In the aftermath of the 2016 presidential election, election security quickly became one of the hottest political and cybersecurity research topics. The growing unease that foreign and other adversaries might meddle in our digital voting infrastructure gave way to a growing chorus among some experts to disband digital voting technology altogether and revert to paper ballots.
Six top-tier information security experts issued an alarming report about what they had discovered when they took apart voting machines at DEF CON’s Voting Village last year. They found dozens of severe vulnerabilities in a range of voting equipment, including one in a device from top voting technology supplier Election Systems & Software that could allow an attacker to remotely hijack the system over a network and alter the vote count.
One of those experts, Georgetown University professor and noted cryptographer Matt Blaze, told attendees at this year’s annual Shmoocon conference that in the 20 years he has been studying election security, “it is the hardest security problem I’ve ever encountered.”
Voting secrecy versus transparency
Part of this hard problem is that some voting requirements contradict each other in the inherent tension between the need for secrecy and the need for transparency. “You must not be able to discover someone’s vote,” Blaze said. But at the same time, “You want to be confident that your vote counted,” he added. Moreover, there are no “do-overs” after an election because of requirements that vote totals be certified by a certain date.
On top of that, there are 54 different sets of elections laws in the country. More than 5,000 counties run elections, and voting takes place in hundreds of thousands of neighborhoods. Complicating the situation further, a new dimension in the threat landscape appeared during the 2016 election: nation-state actors, which brings the firepower of foreign intelligence agencies into the mix. Long gone are the simpler days of someone trying to steal the local dog-catcher election.