Online voting is one step closer thanks to a breakthrough in security technology

Researchers at the University of Birmingham have developed technology that allows people to vote online - even if they suspect that their home computers are infected with viruses.

Influenced by security devices issued by some banks, the Birmingham data protection research team led by Prof. Mark Ryan developed a system that allows people to vote using independent high-tech devices linked to their personal computers.

The new technology has made a fresh contribution to the discussion on the issue of e-voting, which can be used at the General Election 2020-2025.
')
Professor Ryan said: “This system works using a credit card-sized device, similar to the devices used in online banking. It is called Du-Vote and has been developed by us for 2 years. From the point of view of the voter, it's simple: you get the code on the device and enter it on the computer.
The main advantage of the system is that it divides the protection between an independent device and the voter's computer, or its mobile device. A computer is a very powerful, versatile machine that processes billions of lines of code that no one can fully understand, while an independent security device has a much smaller basic code and is not susceptible to viruses. ”

Online voting is conducted in accordance with the requirements of special security, due to the possibility of unauthorized interference in this process by foreign governments, criminal groups or petty fraudsters. Approximately 20–40% of personal computers are infected with malware, and special malware aimed at the voting process can be designed to change the number of votes or violate the secrecy of the vote.

Gurchetan Gryuval, who is a member of the project team and recently completed a PHD in the online voting in Birmingham, said: the computer. For example, the system in Estonia, where electronic voting has already been introduced, did not cope with the manipulation of votes and the secrecy of the vote. ”

The system developed in Birmingham allows you to bypass and detect malicious software using a separate security device. In addition, it achieved even more protection than the devices used by banks.

Paradoxically, the researchers succeeded by proving that even if the attacker controls the entire computer infrastructure, voters and officials can prevent fraudulent actions by voting.

A research paper entitled “Du-Vote: Remote E-Voting from Unverified Computers” will be presented at the 28th Symposium on Computer Security Basics in Verona, Italy, in July.