Apprehensions exist over the potential for individuals' own computers to be hacked and compromised before, during and possibly after the voting process. Further worries centre on whether an individual machine is ‘clean' enough of viruses and other forms of malware to perform a secure voting service procedure.In the face of this direct concern, University of Birmingham researchers say they have developed a technique similar to online banking controls which would allow a voter to vote securely even if their machine were infected with a virus.
Swipe/reader code generator
Professor Mark Ryan's team has created a system which makes use of an ‘independent credit card sized hardware device' that has to be used in conjunction with and synchronised marriage with the user's PC in order to process the vote. Quoted on science, research and technology news service Phys.org, Birmingham's Professor Ryan has said that the Du-Vote system has been in production for two years and works once the user receives a code on the device and types it back into the computer.
“The main advantage of this system is that it splits the security between the independent security device and a voter's computer or mobile device. A computer is a hugely powerful, all-purpose machine running billions of lines of code that no one really understands, whereas the independent security device has a much, much smaller code base and is not susceptible to viruses,” said Ryan.But Security is only part of the issue here, privacy is also a huge concern. If users are able to register secure e-votes via any two-factor (or more) authentication process, voters will still worry that their cast votes could be used for fraudulent economic or political means.
Inherent insecurity assumptions
The Birmingham team says its system is more secure than bank private code systems. Du-Vote's intelligence does not assume that the ‘home credit card swipe/reader code generator' (for want of a shorter de facto industry term) itself is inherently secure. Instead, its intelligence logic accommodates for the possibility that the device itself may have been manufactured and supplied by (or under the influence of) a hostile adversaryWriting in the research paper entitled 'Du-Vote: Remote Electronic Voting with Untrusted Computers', authors Gurchetan Grewal, Mark Ryan, Liqun Chen and Michael Clarkson explain that trust is distributed in Du-Vote between a simple hardware token issued to the voter, the voter's computer and a server run by election authorities.
The research team has specified that a “new non-interactive zero-knowledge proof” needs to be employed to verify the server's computations. This way they say, “verifiability is guaranteed with statistically high probability” -- even if all these machines are controlled by the adversary and privacy is guaranteed as long as at least either the voter's computer or the server is not controlled by the adversary.University of Birmingham research paper author Gurchetan Grewal recently finished his PhD entitled Voting on the Internet. Grewal spoke to SCMagazineUK.com, commenting: “One of the most important concepts in online voting is known as ‘outcome verifiability' or ‘independent verifiability'. This describes a scenario where voters should get some assurance that their votes are cast as intended and, further, anyone should be able to verify that all cast votes are counted correctly. The online voting research community is trying to make voting systems that are verifiable, but I don't think vendors care about that concept at all.”
CTO at network vulnerability detection and management company Qualys Wolfgang Kandek agrees that university research such as that shown at Birmingham can play an important role in the development of security technologies. He suggests they can operate with a clean-slate mindset rather than being slowed down by compatibility issues. By focusing on the basic problem, they can look at all possible solutions in a ‘pure' rather than ‘applied' fashion, including ones that might seem infeasible due to cost.“Distributing a [dedicated] voting device [of this kind] to all voters seems complicated to me, but I hope that the technology could be added to new smartphones in the future,” Kandek told SCMagazineUK.com.
Secure e-votes 20-30 years away
Jeremy Epstein, senior computer scientist at non-profit research institute SRI International spoke to SCMagazineUK.com to say that from a technical perspective, we're at least 10 years away from secure e-voting, and many experts think we're 20 or 30 years away. He asserts that we need to separate the political from the technical. “It's difficult to predict when the political pressures will force e-voting to happen; it's already happening in the US, Estonia, and other countries. However, it's not *secure* e-voting, it's just e-voting - every system that's been examined has been insecure.”Epstein continues, “The university research focuses on the security of the voting experience, sometimes at the expense of usability by the voter. Vendor systems focus on usability, and are (so far without exception) completely insecure. We need to bring the two together to come up with systems that are both secure and usable.”
Thus, safe e-voting today is inherently insecure, probably more than a decade away, beleaguered by privacy and voting coercion concerns and essentially still the stuff of exploratory university research papers. These facts, for most people, may be enough to encourage an election vote in 2015.