当前位置:
X-MOL 学术
›
Journal of Cybersecurity
›
论文详情
Our official English website, www.x-mol.net, welcomes your
feedback! (Note: you will need to create a separate account there.)
Going from bad to worse: from Internet voting to blockchain voting
Journal of Cybersecurity ( IF 2.9 ) Pub Date : 2021-02-19 , DOI: 10.1093/cybsec/tyaa025 Sunoo Park 1, 2 , Michael Specter 3 , Neha Narula 1 , Ronald L Rivest 4
Journal of Cybersecurity ( IF 2.9 ) Pub Date : 2021-02-19 , DOI: 10.1093/cybsec/tyaa025 Sunoo Park 1, 2 , Michael Specter 3 , Neha Narula 1 , Ronald L Rivest 4
Affiliation
Voters are understandably concerned about election security. News reports of possible election interference by foreign powers, of unauthorized voting, of voter disenfranchisement, and of technological failures call into question the integrity of elections worldwide. This article examines the suggestions that “voting over the Internet” or “voting on the blockchain” would increase election security, and finds such claims to be wanting and misleading. While current election systems are far from perfect, Internet- and blockchain-based voting would greatly increase the risk of undetectable, nation-scale election failures. Online voting may seem appealing: voting from a computer or smartphone may seem convenient and accessible. However, studies have been inconclusive, showing that online voting may have little to no effect on turnout in practice, and it may even increase disenfranchisement. More importantly, given the current state of computer security, any turnout increase derived from Internet- or blockchain-based voting would come at the cost of losing meaningful assurance that votes have been counted as they were cast, and not undetectably altered or discarded. This state of affairs will continue as long as standard tactics such as malware, zero day, and denial-of-service attacks continue to be effective. This article analyzes and systematizes prior research on the security risks of online and electronic voting, and shows that not only do these risks persist in blockchain-based voting systems, but blockchains may introduce ‘additional’ problems for voting systems. Finally, we suggest questions for critically assessing security risks of new voting system proposals.
中文翻译:
越来越糟:从互联网投票到区块链投票
选民对选举安全的担忧是可以理解的。有关外国势力可能干预选举、未经授权的投票、选民被剥夺选举权和技术故障的新闻报道,对全球选举的完整性提出了质疑。本文研究了“在互联网上投票”或“在区块链上投票”会提高选举安全性的建议,并发现这些说法是缺乏和误导性的。虽然目前的选举系统远非完美,但基于互联网和区块链的投票将大大增加无法察觉的全国范围内选举失败的风险。在线投票似乎很有吸引力:通过计算机或智能手机进行投票似乎很方便且易于访问。然而,研究一直没有定论,表明在线投票在实践中可能对投票率几乎没有影响,它甚至可能增加被剥夺权利的情况。更重要的是,鉴于当前的计算机安全状态,任何来自互联网或基于区块链的投票的投票率增加都将以失去有意义的保证为代价,即投票在投票时已被计入,而不是不可察觉的更改或丢弃。只要恶意软件、零日攻击和拒绝服务攻击等标准策略继续有效,这种情况就会继续存在。本文分析和系统化了先前关于在线和电子投票的安全风险的研究,并表明这些风险不仅存在于基于区块链的投票系统中,而且区块链可能会给投票系统带来“额外的”问题。最后,我们提出了对新投票系统提案的安全风险进行批判性评估的问题。
更新日期:2021-02-19
中文翻译:
越来越糟:从互联网投票到区块链投票
选民对选举安全的担忧是可以理解的。有关外国势力可能干预选举、未经授权的投票、选民被剥夺选举权和技术故障的新闻报道,对全球选举的完整性提出了质疑。本文研究了“在互联网上投票”或“在区块链上投票”会提高选举安全性的建议,并发现这些说法是缺乏和误导性的。虽然目前的选举系统远非完美,但基于互联网和区块链的投票将大大增加无法察觉的全国范围内选举失败的风险。在线投票似乎很有吸引力:通过计算机或智能手机进行投票似乎很方便且易于访问。然而,研究一直没有定论,表明在线投票在实践中可能对投票率几乎没有影响,它甚至可能增加被剥夺权利的情况。更重要的是,鉴于当前的计算机安全状态,任何来自互联网或基于区块链的投票的投票率增加都将以失去有意义的保证为代价,即投票在投票时已被计入,而不是不可察觉的更改或丢弃。只要恶意软件、零日攻击和拒绝服务攻击等标准策略继续有效,这种情况就会继续存在。本文分析和系统化了先前关于在线和电子投票的安全风险的研究,并表明这些风险不仅存在于基于区块链的投票系统中,而且区块链可能会给投票系统带来“额外的”问题。最后,我们提出了对新投票系统提案的安全风险进行批判性评估的问题。
京公网安备 11010802027423号