3 min read
E-signatures in elections: The key to preventing voter fraud?
Cryptomathic : 16. October 2016
Election season in the US is upon us - and with it, comes the typical questions of how to secure ballots and prevent voter fraud. In the US, UK, and many other countries there are endless numbers of instances demonstrating cases of electoral fraud.
For instance, voters have used the identities of dead individuals in the US to add thousands of votes in US elections. Other cases involve ballot box stuffing, duplicate voting, and illegal absentee ballots.
As we enter the digital era, almost everything is utilizing technology to prevent previously manual, paper processes. From mobile banking deposits to signed transmission of legal documents, technology has enabled us to do a lot from our computers that we haven’t been able to do before. But what hasn’t changed thus far has been the widespread use of electronic voting, and how ballots are handled.
Understandably, there is a high risk to using electronic voting. Security issues such as widespread hacks, lack of data integrity, and loss of data could greatly cripple an election if an incident were to occur. The other question that rests on many peoples’ minds is how to ensure that a person is authorized to cast a ballot, and how to prevent fake ballots from being submitted.
The Case for Electronic Voting
Electronic ballots have become a lot more attractive with more and more cases of fraud on the rise, as there are more ways to verify the authenticity and integrity of the vote. By using centralized, online databases of registered voters, individuals can quickly be authenticated and authorized to cast a ballot unlike the standard paper or digital ballots used in past years. If electronic voting could be properly secured, the way we vote could be entirely changed. Absentee ballots could be cast online closer to election day, and counting could become a much more transparent process than in past elections.
Electronic signatures have been at the forefront of security technologies used to safeguard the transmission of data across the internet. By authenticating and authorizing the signatory, the receiver and any other pertinent individuals in a transaction can be assured that the right person submitted the information. Electronic signatures have become widely used in government institutions, banking, real estate, and virtually every other sector imaginable.
So could it be used in elections?
There have been numerous causes brought to state supreme courts in the US which have validated the use of electronic signatures in petitions, including one case in Utah in July of 2010. In this instance, petitioners from three states electronically signed a document that was later turned down by election officials. After a hearing in 2010, Utah ruled that electronic signatures were just as valid as a handwritten signature, opening the door for many other states to follow suit.
One of the biggest questions any governing body has is simple:
how do we prevent fraud?
Digital signatures can secure petition and ballot signatures by verifying the individual casting the ballot, and protecting in the integrity of the data. Such methods that can be used include “blind signature schemes”, which not only verify the identify of the voter but also provide a method for an election authority to certify the ballot. With this method, the official authorizing the ballot is unable to see the contents of the ballot (hence the “blind” portion), preventing any bias from affecting judgement. Blind signature schemes can utilize public key signing protocols and cryptographic protocols, creating a tunnel of trust between the voter and the reviewer. Other entities have been more adventurous, looking at technologies such as blockchain to rework the voting system.
Blockchain could be used to create a non-repudiable, transparent method by which votes can be counted by anyone, creating an audit trail on the way. Though there is real opportunity with blockchain in the future, elections officials across the world will not adopt blockchain for many cycles to come until it is a fully understood, near “hack-proof” technology.
Where does this leave us?
Electronic voting will continue to make a rise in politics, closely following behind the use of online petitions and private voting platforms. As it comes to use, essential questions must be answered:
- How do we verify the identity of the voter, and how do we prevent fraud?
- How do we prevent external hackers or nation states from entering and disrupting our voting systems?
- How do we safeguard the voting systems, including backing up data and ensuring service continuity?
Conclusion
While electronic signatures are a key component to the puzzle, many smart minds from the tech industry must be able to come together and plan a bullet proof technology before it goes live on election day. Until then, enjoy watching the US elections and continue to look for the increased use of electronic signatures in voting platforms.
References and Further Reading
- Selected articles on Authentication (2014-16), by Heather Walker, Luis Balbas, Guillaume Forget,and Dawn M. Turner
- Selected articles on Electronic Signing and Digital Signatures (2014-16), by Ashiq JA, Guillaume Forget, Peter Landrock, Torben Pedersen, Dawn M. Turner and Tricia Wittig
- REGULATION (EU) No 910/2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC (2014) by the European Parliament and the European Commission
- Recommendations for the Security of Internet Payments (Final Version) (2013), by the European Central Bank
- Draft NIST Special Publication 800-63-3: Digital Authentication Guideline (2016), by the National Institute of Standards and Technology, USA.
- NIST Special Publication 800-63-2: Electronic Authentication Guideline (2013), by the National Institute of Standards and Technology, USA.
- Security Controls Related to Internat Banking Services (2016), Hong Kong Monetary Authority
Image: "BallotBox", courtesy of Michael Swan Flickr, (CC BY-ND 2.0)