In a few days we will face a general election where is should elucidate the political future of our country, and despite just how far we have advanced in other technological fields, We will continue voting with ballots and at polling stations of life.
Why electronic voting is still not a viable alternative? Experts in the field have revealed to us the keys to a technological challenge that still does not have a simple and efficient solution and that leaves us a singular conclusion: technology is not the solution to everything… or for all.
An old problem without real solution
Electronic voting systems are not really a newness: years ago is trying to implement systems that solve a technological problem that is much more important than one might think. Deployments are varied and the degrees of automation in each one of them is very different.
The cycle of electronic voting is huge, and goes from the registration and authentication of voters to the consolidation and validation of the vote and the administration of these elections. Between these stages – complex of Yes – there are other even more delicate as the encryption and transmission of votes In addition to the own introduction of voting.
Sleep is quiet and peacefully to vote from home via the internet
There’s no single way to vote electronically, and deployments have led to use punch cards such as those used in computers from the decades of 50s and 60s or kiosks and specialized voting machines that sit atop the polls for automate only part of the process.
But of course, the dream is not that: the dream is to be able to quiet and peacefully vote from home via the internet. E-voting online (also known as i-voting) has one even bigger problem, and in addition to paragraphs technicians would have to resolve issues that are still without a real and forceful solution. Prevent vote-buying, coercion or manipulation of those votes is a challenge which at the moment has prevented that these systems are applied in large elections.
Dim-witted and too many shadows on the horizon
A priori, one would think that electronic voting poses important advantages both for voters and for the Organization of elections. It would avoid inconvenience to voters, which could increase participation, and a system so could also reduce the cost of elections that they are often raised by the infrastructure that is necessary to implement.
These advantages are soon overtaken by the challenges that face this system. They include security in all operations, which should be exemplary, but It must also be auditable: the most used electronic voting systems are all proprietary, but security experts like Bruce Schneier defended systems that should be developed with Open Source code that could certify the system does what it is… and as it should in the first place be.
These systems also cause unwanted side effects. Although effectively they allow that certain groups have easy access to this right to vote – for example in remote rural areas – also they can intensify the digital divide: While those used to handle technological tools would have easy access to this option, many others without any knowledge or the necessary tools limited just might be for these options.
Electronic voting systems must be safe, and experts require in addition open source softwares allowing to audit how these systems work
Daniel Bochsler, of the Centre for the Study of caption in Democracies, published a study in 2010 analysing the parliamentary elections in Estonia in 2007 in which came to an interesting conclusion: “political parties which have more support of the less fortunate – those less familiar with the internet – could suffer in the election because of e-voting, which tends to increase voting among the middle and upper classes”. The same study revealed that in these elections the saving in time – by avoiding – no fue tan llamativo como algunos preveían.
Success stories (or non-failure)
Electronic voting systems have been implanted to a greater or lesser extent in a number of countries. Brazil, India, Venezuela, or the United States are examples of countries where e-voting has tried to be implanted with more interest.
Electronic urn used in Brazil. Source: Wikipedia
In Brazil, the electronic voting machines were evaluated in 1996 and since then they have been used in various electoral processes such as the presidential ones of 2010, in which 135 million of voters participated and in which the result could be known 75 minutes After the polling stations closed their doors. The machines used there have also been criticized-there is no receipt for the voter, which makes it difficult to audit the vote-but the acceptance of the system is notable and in fact Brazil “rents” those machines to countries like Paraguay or Ecuador, where also have been made Electoral processes taking advantage of this technology.
In online voting, the ‘ Holy grail ‘ of this quest for a truly complete alternative, there is a particularly prominent example: Estonia. The citizens of this country have a document of identity similar to our DNI but it also has the necessary guarantees-according to those responsible for that country-so that it can be used to vote through the Internet.
Estonian national identity document. Source: Wikipedia
The Baltic country was the first in the world to use this type of system in a parliamentary election in 2007 after a first pilot project in 2005. Since then this system has been combined with the traditional physical voting system, but the participation in electronic voting has been high: in the parliamentary elections of 2015 30.5% of the votes were received over the Internet.
However, this has not prevented security experts from questioning a process that is not entirely safe in their reports. An independent security study published in 2014-in PDF format here-revealed that there were security failures in the operation of a system that could be a victim of manipulations in the counting of the votes and, therefore, in the final result of the elections.
In online voting, the ‘ Holy grail ‘ of this quest for a truly complete alternative, there is a particularly prominent example: Estonia
In our country these kinds of processes have also tried to get underway on several occasions. One of the best known was the organizing elections the political party we can organized at the end of 2014. The process followed at that time fulfilled all the guarantees according to those responsible of that group and of whom it supplied the system of vote, the platform AgoraVoting.
Doubts as to the validity of their results were patents after analysis of that electoral process. Ricardo Galli, with whom we discussed the topic, explained in his personal blog in two parts (part I, part II) and came to a blunt conclusion:
I do not know the intentions of we can and the guarantees that their candidates wanted, but all this complex system of encryption does not offer any guarantee, the control of the tally with public and private keys was pure theatre. If there was confidence in the entire chain of stakeholders do not need any cryptographic system, it was enough that AgoraVoting give the totals of their database, technically the guarantees are the same, but the system is much simpler and above all honest. A great theatre was set up, totally fictional and unnecessary. A modern and striking door in the middle of the field.
In the United States they have lived their particular love-hate story with electronic voting: in the 2004 presidential election that George W. Bush won by a narrow margin-and several counts-to Senator John Kerry there was a relevant role for these systems.
Controversy and problems surrounded a diverse infrastructure-perforated cards, electronic voting or optical scanner identification were used, among other technologies-which made the security questionable, the aforementioned counts and the agreements Between the Democratic and Republican parties and those who manufactured the machines that managed those votes.
Not only that: the electronic voting machines of the North Carolina polling stations lost 4,438 votes that were never recovered and that again questioned the validity of a system that was never again used in such a prominent way in the elections of This country.
Will e-voting be imposed in the future?
Doubts about the validity of electronic voting are important, and to talk about them and everything that surrounds the present and future of these systems we had the opportunity to have the help of two people who know the topic in depth.
Ricardo Galli and Pablo Romero (photo by Dani Pozo)
As indicated previously one of them is Ricardo Galli (@gallir), associate professor of mathematical and computer science at the University of the Balearic Islands and co-founder of Menéame. We were also able to count with Pablo Romero (@pabloromero), a Spanish journalist, who has repeatedly investigated and published this topic in this and other media he has worked on.
Galli began by talking about the two major technical problems facing electronic voting: ensuring both anonymity and voting is auditable. Both issues are resolved with the traditional ballot-based voting system in which:
It is guaranteed that the voter is the one who says: To vote there is a census that indicates where to vote exactly, and the identity is verified with the DNI.
It is guaranteed that the vote is free and anonymous: The voter can choose the ballot inside the cabins prepared for that purpose without anyone seeing him.
It is guaranteed that this vote has been issued: The DNI is “crossed” when the voter enters the envelopes with his vote.
Not only that: the ballot system, explained Galli, also makes it much easier to control clear threats to electronic voting such as coercion, manipulation of votes or the purchase of them. These three advantages of the traditional voting system are very complex to achieve with technological means, and although one might think that there are similar systems that have been taken to the Internet, the differences are fundamental.
It happens with the electronic banking, for example, that unlike the electronic vote has identified the transactions and associates them with our identity and the bank entity at all times: there is no need for anonymity for example, although the electronic banking It is certainly not exempt from security risks in terms of cyber.
The advantages of the traditional voting system are very complex to achieve with technological means
All this is fundamental, but in addition to these major problems there is another factor that this academic referred to: trust. Doubts about the efficiency of electronic voting systems have not only been deeper between the community of experts in computer security, but that the governments themselves and political parties are not clear that this alternative is viable or valid today . And without the confidence of the users and the political parties, the electronic vote has no place.
For Ricardo Galli political parties are correct in their approach to the problem. “Caution is good for me,” he said, speaking of the Tiento with which the rulers and their technical teams reject the moment to implement solutions in a massive way.
For this expert we will end up seeing the electronic vote “not in these elections, but in the following”, but if we finally do, he assured, that electronic vote would work together with the traditional system, offering as an alternative option . In fact Galli praised our electoral system: “The counting system in Spain is very fast, in few countries you see that.”
Pablo Romero published last year an extensive article explaining why in our country we can not vote with the electronic ID when this document is for example quite similar to that used in Estonia, and now we took that report to know if Something had changed. “Little or nothing,” said Romero, explaining to us some fundamentals of the electoral system.
Spending a lot of money: e-voting is expensive what is needed to implement e-voting? Spending a lot of money: e-voting is expensive
Currently, electronic voting in our country does not comply with the (basic) guarantees established in the LOREG (Organic Law of the General Electoral regime). Among them are the aforementioned-coercion of vote, impersonation of identity and purchase of votes-, which as stated by Ricardo Galli do are covered with the vote in attendance that according to Romero was clearly “the most complete”.
Decryption process in a mixed network. Each node changes the order of the message and encrypts it with its own private key and forwards it to the next node. SOURCE Wikipedia
What would be needed to achieve these guarantees? Spending a lot of money: e-voting is expensive. A lot. As Romero commented, we would have to have a system that combines three complex technologies that he spoke about in his article:
Homomórfico encryption: that allows to perform operations and the processing of the data being encrypted and generates a result that in turn is encrypted. That’s not all: if you decipher the data and the result and apply the same operations, those results would coincide.
Blind signatures: As Romero said these signatures “allow someone to digitally sign an information but no need to know what is signing.” “Blind firms are used to make it difficult for the voter-to-vote relationship.” The blind signature can be verified publicly with the original and confer the system that guarantee that the vote is valid.
Mix networks: It would make it possible to ensure that the vote is produced, but they prevent that vote from associating with the person who issued it. In short: The system could not know what you voted for.
For Romero combining the three systems would effectively enable an effective system in those requirements that now does the physical vote, but he himself indicated that this “would be expensive, and still should not replace other systems.” In fact, he added, “Electronic voting should in no case be substituted for the physical vote: It should be complementary.”
Even solving these issues are new threats to the future of e-voting. One of them would be able to challenge the votes. To do so should be registered somewhere, and in this system does not occur what can happen (not to the same extent) with the physical ballots: “Not manipulated, but when you pass something to digital format that manipulation exists, and that generates a problem” “Important confidence.”
Electronic voting should in no case be substitute for the physical vote: it should be complementary
The cost of implementing such systems would be enormous, says Romero, but while making it believe that we were going to end up saving money-the state would not theoretically have so much cost in a new election-there is another aspect associated with this Technology: That would have to be updated, polished and improved to offer more and better guarantees as out potential novelties. “The pace of renewal of the entire infrastructure for non-attendance electronic voting would be enormous.” You would always go a little behind, you’d always be a bit obsolete, “he explained.
Romero emphasized the additional need for the system to be auditable, something that pointed to open source solutions that would to verify “that the code works and does what it has to do, and not anything else.” As in the case of Galli, this journalist believes that in the future we will see how these systems end up working in electoral processes, but again insisted that they would complement the traditional system of physical voting.