Tue Dec 23, 6:50 PM ET

WASHINGTON – Election ballots could be safely distributed electronically to Americans overseas, but getting their votes back securely could present problems, a study released Wednesday says.

It is difficult to ensure that an electronic ballot is from a registered voter and has not been changed en route, while still protecting the individual's privacy, the National Institute of Standards and Technology said in the study.

Currently most ballots are sent and returned by postal or military mail, which can take time. A few states distribute blank ballots by fax or e-mail.

The study, requested by the Election Assistance Commission, looks at the possibility of handling overseas voting by telephone, fax, e-mail and through the Internet.

Fax, e-mail and the Internet all could be used to deliver blank ballots, the study concludes, significantly reducing delivery times. Procedures could be instituted to reduce any threats to such programs, the report said.

But getting the votes back in a secure fashion would be a larger problem that needs to be studied, it said.

• Telephone: Voting by telephone presents a number of security challenges, the study concluded. Since a voter couldn't sign the ballot, officials would have to find another way to authenticate the vote, such as using a PIN, or personal identification number, although that could be stolen.

• Fax: Returning a ballot by fax raises questions about maintaining voter privacy and how the ballot could be protected from tampering.

• E-mail: Voting by e-mail requires several different computer systems to transfer the ballot. Since the systems would not be controlled by election officials they could be attacked to block movement of the ballot, or to tamper with it.

• Internet: Voting on a Web page means "a great deal of trust must be placed in the software on the election server to accurately record votes, as there would be no opportunity for voters to directly verify that their ballots have been recorded correctly," the report said. Like e-mail voting systems, a Web-based system also would rely on computer systems outside the control of election officials. "Attacks on these systems, such as voters' computers, could significantly threaten the integrity of elections or the ability of voters to cast ballots," the report added.

In addition, voters could be tricked into giving up their voting credentials.

The report noted that such attacks are common in the banking industry, and difficult to defend against.

"There have been and continue to be significant problems in this industry," the report said. "Technology that is widely deployed today is not able to mitigate many of the threats to casting ballots via the Web."

___

On the Net:

NIST: http://www.nist.gov

Election Assistance Commission: http://www.eac.gov





Article: HERE

                                       

Thu Dec 11, 12:01 PM ET