Encryption and Its Role in Election Security

The security of the United States’ electoral process has come into question from a number of different angles. On the one hand, the increase in mail-in voting due to COVID-19 has caused some politicians to call the validity of the election into question. This is largely based upon unsupported allegations of widespread fraudulent use of absentee ballots.

On the other hand, the electronic voting machines that are in widespread usage and are the predominant method by which US voters cast their votes have a number of known security issues. Assessments of the security of over 100 voting machines at the 2019 DEFCON conference found that all of them contained exploitable vulnerabilities.

Applying Cryptography to Election Security Threats

The security of the US election infrastructure is a vital concern, and cryptographic algorithms have a number of potential applications for voting machine security. The CIA Triad (confidentiality, integrity, and authenticity) outline the primary goals of cryptographic algorithms, and all of these apply to election infrastructure.

Confidentiality: Revealed Votes

One of the key components of a fair election process is the ability for voters to cast their ballots in secret. If the individual votes within an election are not confidential, then the potential exists for coercion or blackmail to impact the results of the election.

Ensuring data confidentiality is the primary goal of an encryption algorithm. Homomorphic encryption algorithms enable algebraic operations to be performed on encrypted data without revealing the data itself. This can be applied to election infrastructure by enabling ballots to be encrypted and tallied without revealing their actual contents.

Integrity: Voting Machine Glitches

Voting machines are computers, and computers have the potential for software bugs or glitches that impact their operation. This is not even a theoretical threat to the integrity of the electronic voting systems in use today.

In a 2019 Pennsylvania election, a voter reported that a touchscreen voting system was acting oddly and not properly recording her votes. Analysis of the paper trail associated with this machine determined that a candidate for whom the machine recorded a total of 15 votes actually won the election by over 1,000. Despite this potential issue with the integrity of electronic storage, 12% of voters use electronic voting machines with no paper backup.

Cryptographic tools such as hash algorithms, digital signatures, and message authentication codes (MACs) are designed to protect the integrity of data by alerting if any modifications have been performed. The use of one of these solutions (potentially stored separately from votes or provided on a receipt to voters) could help to detect issues that affect the accuracy of the vote.

Authenticity: Modified Votes

The most significant threat to the integrity of the US electoral process is the potential for votes to be modified in a way that impacts the result of the election. The potential for this to occur has been demonstrated in numerous ways, including a study that found that 94% of voters didn’t notice that their votes had been changed between a touchscreen system and the associated paper record.

Authenticating the identity of a message sender is one of the primary goals of digital signature algorithms. Voters issued identification cards with digital certificates stored on them could generate a digital signature as part of the voting process. If their ballot or vote was modified in any way, the signature would not be valid, making the tampering easily detectable.

Securing US Elections with Cryptography

That the US elections infrastructure has security issues is unquestionable. Numerous assessments have demonstrated that voting machines violate fundamental cybersecurity best practices. However, US law limits security researchers’ ability to perform testing of voting machines, and some voting machine manufacturers are pushing to make tests that they have not authorized (and where they cannot control the distribution of the results) illegal.

Despite these issues, options exist for improving the security of US elections. Maybe one day, the US will use modern encryption solutions to bolster election security.