Blockchain & Voting
The electoral process is an important part in Democracy. It is when all the citizens are expected to come together as a nation and make a decision for their future. Therefore,while voting is a responsibility citizens are to fulfill, the sanctity of the process to uphold universal adult franchise and secret ballot, devoid of any discrimination between caste,gender, race and religion must be preserved. In our country with more than 91 crore eligible voters, steps taken to increase transparency of the entire electoral process with proper checks and balances are necessary and have contributed to rise of voter turnout.It is imperative that we continue to follow the due deliberations which are crucial towards strengthening our democracy.
This massive exercise has its own challenges. The entire process consists of generating the electoral rolls, managing booths and constituencies, polling, and counting the votes later - each step, individually complex and as a whole even more so. Is there a role for technology here ? Electronic Voting Machines (EVMs) have been introduced for just this purpose. Following this, highly debated and controversial proposals such as bio metric authentication, online voting, facial recognition, etc are being discussed, of which 'Blockchain' is the latest.
What is Blockchain ?
Blockchain is a kind of data storage, to which data can only be added but not changed or deleted. Data in blockchain is divided into 'blocks' which are linked together. Each block contains a reference to the next one. That block in turn contains a reference to the block following it - So, a chain of linked blocks. In the case of blockchain based cryptocurrencies such as Bitcoin, the blocks are comprised of transactions. The key point is that this chain isn't just stored in one place, it is distributed amongst many computers. Every participant has a complete copy of the chain. Whenever a new block is created ('mined' in the case of bitcoin), it is validated by everybody else i n the network.If it is indeed deemed valid, then we say, a 'consensus' has been reached. The strength of blockchain as its proponents claim is that, because of this consensus, even if one copy of the chain is tampered with, all other copies are still intact and despite any such faults or attacks, data can be still verified.
Let us consider a simple example. Anita, Bashar, Chandrika, David are all participating in blockchain transactions. If Anita sends 10 rs to David, a new block is created. This block is then stored in all devices. When Bashar send 20 rs to Chandrika, this creates an other block which is then tagged on to the previous block. In this way, they continue to build up an uninterrupted chain of blocks. Every time a block is created and a link is established, it is cross checked amongst all the devices participating in the blockchain.If one of the devices sends corrupted data or establishes a faulty link, it will be rejected by the rest and termed as invalid. If it is accepted by every device, then a consensus has been reached.
So, Blockchain is being trusted because, of the consensus built by the majority. This appeal is the reason why blockchain is being used not only as a cryptocurrency but also in supply chain management systems, legal smart contracts, storing health data, etc.Around the world, blockchain is being touted as a secure solution to the problem of online and electronic voting, with initial experiments done in the USA and Russia notably. In a similar vein, the Election Commission recently conducted a series of webinars discussing the potential applications of blockchain for voting in India [1]. In Telangana too, blockchain is proposed for the new land records management system -Dharani Portal [2] and was explored for the purpose of recently held GHMC elections [3] Recently, the Central Election Commission has declared that ‘Mock-Trails’ for blockchain and bio metric based remote voting would begin soon [4] Increasing voter turnout,improving the security of the voting process and the storage of votes, easier verifiable counting, and most of all, remote voting - Is blockchain the appropriate solution for the many issues we face in the electoral process ?.
Is Blockchain the solution ?
Across the world, critical examinations have been conducted on Blockchain for the purpose of voting. Notable of which include a recent paper by researchers from MITCSAIL lab [5] including Ronald L Rivest who is one of designers of the widely used encryption algorithm RSA and an analysis by Bruce Schneier, one of the leading experts in computer security [6]. Let us look at some of the concerns regarding various aspects of the electoral process under a blockchain implementation.
Outline of the Blockchain implementation for Voting
In a blockchain implementation for voting, the votes cast by the citizens are grouped together into blocks and these blocks are linked together in a chain. This requires several nodes connected by a single network. If the votes can be cast anywhere and any device is permitted to form a block then, this forms a ‘non-permissioned’ blockchain. On the other hand, if only a certain white-listed devices are allowed to register votes and form the blocks, this will be called as a ‘permissioned’ blockchain approach. In a non-permissioned blockchain approach, voters can vote from their own devices and in a permissioned blockchain approach, they would have to go to a specific location to vote.In both these approaches, the blocks containing the votes of the citizens must be stored in all the nodes and every time a block is created, it must be validated by all the nodes.
Issue of Secret Ballot, Consensus& Verifiability in Blockchain Implementation
When we go to a polling booth and exercise our vote, only we must know the details of the vote cast. Secret ballot provides citizens, protection from voter intimidation and coercion. It allows them to exercise their right and prevents large-scale electoral fraud.
In a Blockchain, the data is stored in the blocks across multiple nodes where the validity of the contents must be cross checked to maintain its integrity. So, the votes cast by citizens will be visible to anyone who has the access to the chain. This approach precludes the possibility of a secret ballot which is integral to our electoral process.
There is a possibility of using a limited number of white-listed nodes along with a‘permissioned’ blockchain. In this approach, While the ballot data is only permitted to be shared among a few nodes, if enough such nodes are compromised, this would lead to compromising the entire election. This is because, the entire integrity of the blockchain rests on the fact that the majority of the nodes are not tampered with.Blockchain’s foundation relies on building such a consensus and if the foundation itself is shaky, the whole exercise will be akin to building tall towers in the clouds. This possibility leads to a crisis that is far worse than Booth tampering because it results in a systemic breakdown and not just a localised failure.
In the electoral process, we must ensure every voter that their vote is counted in the ballot without which the confidence of the citizens on the process is impossible to establish. Presently, it is unclear how a blockchain implementation can ensure a voter-verifiable ballot.
Network Vulnerabilities
As we have discussed above, the blockchain implementation requires nodes to be with in a shared network. One of the problems in a network based approach is a denial of service attack (DDOS) where the nodes cannot reach each other and communicate. Such a DDOS attack can prove fatal because, the blockchain implementation cannot build a consensus without the other nodes and a failure to build consensus would lead to mass disenfranchisement. Blockchain technology itself contains no contingencies or safeguards if it is subject to a DDOS attack.
As all the nodes must communicate, a Man-In-the-Middle (MITM) attack can be used to corrupt the information transfer between the nodes and also impersonate nodes to artificially control the majority and thereby the consensus process.
Data Leaks
We are yet to see a Data Protection regulation in India. The proposed bill is weak,creates a scope for mass surveillance, and is susceptible to the exploitation of citizens' data [7]. Without a robust data protection regulation, the government has already proceeded with various schemes and applications which gather significant amounts of data from the citizens. We have also seen numerous data leaks from the leaking of Aadhar information [8] - with caste, gender, religion data, MNREGA data [9], even the data of lakhs of pregnant women! [10]. The leak of the 'Vahan' database was used to target communities in the recent Delhi communal riots [11]. Lakhs of voter names were deleted from the voter rolls in Telangana [12]. The Aarogya Setu app which was the official govt COVID contact tracing app has been found to have numerous CVE (common vulnerabilities and exposures) [13] which were not fixed before being deployed and installed by a large number of people. Hyderabad is fast becoming the most surveilled city in the word (first in India !) [14] with a humongous network of CCTV cameras and an impatient push towards an omnipresent facial recognition technology (FRT)15 while there is an increasing demand in many cities to ban that technology [16] because of bias,security, and privacy issues. FRT also features in the blockchain based voting system proposed by the Central Election Commission.
Known Failures & Examples
Popular blockchain cryptocurrencies - Bitcoin [17] and Ethereum [18] have been critically attacked multiple times resulting in considerable loss to the holders of these currencies.Ethereum's attack is called a 51% attack - That means that the attacker is able to control51% of the Ethereum accounts and therefore control the entire network. The recent implementations of blockchain voting - Russia [19] (Based on Ethereum) and the USA [20] have been analyzed and found to be prone to attack and manipulation.
Threats in applying Blockchain to Voting compared to other use cases
All the other applications and potential use cases for blockchain have within them, a capacity to absorb risk. If a transaction fails in a financial system, the bank has contingencies to absorb the failure and the risk associated with it. If a module in a supply chain management system is compromised, again there are steps and precautions. Voting is certainly not like that. If your vote is missed or wrongly stored, it is immutable after the election is completed. It does not matter if it was a technological or human error. The impact of a failure from a blockchain system in voting can be irreversible and catastrophic.
Any blockchain implementation of the voting process must ensure a secret, voter-verifiable ballot. It must be secure from network based attacks while providing reliable contingencies in case of attacks. It must also address the possibility of data leaks and provide necessary safeguards. It must be transparent and auditable. While technology can surely help the electoral process, we cannot compromise the sanctity of the electoral process. Any implementations disrupting fair and transparent electoral process are not only hasty but also pose a threat to universal adult franchise and prove to be detrimental to our democracy.
Written by Ganesh K and Shashikanth P