Hello,

We noticed you're browsing in private or incognito mode.

To continue reading this article, please exit incognito mode or log in.

Not an Insider? Subscribe now for unlimited access to online articles.

  • Ms. Tech; People illustrations by Thomas Helbig, DE | Noun Project
  • Connectivity

    Why security experts hate that “blockchain voting” will be used in the midterm elections

    It’s too dangerous to conduct elections over the internet, they say, and West Virginia’s new plan to put votes on a blockchain doesn’t fix that.

    Voting in West Virginia just got a lot more high-tech—and experts focused on election security aren’t happy about it.

    This fall, the state will become the first in the US to allow some voters to submit their federal general election ballots using a smartphone app, part of a pilot project primarily involving members of the military serving overseas. The decision seems to fly in the face of years of dire warnings about the risks of online voting issued by cybersecurity researchers and advocacy groups focused on election integrity. But even more surprising is how West Virginia officials say they plan to address those risks: by using a blockchain.

    The project has drawn harsh criticism from election security experts, who argue that as designed, the system does little to fix the problems inherent in online voting.

    This piece first appeared in our twice-weekly newsletter Chain Letter, which covers the world of blockchain and cryptocurrencies. Sign up hereit’s free!

    We first heard of the West Virginia pilot in May, when the state tested a mobile app, developed by a startup called Voatz, during primary elections. The test was limited to overseas voters registered in two counties. Now, citing third-party audits of those results, officials plan to offer the option to overseas voters from the whole state. Their argument is that a more convenient and secure way to vote online will increase turnout—and that a blockchain, which can be used to create records that are extremely difficult to tamper with, can protect the process against meddling.

    But that premise has been controversial from the start. After two fellows from the Brookings Institution penned an essay praising West Virginia for pioneering the use of blockchain technology in an election, Matt Blaze, a cryptography and security researcher at the University of Pennsylvania, pushed back hard. It’s not that blockchains are bad, said Blaze, who testified (PDF) before Congress last year on election cybersecurity. It’s that they introduce new security vulnerabilities, and securing the vote tally against fraud “is more easily, simply, and securely done with other approaches,” he said.

    Sign up for the Chain Letter
    Blockchains, cryptocurrencies, and why they matter.

    By signing up you agree to receive email newsletters and notifications from MIT Technology Review. You can change your preferences at any time. View our Privacy Policy for more detail.

    Blaze and many other election cybersecurity experts oppose online voting of any kind because, they feel, it’s fundamentally insecure. Although a number of countries have embraced the practice, in 2015 a team of cryptographers, computer scientists, and political scientists looked closely (PDF) at the prospect of internet voting in the US and concluded that it was not yet technically feasible. Protecting connected devices against hacking is hard enough, and, even if that could be achieved, developing an online system that preserves all the attributes we expect from democratic elections would be incredibly difficult to pull off.

    The Voatz system uses biometric authentication to identify individual users before allowing them to mark an electronic ballot, and the votes are then recorded in a private blockchain. The company says that in a general election pilot, its system will use eight “verified validating nodes,” or computers (all controlled by the company) that algorithmically check that the data is valid before adding it to the chain.

    The system isn’t so much a blockchain-based app as it is a mobile app with a blockchain attached, says Marian K. Schneider, president of Verified Voting. The blockchain can’t protect the information as it travels over the internet, and doesn’t guarantee that a user’s choices will be reflected accurately. “I think they’ve made a lot of claims that really don’t justify any increased confidence in what they are doing versus any other internet voting system,” Schneider says.

    Cut off? Read unlimited articles today.

    Become an Insider
    Already an Insider? Log in.
    More from Connectivity

    What it means to be constantly connected with each other and vast sources of information.

    Want more award-winning journalism? Subscribe to Insider Basic.
    • Insider Basic {! insider.prices.basic !}*

      {! insider.display.menuOptionsLabel !}

      Six issues of our award winning print magazine, unlimited online access plus The Download with the top tech stories delivered daily to your inbox.

      See details+

      Print Magazine (6 bi-monthly issues)

      Unlimited online access including all articles, multimedia, and more

      The Download newsletter with top tech stories delivered daily to your inbox

    /3
    You've read of three free articles this month. for unlimited online access. You've read of three free articles this month. for unlimited online access. This is your last free article this month. for unlimited online access. You've read all your free articles this month. for unlimited online access. You've read of three free articles this month. for more, or for unlimited online access. for two more free articles, or for unlimited online access.