学术文献库

Voting by mail has been gaining traction for decades in the United States and has emerged as the preferred voting method during the COVID-19 pandemic. In this paper, we examine the security of electronic systems used in the process of voting by mail, including online voter registration and online ballot tracking systems. The goals of these systems, to facilitate voter registration and increase public confidence in elections, are laudable. They indisputably provide a critical public good. It is for these reasons that understanding the security and privacy posture of the mail-in voting process is paramount. We find that online voter registration systems in some states have vulnerabilities that allow adversaries to alter or effectively prevent a voter's registration. We additionally find that ballot tracking systems raise serious privacy questions surrounding ease of access to voter data. While the vulnerabilities discussed here are unlikely to enable an adversary to modify votes, several could have the effect of disenfranchising voters and reducing voter confidence in U.S. elections infrastructure, thereby undermining the very purpose of these systems.