Will we ever have a safe, secure and privacy enabled digital voting system

/images/projects/secure-vote-glen-carrie.jpg
secure vote glen carrie

Will we ever have a safe, secure and privacy enabled digital voting system?A simple yet naive reason would be to avoid fraud allegations and simplify the whole process! But it’s not that easy as it seems, read on to find out why.

With any election in the world, we have a set of questions we want to answer. Will change anything? Will we be safe?

Recent local community council elections in Romania from the old communist party to something else which still has to prove itself.However, election fraud allegations have been detected in Bucharest. And election fraud is being talked about at any election in the world.. even in true democratic countries.

This brings a few questions to mind which this article will focus on

  • ✓ How can we make a secure, safe and privacy enable digital voting system?

  • ✓ Is such a thing ever possible?

  • ✓ Why a traditional digital voting system is NOT the solution

  • ✓ Can Blockchain be a solution?

Table of Contents

1. Defining the Problem

The main problems which a digital voting platform must solve is the inefficiency of using a traditional paper based voting system. All elections, even in US have shown ths inefficiency.

The current voting methods are 2000 years old and have had only minor improvements. Most being legislative ones to include the majority of the population.

The problems are quite easily visible:

  • Everything has to be done manually

  • The costs of an election is huge since you have to again, manually ensure that everything is set up, people have to be paid to sit around for almost 16-18 hours.

  • A great deal of work has to be put in to make sure that there are no fraud attempts

  • Alternative voting methods need to be put in place for people who can’t come to the voting place. This creates a great deal of bureaucracy and it creates a variety of bottlenecks.

2. A Digital Voting Platform

Is a digital voting platform an actual solution? Can it be privacy enabled and safe to avoid fraud?

The sincere, direct answer is.. Not really.

While I advocate for Business Efficiency and Automation I have to say that the paper system is here to stay in my opinion. Even if technically, I can easily build a blockchain secure voting system in a few days…​ there are a few problems which can’t be solved by code. They’re problems of human nature, and since human nature can be corrupt, so can there everything else.

I’ll show you why paper should be the only option, even if we now have the technology available to simplify everything overnight.

2.1. A Traditional Digital Voting System is Not The Solution

What is a "Traditional" digital voting system anyway?

Well, if we look at how the business world revolves it works as the following;It’s a private, closed source system which has been developed by a private company for the Government of a country based on obscure contracts which can only be reviewed by a hand full of people.

We can directly infer that first and foremost, those who are actually in power, will surely want to interfere with the voting system.

2.1.1. Closed Source Systems Mean Fraud

Having a traditional digital voting system will mean that it’s mostly closed source. Meaning that no one can really see how it works or interacts. This makes it difficult to verify that it’s working correctly.We can expect such a system to result in fraud, even if it solves the problems of human inefficiency.

Fraud is the worst thing which can happen in a corrupt government or country.

Inserting fraudulent votes or changing someone’s vote is easy in a traditional centralized system just because there is no way to verify if everything is working properly.

2.1.2. Security And Privacy Problem

The second bad thing which will happen is the fact that with a closed source system, we can’t be sure that the data will be held securely and that the secrecy of the voting choice can be held.

In plain words; Your choice could be reverse engineered meaning that your political views could be. This is dangerous, as political views are extremely sensible and have been used against people in the past.

Let me explain why. If you have a digital system, you’ll most likely have to keep track of who voted to make sure they don’t go to another place to vote again.

However, this means you’ll need to keep a timestamp of when they entered the voting section.

Yet again, when they vote.. you can easily assign the person to their choice.Even if there is no direct foreign key relation or something similar, you can infer someone’s vote by the date of submission which will be just a few minutes later.

And this would mean bad luck for those who vote the opposition. Especially in countries which are corrupt and bad to the bone.

3. Is an open source blockchain voting system the Solution?

Even if we’d have an open source system, it would need to be truly decentralized and open to everyone to ensure that fraud won’t be taking place.

This would lead democracy enthusiasts meeting up with open source developer enthusiasts thinking that blockchain is the solution!

If you think about it, it does seem like the natural next step.

Yet, I’m sorry to say this but I’ve thought this through for a few years.Blockchain can’t be used to make a secure and private voting system.

You’ll have to choose between privacy protection OR corruption prevention. You can’t have them both.

To understand why, we have to understand:* how such a blockchain system would work* how it differs from traditional systems* which problems it solves* which problems it can bring

3.1. Blockchain For Voting

A blockchain voting system would mean that everyone could connect with their device to the network and be able to submit a vote.

This would allow anyone to easily see how many people have voted and who is winning.

Cutting out middlemen and enabling ANYONE to verify the authenticity of votes.

Such a real time voting system might actually ensure that people can still rally and change who is going to win.

Additionally, there would have to be multiple trusted server and various voting machines at each local voting place.

3.1.1. A Trusted Minority

The Servers and machines would act as Trusted authorities which can validate votes coming from the blockchain network.Having trusted servers is actually a must if we want democracy to survive.

Why? Take a look at traditional blockchain systems like cryptocurrency. They’re slow to validate data and are vulnerable to a variety of attacks. The more horsepower someone has the more they can try to influence a blockchain system.

Actually, the whole decentralized blockchain system is vulnerable to attacks into altering the system.

If Political Group X inserts 10.000 machines.. they could easily manipulate everything.

However, by ensuring that there are a variety of trusted machines which make decisions based on a predefined pattern you can cut out 90% of the issues.

3.2. Choose one - Fraud Protection Or Security Or Privacy

As you can see, there are many problems to digital voting systems. Blockchain is no exception, actually, It would take me tens of pages to explain which additional problems exist with such a blockchain system. Tens of other pages explaining potential solutions. And tens of other pages breaking down the solutions by finding other problems. It’s a continuous cycle.

If we want a digital blockchain voting system we will have to live with the effects of such a new voting system.We would need to change laws and change our whole worldview, depending on the option we choose.

We will NEED to chose between Fraud Protection, Security or Privacy. We can’t have them all unfortunately because each of them can be compromised when we take care of the other.

This is the basic logic behind having a 100% secure system. It would need to not be digital at all!

3.2.1. Choosing Fraud Protection

If we choose fraud protection then we need to make transparency a reality. Such a transparency would ensure that there would be an almost zero rate of corruption.

This would mean that every time you vote, your unique personal identification number would need to be used directly and it will be somewhat visible for everyone.

This would solve the problem of people voting multiple times and it won’t allow fake votes to exist.

By now you might think that I’m talking about putting your identification data out in the open. No.Even if securely hashed and digitally signed there is the problem that those with enough money and time can reverse egineer to see WHO voted WHEN and from WHERE if you voted in a physical place.

The second problem would be that if you have one blockchain, you’d have to put the identity of the person AND the choice in the same place. Meaning a direct connection.

If you’d use two blockchains with different genesis blocks [1] to enhance privacy, one for the people who voted, and a second one for the votes you’d get a degree of problems in coordinating who did what and when. Thus, still leading to privacy issues.

Such a system would be excellent in avoiding fraud protection, but it would certainly NOT be able to hide political preferences from the political activists or terrorist.

Yet, some less enlightened minds who know nothing about technology will point out to how bitcoin works and that "it’s secure and privacy protecting".

It’s not the same thing, bitcoin goes from the premise that you are almost anonimized. There is almost nothing personal stored about you. With voting, we need a way to store who voted to ensure there is no fraud. Plus, everyone can see your transaction IP.. Don’t get fooled by the hype.

3.3. Choosing Privacy

Choosing Privacy means forgoing on fraud protection. You’d need to make the system so safe that no one can reverse who voted for which politician and when this occurred.

This could be done by issuing a public-private keypair to every citizen who can vote. This would be used only for voting. Making them expire once every few years. Additionally, these could be issued each time for each voting campaign.

The Government would ONLY store the public key to validate the vote. It would NOT be allowed to store a connection to WHO has the private key.It would only know that it has 100.000.000 public keys which are allowed to vote. Nothing else.

The private person securely stores their private and public keys so only THEY have access to it.

Once someone votes they sign the blockchain with their private key, the government open network trusted infrastructure would then proceed to validate that the key is valid.

Reversing the private key from the public one would be difficult, and technically we could also have an security edge.This would also help ensure a minimum of fraud.

3.3.1. Can you trust people to keep their data secure?

However, there is one problem with this system.Namely, most people can’t keep their creditcard number or PIN codes secure, nor their passwords!How would we ask them to keep such much more important asset secure?

How could we avoid from having scams and frauds asking for their private key?What about a botnet or a virus which steals the keys of millions and then proceeds to fraud the vote?

If there is no identity connected between the public key-pair then privacy is safe.Yet, we can’t always trust people to keep their things safe.

Huge investments would need to be done to educate people into cyber security.

3.4. Choosing Security

You can’t really choose for security…​Because 100% security doesn’t exist.It only exists in theory or in a bunker which is not connecte to the internet. And even there, you’d have ways to get in..Practically, everything can be socially engineered.

And what would Security mean by the way?

3.5. What can we actually choose?

Building an advanced blockchain system which can take care of all of these problems is nearly impossible since it would require years of research to find the perfect solution.

No, unfortunately, we can’t yet vote democratically with blockchain. You could implement a voting system for a company to keep it private and privacy enabled. Let’s say by voting for the name of a new system. But even then, you could use a non blockchain system..

4. Can we automate everything?

If we are able to automate everything in our life except for voting then this is a compromise which we have to make to ensure that Freedom and Privacy are respected. It’s the only solution if we want Democracy to remain alive.

4.1. Blockchain Systems for YOUR Business

Of course, building a blockchain system for a company is totally different and you can benefit of all of the features which blockchain has to offer without any compromise.

5. Redecentralizing the Internet

Before we even dare digitalize voting we first have to redecentralize the internet.This means that each person needs to take ownership of his or her digital data.

The same problems as with all digital systems is that they rarely offer 100% privacy unless you own your data.

Using existing services from huge companies such as Amazon, Google or Facebook renders you vurnerable to even worse things than those explained in this article.

Take back your freedom. Own your data now. Send me an e-mail and I’ll tell you how.Or stay tuned for future blog posts on this topic by subscribing to my newsletter.

Want to build safe and secure applications? Let’s work together


1. Genesis blocks are the inception blocks which form a blockchain. IF we’d both have our own blockchain systems, we could all have different genesis blocks which will totally alter the blockchain even if we put the exact same data in each of our blockchains!

Subscribe to my Newsletter

Receive emails about Linux, Programming, Automation, Life tips & Tricks and information about projects I'm working on