Are people ready to vote in their pajamas?
- By (ISC)2 Government Advisory Board Executive Writers Bureau
- Jun 05, 2012
Online voting is coming! Imagine a time when you can enjoy the convenience of voting in the privacy of your own home, using your own personal computer, getting the job done quickly and securely without having to drive to a polling place and stand in line.
Enacted 1986, the Uniformed and Overseas Citizens Absentee Voting Act protects service members' voting rights in federal elections. UOCAVA expanded in 2009 to include the Military and Overseas Voter Empowerment Act, then requiring "...electronic methods for transmission of registration forms and ballots [by] 2010."
In 2012, the intent of this legislation has yet to be fully realized. What must be done to make this objective a reality for citizens everywhere? Unfortunately, several online voting systems have been tested recently, but they were successfully hacked.
Hackers vs. DC voting system: Hackers win
Overseas voters rock the vote with online tools
In order to fully achieve the objective of UOCAVA/MOVE, we need to learn from these types of experiences and understand what is required for secure Internet voting.
Traditionally, in-person voting has posed problems for certain categories of voters, including the home-bound and disabled, those whose work schedules preclude participating during scheduled precinct hours, citizens living and/or working in other countries, and those serving overseas in the military. To date, the only option has been to allow them to file an absentee ballot. Although that's a viable option, clearly the opportunity to participate in the voting process in a more timely way by having the ability to submit ballots online via the Internet has great appeal.
Technology-enabled capabilities such as online banking, stock trading and retail purchasing have successfully preceded online voting but differ greatly in the way transactions are handled. Consider that commercial transactions must be traceable and documented, and parties must be authenticated with non-repudiation (so neither party can falsely deny transactions). However, online voting does not exactly parallel these applications in that there is always a feedback trigger for the consumer that acts as an alert in case of errors, omissions or failure to deliver a purchase.
In the case of voting, it is critical for every voter to know that his/her vote was registered correctly and counted. This guarantee speaks to the essence of our democracy: one person, one vote. Confirmation of accuracy is a must, especially in the case of a very close election where the outcome is dependent on only a few votes. Imagine how pleased an adversary of the United States would be if they could find a way to control the election of the president of the United States. Unlike the e-commerce transactions listed above, this target would be well worth the energy and resources a country or enterprise would invest.
The biggest threat to full deployment of Internet voting today is a very robust hacker community. Even something like a denial-of-service attack would be enough to prevent some voters from accessing the system, which would undermine the process — notwithstanding the potential impact of a more sophisticated attack that could hijack or even change votes internally.
Also, for legitimate users of the system, issues of privacy, accuracy and transparency are tantamount to its success in terms of building trust and acceptance by the public. Transparency includes the ability to independently examine every component of the system and voting process.
Current voting systems address these concerns by implementing physical security procedures and paper-based artifacts visible to the voter. Voting machines are self-contained and not connected to the Internet, and paper-based confirmation documents are presented to the user for signature. A credible audit capability is essential to effectively addressing contested elections. Although these traditional systems have their drawbacks, perception is truth, and most voters are “comfortable” with these systems.
The core technology that must be employed in any Internet-based online system does exist. It is a system based on the use of public-key cryptography that employs the use of public and private keys for voting transactions.
End-to-end voting systems, in addition to employing sophisticated cryptographic techniques, must also include a set of valid assumptions and procedures. Cryptographic keys must be managed and properly secured, as failure in any of these areas will result in a compromised system. For instance, if we have citizens voting from home, can we certify that the home environment is in compliance with established requirements? This includes use of home PCs, handheld devices, tablets or other devices.
Couple this with the public’s lack of knowledge surrounding cryptography in general and one can see why there is a huge education effort required in order to gain full acceptance of online voting. The transparency issue is complicated by the introduction of cryptographic technology because the sophisticated mathematical underpinnings are beyond the comprehension of the average voter.
However, the future generation of voters is very technology savvy and has grown up using the most advanced technology. They fully expect to use the Internet for everything and embrace all of the advantages it has to offer. It is probably safe to say that Internet voting will be achieved with this generation of voters.
No voting system is perfect. Internet voting systems are very attractive targets to would-be attackers who are even more emboldened by the ability to act anonymously. Unless we are willing to compromise our entire democratic process for the sake of convenience, we must effectively address the identified threats. No doubt, the day when we can vote in our pajamas is coming…but not quite yet.
John R. Rossi of the (ISC)2 U.S. Government Advisory Board Executive Writers Bureau was the lead author of this peer-reviewed article.