Is internet voting more secure than mail-in voting?

Tagged: ,

Viewing 0 reply threads
  • Author
    • #179414

      Hi, I’m new to this community. I joined because I wanted to start an educational discussion (for me) on the topic of internet voting (IV). The 2020 election raised the question: Is IV more secure than mail-in voting (miv)? In my mind, it is. I believe that for IV to be adopted, it has to be open source. I’ve written enough code to prototype a ballot digital trail to make me think that a secure IV is not that high a mountain to climb. There is always the possibility that a bad actor can defeat whatever defenses are put in place, but in my mind, mail-in voting is the same risk but substantially less defensible. With internet voting, I’m thinking that a well designed process would be able to not only detect fraud, but remove fraudulent votes.

      Having prototyped the ballot digital trail is one thing, evaluating it from a security standpoint is another. I’m not a security guy. So here I am.

      What I am hoping for as feedback from this site is a better understanding why internet voting is too risky or what needs to be done to make it doable. As a starting point, I have identified three points of attack. They are the server that provides the ballot to the mobile voting app (mva), the submission of the completed ballot from the mva, and the server receiving the completed ballot.

      I think in a testing or live scenario, the anchor servers would be servers stood up specifically for the election, they would be totally locked down with only a single SSL port open. They would have not other applications or services other than what is required for the Web API to the database. My assumption is that such a server could be impervious to exploits, or at least one where all changes the API or database records could be detected. That leaves getting the ballot to the mva and submitting the ballot from the mva to consider.

      Before I started this, I had assumed that SSL would be secure enough to prevent man in the middle attacks for transmission of the ballot to and from the mva, but having read that the NSA and other state actors could defeat it, I thought it would be prudent to make the transmission of the ballot a multi-step process and deliver the payload as a blockchain with Nonce. To submit a completed ballot, the mva would compute a Nonce based on the completed ballot, send a notification message to the receiving server that a ballot is ready to send with the Nonce, the server would acknowledge, then the mva would send the completed ballot. The receiving server would then validate the blockchain and compare the Nonce with the expected Nonce. Such a scenario would mean a MitM attack must first defeat the SSL then defeat the multi-step process, and defeat the blockchain Nonce during heavy traffic in order to be effective at scale.

      My intent is to have a voting process that is not hackable, and would be able to detect (if it were hacked) when votes have been injected, deleted or altered. I don’t know what type of reception this post will have. For me, I believe the integrity of future US elections hinges on being able to change the narrative of mail-in voting as the answer to increased accessibility and voter turnout to internet voting as the more viable solution that can ensure one person one vote.

      Any thoughts or conversation on this topic would be greatly appreciated.

Viewing 0 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2022 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.


Sign in with Caendra

Forgot password?Sign up

Forgot your details?