How A New Device Makes Online Voting Secure, Even If Hackers Take Over Citizens’ Computers

Greg Ferenstein
The Ferenstein Wire
3 min readMay 21, 2015


A team of researchers have developed a hacker resistant device that could bring online voting to America [PDF]. A prototype pin-pad device the size of a credit card, DuVote, reportedly allows citizens securely vote in elections, even if their computer is completely controlled by nefarious hackers.

The technique is divide knowledge of the user’s choice between multiple devices, each with their own unique security. A voting website contains names of candidates, but the hacker-resistant pin-pad device, which never connects to the Internet, contains a list of secret digits associated with each name.

Rather than enter in the name of a candidate on a website, the user inputs a secret code from the DuVote. Even if a hacker completely controlled a citizen’s computer, and could change the name of a candidate entered on a website unbeknownst to the user, the malicious software wouldn’t know which digits to enter.

“In simple terms the credit card sized device helps to divide the security sensitive tasks between your computer and the device in a way that neither your computer nor the device learns how you voted,” explains The University of Birmingham, Gurchetan Grewal, to me in an email.

What If A Hacker controls the DuVote and The Citizens Computer?

The DuVote is protective against a variety of nightmare scenarios, including if hackers manage to infiltrate both the DuVote and a user’s computer.

The process includes a 100% hacker-proof technique: a coin flip. On the voting website, citizens are given two columns of random digits to choose from and asked to flip a coin, which decides which column of digits they enter into the DuVote. For instance, if a coin flips heads and the citizen wants to elect Alice, she inputs all of the digits in column A into the DuVote and just top right cell of Column B “7970” (and vice-verse if it lands tails).

If a hacker managed to control the computer and the DuVote, the malicious software wouldn’t know the outcome of the coin flip and could end up guessing the wrong column. “That will cause the vote to be rejected,” explained co-author Mark Ryan. So, the vote gets rejected and it could alert authorities to tampering.

There are already a few countries with online voting, most notably Estonia. But, Estonia has a national ID system that allows the federal government to regularly correspond with its citizens on a variety of sensitive issues. Americans are hesitant to adopt a federal national ID, making secure government interaction more difficult.

Short of adopting a national ID, the DuVote could be an alternative, and bring us one step closer to online voting.