Blockchain based “online voting system” for free, fair election
Talk shows are overwhelmed with discourses about the current political stalemate in Bangladesh. Most alarming is the fact that the obnoxious ecosystem of distrust, suspicion and corruption has plagued the very pinnacle of our society. Hatred and doubt amongst different competing political parties have gone so far that a trustworthy election is impossible unless the whole process of conducting an election is significantly overhauled.
To make the election process simple and also to bring some confidence into it, Bangladesh Election Commission (EC) introduced electronic voting machines (EVM) in some instances. These machines are claimed to be secure and safe from rigging. But the main opposition party BNP had been criticising them from the very beginning for numerous reasons. Most importantly for not providing source code of the software to them that runs EVMs. The internet and social media abound with information portraying security vulnerabilities of EVMs. The most convincing one being a presentation by J. Alex Halderman of the University of Michigan. Because of such bad publicity against EVMs, any election conducted with these machines are sure to be tarnished with a big question mark -- especially in Bangladesh where the environment of mutual trust among political parties has totally broken apart. In order to alleviate this impasse, it is important to design a system that would be acceptable to all parties. Fortunately, this can be achieved with technology and some business process redesigning.
Blockchain is an emerging technology that can perform trustful transactions among parties that lack trust. The act of voting is like a financial transaction -- a voter casts a vote and a candidate receives that. Satoshi Nakamoto, in his paper "Bitcoin: A Peer-to-Peer Electronic Cash System" concluded with a line "We have proposed a system for electronic transactions without relying on trust". This is a transaction processing system that is difficult or nearly impossible to change, hack or cheat. The main characteristics of a blockchain transaction are immutability, anonymity, timestamped, unanimous and security. Blockchain technology allows for transparent and incorruptible data without a single point of failure or being controlled by a single entity, making it potentially an ideal platform for digital voting. Such a voting system has already been implemented fully in Sierra Leone, to some extent in Russia and Thailand, and partly in some places of the US. There is no reason why such a voting system can't be implemented in Bangladesh.
Online Voting System requires a voter's database (db.) that Bangladesh already has, it now needs the voting software. The Election Commission (EC) can develop the software with blockchain technology at home or procure it from the open-source. Trust in the software can be established by (a) providing the source code to the representatives of all the political parties, (b) allowing them the liberty of testing the software themselves, (c) making sure that the software running on the election day is the same that was tested in the presence of the representatives, and (e) ensuring that software is secured enough and has required functionalities, that at any stage in the election process there is no possibility that somebody would be able to manipulate voting, vote counting or election results. Once developed, the software would undergo a thorough testing phase. During such tests representatives of the political parties must be present. Once this is completed a hash value (fingerprint) of the software would be generated and published. It is recommended that the system be deployed as a web-based application on a cloud computing environment. The cloud service provider must be a leading one such as Amazon Web Service, Microsoft Azure or Google Compute Engine. An application running on any of those services is extremely difficult to hack as they invest billions of dollars securing them.
On election day, EC will turn on the Online Voting System in the presence of representatives of all the participating political parties. Hash values would be matched to make sure that the same software is running. This event (matching of hash values) can be live-streamed for the whole country to watch. The vote can be cast in two ways: (a) by using a smart device such as a mobile phone, personal computer, laptop or (b) by physically going to a polling centre. The smart device owners can cast their vote by visiting the website which will present them with a voting interface. In that interface, voters will enter their NID or fingerprint, their mobile number or email address. A one-time password (OTP) will then be sent to their mobile or mailbox. Entering OTP into the user interface would bring an electronic ballot. The voters will select the symbol of their choice which will send the selection to the web server. All communication between client and web server are encrypted and take place via HTTPS protocol (encrypted transmission). The server will record the voter's selection and prompt the voter for final confirmation. When the voter confirms the selection, a blockchain transaction would be executed, casting the vote. This will enable the voters to vote from any location with an internet connection. Bangladeshi nationals living overseas, constituting about 8-10 percent of the total population, can also vote through this system from the convenience of their homes.
Those who like to vote in polling centres would be able to do that from any location in Bangladesh. Centres will use smart devices with fingerprint scanners. Voters will touch the scanner and an electronic ballot paper will appear for the voters to select their candidate from. As an added security, polling centres can be kept under continuous video surveillance with live streaming so that anybody in the world can watch the event. The system will count the votes as it happens and when the voting is over at 5 pm, trigger an event publishing the result on the website. In a blockchain system, since each node has a copy of all the transactions, the system transparent and impossible to manipulate. Election-related corruption such as cheating during counting, forcing the presiding and returning officers and any other foul play will be a story of the past. The system can still be rigged by forcing somebody to the polling centre and compelling the voter to vote for a particular candidate. But such a process is not practical for mass rigging and would be as futile as forcing somebody to extract money out of ATM machines. Moreover, as discussed before, keeping the polling centre under constant video surveillance with live streaming would make such an attempt even more impractical.
Now, what is the probability of a successful cyberattack on an online voting system that can bring it down or steal election results? There is no exact statistics for that, but we can compare this with something similar. A survey of security executives at 275 global banks by Accenture revealed that banks suffer an average of 85 attempted serious cyberattacks a year, and one-third (28) of them are successful. The number of transactions that happens in a bank each year is in the range of millions, 28 damaging attacks in 1 million transactions is about 0.0027%. If the Online Voting System is just as secure as an online banking system, then we can logically infer that a successful cyberattack on the system which is capable of changing the result would be an extremely rare event.
Any avid reader might ask the question if Online Voting System is that simple and elegant then why it has not been adopted widely, especially by the developed nations. A valid question. There are some reasons behind that. Manual voting systems with paper ballots in the developed countries are working fine, with very high accuracy and fairness, hence the need for an online voting system is not that intense. Election systems are guided by legal principles which ask for 100 percent accuracy (i.e. beyond doubt). The voting process with paper ballots, in theory, confirms that level of accuracy. No computer system in the world can ever guarantee 100 percent accuracy in papers, because computers can fail, websites can be hacked, servers can be down etc. But that is in theory only, in practice computers have always performed better than manual processes; auto-piloted passenger aircraft and robotic brain surgery can be cited as examples where we demand 100 percent precision but have engaged computers to do that. Matt Blaze, a law professor and computer scientist at Georgetown University said, "The entire banking industry is based on the premise that if fraud occurs, it can be reversed, that's not true with election. If the wrong person wins an election and takes office, there is essentially nothing you can do about it if you discover six months down the line the wrong person was sworn in." Electing the wrong person because of a computer fault is possible, but considering the statistical probability (0.0027 percent) of such an incident, the risk is negligible. Smart devices of the voter can be infected with malware and viruses and can have other security issues compromising the election results -- true but again risk wise if we look into banking systems, where similar online processes are used for financial transactions, chances of something going wrong is extremely low. Anonymity and verifiability are crucial security requirements for voting but achieving both of them at the same time looks paradoxical. This paradox can be resolved by blockchain as it can ensure anonymity as well as verifiability at the same time.
There are two technical challenges for which many IT experts hesitate to introduce blockchain-based voting systems. Any information stored in blockchain is transparent which poses a risk towards exposure of personal information, and during the voting time, a huge number of votes are cast resulting in high concurrency and because of complex consensus mechanisms, the performance of the voting system may not cater for the high volume of transactions during peak voting hours. Both of these issues are true but can be easily mitigated by smart software design and by choosing appropriate data structure and algorithm.
The system discussed so far can alleviate the impasse that Bangladesh is now passing through in the realms of election. Mass rigging with ballot box theft, capturing polling stations, scaring people away from voting centres is not possible in an Online Voting System. There are some cyber security issues no doubt, but other similar systems such as banking, share trading, ecommerce and tax collection are now online and successfully doing business. Considering the current state of digitalization in Bangladesh, if serious attempts are made, an online voting system can be launched within 6-8 months. This is such a crucial juncture in our history that, now the Government of Bangladesh and the Election Commission might think about it proactively -- for the sake of the country.
The writer is a senior IT specialist in the Australian public service.
Comments