The concept of online voting appeals to many aspects of modern society as universities, businesses and communities want to hear from their members, who are often geographically separated or unwilling to present themselves to place a physical vote. However, the risks of making critical choices online are also high, with large-scale online voting opening up vast opportunities for cybercriminals to manipulate the results. At Cyber Security Weekend, a panel of experts from Kaspersky Lab, Agriledger and Richtopia gathered together to discuss how we can secure the process and make sure that our votes aren’t changed or altered by an external or internal party.
During the panel, Kaspersky Lab unveiled the experimental project called “Polys”, a new commercial solution created by a team of developers from the Business Incubator, which aims to provide anyone with the ability to conduct secure, anonymous and scalable online voting with results that cannot be altered by participants or organisers.
Vartan Minasyan, Head of Investment and Innovation at Kaspersky Lab, comments: “In our Kaspersky Lab Business Incubator we’re supporting both internal and external teams in developing bright ideas and technologies, which can be implemented in various areas where safety and security are important. One such area is online voting and, when exploring the possible implementations of blockchain in particular, our team realised that this technology combined with the company’s cybersecurity expertise could solve key problems related to the privacy, transparency and security of online voting. We’re excited that we have been able to create a suitable environment for this internal innovation.”
Polys is based on smart contracts in Ethereum (sometimes referred to as Blockchain 2.0) which allows ballot verification and vote tallies to be performed in a decentralised manner. The security benefits of a blockchain vote are significant:
- Due to blockchain’s decentralised nature, the accuracy of voting execution can be verified by the network’s participants. The whole voting data is stored not on servers, but in information blocks on the computers of all network participants. To erase it, a hacker would have to breach all of the computers and gain access to the individual sets of data.
- Blockchain allows a voter to check if their vote has actually been registered correctly and any tampering of votes will automatically become evident.
- Blockchain transparency makes it easier to monitor vote and complete voting audits by independent parties.
- Finally, it doesn’t require extra resources or the need for the physical presence of personnel
An additional innovation of the Polys solution is that it eliminates the limitations inherent in other blockchain solutions:
- Within the Polys voting system, blockchain is encrypted and backed up with mathematical algorithms. These help ensure anonymity, hide intermediate results and perform calculations on the encrypted data, which is something that can’t be done in other blockchain systems due to its distributed and open nature.
- The source code of Polys is publically available – allowing any blockchain enthusiast, penetration tester or e-voting supporter to test, verify and explore the technology behind it on GitHub
Jutta Steiner, Co-founder of Parity Technologies, a supporter and consultant on the project, comments: “Parity Technologies is excited to be involved with Polys as their platform of choice for such an innovative project. Blockchain is increasingly being implemented by a vast number of industries and we believe that decentralising the voting procedure will ensure a fair process and create a high level of trust in the system.”
For those eager to try the service, there is a freemium offering, available to everyone and simple to set up. Polys also offers a customised platform that is fully scalable with capacity for thousands of voters and can be tailored to specific requirements in terms of authorisation, interface design and integration with other services.