Maybe there’s something good about all the fear of fake votes. People may develop proper voting systems now.
SmartCards or atleast some form of crypto token should be a part of that.
First, let me roughly explain how I think a modern voting system should work.
This all can be used on top of existing security measures, so let’s skip those.
Just imagine a SmartCard ID that let people digitally sign stuff.
That signing applet is protected by a strong password = 2FA.
Proper private key crypto, there are even some that are considered safe against quantum computers. Future proof.
In the BTC blockchain, you can basically have trustable timestamps. You can leave messages in transaction which millions of miners will copy and validate, basically the whole world agrees yes this happened roughly then(±5min or so). I leave out some crypto stuff but I hope you get it. I just wanted to include this because I believe in that tech, but lets get back to the reason why I share this.
It’s kinda obvious, we would benifit from such use of SmartCards. And I’m sure it will be smartcards, because e.g. banks & insurance companies then use the same way to identify people. The Apex could be used for this aswell. It’s I think a good approach to make voting safer, and right now people might push for such tech. Basically a government issued fidesmocard.
Such things have been discussed in germany some years back, but you know, lobbyism. (If interested look at the story of De-Mail and Post Ident n all that shit)
I definitely agree that some form of secure element (possibly contained in a government issued ID) would be a good verification method for voting. In the many states in the US we trust signatures, which obviously changes over time and can be replicated.
We need make the same value call that all infosec advancements require, security versus convenience. If no one can or will use the process, it’s not worth pursuing. We also need to consider whether this is an actual issue. Voter fraud is functionally non-existent where I live. Is it worth adding this extra layer of complication just to placate our tech-lust? Here are some of my thoughts:
Passwords for 2FA on voting is solid security practice, but terrible practically. Many people won’t remember their passcode. We can’t base voting rights on memory in a true democracy
If the secure element is required to vote, it could be abused by legislators to suppress votes as a 21st century flavor of voter ID laws (which seems much more likely than voter fraud)
I like blockchain technologies for use cases like cryptocurrencies where self-regulation is requisite to avoid the meddling of overreaching authorities, but it is not suited for voting verification. There will always be an authority responsible for the election, and that is the government of the country in which it is occurring. If the goal is to allow everyday people to independently verify the results, sadly that will not happen. Average people will not be tech savvy enough to interpret the blockchain, so they’re back to trusting authorities. There’s also the environmental impact of wantonly throwing mass computation at problems that don’t require it. We have to generate that electricity and hardware somehow.
Adding smart cards to voting could be done, but we would need to phase it in slowly, not make it mandatory at first, and use the ID with other services. This way people will become familiar with using the smart card for everything and it will become second nature to use it for voting.
Yes I 100% agree, but everyone could make it a little safer by using it, just by having their ID when going to vote.
As I said, applied to existing voting mechanisms. But if theres a hashed version of the vote in the blockchain at that timestamp where it says here, it’s a good extra measure.It can easily be designed that people stay anonymous and still everyone can verify it. Or so that only the gov can verify it, but that’s not a good idea imo.
While we’re at it, multiple countries doing this would result in a damn strong blockchain, so I still think, it’s very fitting for a voting system.
Couldn’t you use your social security number as the passcode?
Using a system that ensures all voters meet criteria.
Legal age
Non prisoners
also whether or not they have voted so they can’t vote twice etc
Not everyone remembers their SSN, it’s extremely sensitive information that poll workers do not want/are not qualified to handle, not every person who can vote has an SSN (more exlusionary potential). My understanding is that the goal is expand voting access in a secure way.
I dont know how your SSN works (clearly) I would have thought it would have been The one thing everybody memorised.
In my mind I was more thinking of a voting “terminal” you swipe your 2FA card punch in your pin (SSN), cast your vote on the terminal, and thats you for the next 4 years.
Cards could be Driver licence/ National identity card / VivoKey etc.
it’s actually illegal for the government to do this. there are also people who legally do not have SSNs for various reasons, including religious… they have “opted out” of social security, hence no SSN.
the idea of a “national ID” has been resisted here since forever (based on WWII nazi tattoo type fears) and the only thing coming close to it now is the Real ID initiative… so issue a smartcard based on your Real ID and use that for voting… could work… for those who have it… but yes other more traditional means must remain available, particularly for the underprivileged and disenfranchised.
there are a huge number of full grown adults making tons of money who live in cities and do not have a driver’s license… it should honestly just be a voter registration card with smartcard capabilities. it makes the most sense.
actually a smart voter registration card makes a lot of sense… and setting up smartcard readers at libraries could allow even people without proper equipment to vote at libraries using their smartcard voter registration cards. maybe enter their full name and birthday to confirm someone didn’t just find the card (or stole it with a wallet or whatever)
make the whole thing contactless and now Apex registration becomes possible maybe.
I discussed this with a European friend (Belgium, one of the few countries apart from Australia to mandate voting) and he tells me they all use passports or ID cards (which are like 10 euro) to vote.
I really like the Idea of making voting more accessible/secure. And I’m one the nutjobs to believe world would be easier if we had an Altered-carbon style of ID (where your ID is also your wallet).
And I love the blockchain approach as well!
The main deterrent for such an implementation is the vote counting mechanism.
Even if you hash the vote… because there is a peer validation mechanism and a timestamp (which are both necessary elements), no matter how good is the encryption I’ll most likely be able to figure out whom you voted for.
That is simply because I do not need to break the encryption to do so!
I remember reading very good study about that when Netflix’s Bandersnatch came out (which, since I couldn’t find again in a quick Ducky, I’ll leave you with this blog post about it instead)
The idea those researchers employed can be applied to blockchains:
In a nutshell the Idea is that there will always be a static element to a vote, and such element causes the vote’s payload to tend towards a specific pattern even after being hashed/encrypted. Given that the votes will need to be counted, adding a masking algorythim to the payload would also affect counting. So it’s not a possibility.
That said, I still believe on this Idea. we just need to find a way around those issues
The user could still be traced back via a combination of voting location + vote timestamp, since you can also identify the original block to add a new element to a blockchain, and you can trace it to a physical user in the booth.
There are solutions to that, but they would require some clever tinkering…
Trick is to figure out how much can you obfuscate while still allowing the vote to compute together with all the information needed. Because the more information you abstract away from the vote, the more you open for other means of fraud.
maybe.
