Why blockchains don’t solve the voting problem. Part 1/833837
Large-scale voting requires a number of complicated properties. People need to be assured that their vote will be accurately recorded and counted. But votes also have to remain secret.
Large-scale voting requires a number of complicated properties. People need to be assured that their vote will be accurately recorded and counted. But votes also have to remain secret.
On top of that you need to deal with the problem of coercion. Someone could threaten (or pay) you to vote a certain way, and—while no voting system can absolutely prevent this—it should at least be the case that they can’t prove you didn’t do what they wanted.
To make everything worse, you have to do this all in an environment where the majority of voters are highly non-technical and still don’t know how to set the clock in their VCR (which they still use), and many election judges are similar if not less tech-fluent.
Given all these facts it should be obvious why elections have historically used pre-printed paper ballots, and don’t let you take home a receipt (other than “I voted”) or let you bring your friend into the booth with you.
So you’re going to tackle this with “blockchain”. Which means you had one problem, now you’re going to have several problems.
Let’s forget about blockchains altogether, because they solve only one small part (storage) of a much more complicated problem.
The first problem you have is that you’ve introduced computers. They are very bad.
The first problem you have is that you’ve introduced computers. They are very bad.
That is to say, computers mean that you now have the possibility that the actual vote recorded will not be the vote you intended. With physical paper ballots you can check this. But blockchains mean no paper. So you need an audit procedure.
Well that’s ok. You’ve got a blockchain, right? Post the vote to the blockchain and tell the user where it is. Leaving aside the issues with trusting that software, or the fact that 90% of Americans are now clamoring for your head on a platter, now you’ve got a coercion problem.
If I can verify that my vote was correctly recorded, then your local mob boss can also use my receipt to verify the same thing.
But research cryptographers are brilliant, you say. Surely David Chaum or someone has figured out a clever way to make voting receipts that allow me to verify my vote without allowing the mob boss to do so.
And you’d be right! We have entire conferences worth of papers like this. Just google “coercion-free electronic elections”. Here’s a bit of literally the first one I found on Google. 
Your new protocol involves issuing smartcards to voters, who must now submit Elgamal ciphertexts and engage in an anti-coercion protocol. You are now living in a bunker, surrounded by angry mobs.
But you’ve achieved anti-coercion. You see, when the mob boss tries to get you to prove how you voted all you need to do is take the following actions...
Ok, I don’t mean to pick on this one paper. They are all similarly complicated. The problem is that crypto voting is hard when you don’t need secrecy or coercion-resistance. It gets positively nightmarish when you try to add that stuff.
Anyway, notice that the one thing I haven’t addressed in this is the blockchain itself! Because it turns out that all the hard parts don’t involve auditable storage. And you have to solve all those other parts specifically because you decided to go down this road.
• • •
Missing some Tweet in this thread? You can try to
force a refresh
