Devs Criticize Russian Blockchain Elections, Gov’t Claims ‘No Hitches’
The Russian elections commission said that the blockchain-powered mobile voting platform used in two by-elections yesterday voting was a success – but experts in the country appear to disagree with the Kremlin about the kind of technology the system should use.
Per Kommersant, the Minister of Digital Development, Communications and Mass Media, Maksut Shadayev, claimed that two by-elections, held in the Yaroslavl and Kursk oblasts, experienced “no significant technical failures” over the three-day period where it was operational. The Central Elections Commission said it is confident that the system’s security is high.
Blockchain-powered voting via smartphone and PC has become a pressing issue in Russia this year, where it has been used at a local level in Moscow public votes, as well as in two testbed sites – the capital and Nizhniy Novgorod for a referendum in summer.
The government said it intends to roll out blockchain voting for next year’s parliamentary general election – and is using a platform constructed by long-distance telephony provider Rostelecom, which is majority-owned by the Russian state.
The only issue experienced in yesterday’s by-elections, the minister stated, was a minor problem connected with a user attempting to access the platform using an outdated web browser.
However, a number of leading developers in the country have criticized the platform, claiming that it is not a proper decentralized blockchain network, as it is hosted on Rostelecom servers.
The operator has posted its source code on the GitHub repository, but developers were quick to comment that the platform exhibits data vulnerability problems, with some claiming that it would be relatively easy to uncover the identity of voters and even discover how they had voted.
The media outlet quoted Sergei Aksenov, head of server software development at developer FunCorp, as stating,
“The voting process itself takes place on Rostelecom’s servers. As such, there is nothing to prevent [operators] from […] adding a number of votes, and then rewriting the entire blockchain and getting any desired result. The encryption, electronic signature and data storage mechanisms used would not prevent this at all.”
Another professional developer stated that the algorithms used in the platform’s cryptographic protection system were “unreliable,” as only encryption algorithms approved by the Russian intelligence agency, the Federal Security Service (FSB), can be used on state platforms.
The expert added that the Rostelecom algorithms used in the blockchain voting system conformed to an outdated and obsolete security standard.
Passport Data of 1M Russian Blockchchain Voters ‘Available Online’
Kaspersky Launches Blockchain-powered Voting Platform
Blockchains Won't Fix Voting Security – and Could Make it Worse