Even as voters gear up to stand in queue for Britain’s upcoming general election this month, researchers, including one of Indian-origin, have developed a technique to allow people to vote online – even if their home computers are suspected of being infected with viruses.
Taking inspiration from the security devices issued by some banks, Gurchetan Grewal and colleagues from the University of Birmingham have developed a system that allows people to vote by employing independent hardware devices in conjunction with their personal computers.
“This is currently the only piece of work that addresses a core problem of e-voting – namely, that someone may have viruses or other malware on their computer,” noted Grewal, who is part of the project team and recently completed his doctorate in online voting at Birmingham.
The new technique offers a fresh contribution to the debate surrounding e-voting and could be ready for use in time for the 2020 or 2025 general election, the study noted.
“This system works by employing a credit card-sized device similar to those used in online banking,” said lead researcher professor Mark Ryan.
“It is called Du-Vote, and we have been developing it over the past two years. From the voter’s perspective, it is straightforward: you receive a code on the device and type it back into the computer,” Ryan explained.
Online voting carries a strong security requirement because of the possibility of undetectable interference in an election by foreign governments, criminal gangs, or petty fraudsters.
Malware affects an estimated 20 percent to 40 percent of personal computers globally, and specific election-targeted malware could be developed to attempt to alter votes cast or compromise ballot secrecy.
“The main advantage of this system is that it splits the security between the independent security device and a voter’s computer or mobile device,” Ryan noted.
The research paper is scheduled to be presented at the 28th IEEE Computer Security Foundations Symposium in Verona, Italy, in July.