not all stakeholders (including voters) feel confident that e-voting or i-voting is still safe enough for generalized use. Changes to the hardware and software of voting machines, as well as implementing audit trails could help circumvent these problems. Time will tell if election software and systems will be able to resolve the security and privacy concerns and make the system more reliable and allow for e-voting through a system that is verifiable and that will permit post-election auditing to seek out the validity and accuracy of the ballot results, all the while showing transparency and accountability.

References

Bagga, A. (2016, February 16). Pros and Cons of Online Voting. Retrieved from http://www.buzzle.com/articles/pros-and-cons-of-online-voting.html

Bisson, D. (2014, November 4). Security Challenges Make U.S. Online Voting a Pipe Dream. Retrieved from http://www.tripwire.com/state-of-security/government/security-challenges-make-u-s-online-voting-a-pipe-dream/

Boyle, A. (2003, December 29). E-voting firm reports computer break-in. Retrieved from http://www.nbcnews.com/id/3825143#.VyCCk-Rf2Uk

Catone, J. (2012, October 02). How Close Are We to Internet Voting? Retrieved from http://mashable.com/2012/10/02/internet-voting/#F.7RDxospZqZ

Halderman, J., Feldmen, A., & Felten, E. (2006, September 13). Security Analysis of the Diebold AccuVote-TS Voting Machine. Retrieved from https://jhalderm.com/pub/papers/ts-evt07-init.pdf

Halderman, J., Wolchok, S., Wustrow, E., & Isabel, D. (2012, February). Attacking the Washington, D.C. Internet Voting System. Retrieved from https://jhalderm.com/pub/papers/dcvoting-fc12.pdf

Kelleher, W. (2013, July). Internet Voting in the USA: History and Prospects; or, … Retrieved from https://www.supportthevoter.gov/files/2013/07/William-Kelleher-Internet-Voting-WPSA-Paper-July-9th.pdf

Lee, T. (2012, October 23). Why e-voting is on the decline in the United States. Retrieved from http://www.wired.co.uk/news/archive/2012-10/23/e-voting-on-the-decline

Millward, D. (2015, September 16). US election 2016: out of date voting machines spark fears of another hanging chad fiasco. Retrieved from http://www.telegraph.co.uk/news/worldnews/northamerica/usa/11867608/US-election-2016-out-of-date-voting-machines-spark-fears-of-another-hanging-chad-fiasco.html

National Conference of State Legislatures. (2016, March 22). Electronic Transmission of Ballots. Retrieved from http://www.ncsl.org/research/elections-and-campaigns/internet-voting.aspx

Norden, L. & Famighetti, C. (2015, September 15). America's Voting Technology Crisis. Retrieved from http://www.theatlantic.com/politics/archive/2015/09/americas-voting-technology-crisis/405262/

ProCon.org. (n.d.). Do Electronic Voting Machines Improve the Voting Process? Retrieved from http://votingmachines.procon.org/

Smith, J. (2016, January 19). Online Voting Is the Future — And It Could Lead to Absolute Disaster. Retrieved from http://mic.com/articles/132474/online-voting-is-the-future-and-it-could-lead-to-absolute-disaster#.xTaO3y8Ke

Steele, C. (2012, November 5). Online Voting: What It Means for the Presidential Election. Retrieved from http://www.pcmag.com/article2/0,2817,2411738,00.asp

The Pew Charitable Trusts. (2010, October 22). D.C. Hacking Raises Questions About Future of Online Voting. Retrieved from http://www.pewtrusts.org/en/research-and-analysis/blogs/stateline/2010/10/22/dc-hacking-raises-questions-about-future-of-online-voting

The White House. (2016, March 11). Remarks by the President at South By Southwest Interactive. Retrieved from https://www.whitehouse.gov/the-press-office/2016/03/14/remarks-president-south-southwest-interactive

Verified Voting Foundation, Inc. (n.d.). Election Systems and Software (ES&S) AutoMARK. Retrieved from https://www.verifiedvoting.org/resources/voting-equipment/ess/automark/

Verified Voting Foundation, Inc. (n.d.). Internet Voting. Retrieved from https://www.verifiedvoting.org/resources/internet-voting/

FREE role-guided training plans

FREE role-guided training plans

Get 12 cybersecurity training plans — one for each of the most common roles requested by employers.

von Spakovsky, H. (2015, July 14). The Dangers of Internet Voting. Retrieved from http://www.heritage.org/research/reports/2015/07/the-dangers-of-internet-voting

Daniel Brecht
Daniel Brecht

Daniel Brecht has been writing for the Web since 2007. His interests include computers, mobile devices and cyber security standards. He has enjoyed writing on a variety of topics ranging from cloud computing to application development, web development and e-commerce. Brecht has several years of experience as an Information Technician in the military and as an education counselor. He holds a graduate Certificate in Information Assurance and a Master of Science in Information Technology.