Can blockchain be used to implement anonymous and fraud-proof voting?

Philip Greenspun's Weblog 2017-07-16

A good proportion of the American media and Facebook over the past few months seems to have been devoted to concerns about U.S. election integrity.

Lyndon Johnson was apparently elected to the Senate in 1948 through fraud (see “Were American politics better 50 years ago?“). Maybe it isn’t crazy to worry that today’s politicians are also getting elected either due to money-driven fraud or Russian meddling.

I’m wondering if readers who have thought about the latest blockchain technologies can help me out here…

What if every American citizen had an electronic ID card (see Estonia: Tough campaign stop for Bernie Sanders for a reference to one system)? Then could we trivially develop a blockchain-based voting system where anyone interested could verify the vote tallies? But it wouldn’t be anonymous, right? Or maybe it could be pseudonymous? People would somehow be able to verify that the issued personal ID codes were valid but not tie them to individual identities? But now it isn’t in fact verifiable because how do we know that a Russian isn’t generating IDs and then voting for Trump (one thing that I learned: Russians love Trump!)?

If there is no way to use blockchain and keep voting anonymous, maybe we give up anonymous voting? (see “Get rid of the secret ballot?“) Through the miracle of Facebook, political sentiment isn’t truly anonymous anymore.

Maybe we could use blockchain and Estonian-style electronic IDs to address concerns about voting by dead people, non-citizens, etc. Checking people into a polling station could be done using blockchain and then anyone interested could verify to see who had voted. After that, if the concern is Russian manipulation of voting machines… what about having three voting machines at every polling station? One machine could be Windows-based, another Android-based, and the third one iOS-based. Have each voter vote three times. The machines upload data to three separate server farms, again running a diversity of operating systems. Can Russian hackers compromise, without detection, three entirely separate systems?

Readers: Is there anything we can do to stop these endless rounds of hand-wringing?