Email voting

Almost no one is advocating the use of email voting, due to its inherent insecurities. However, that doesn't mean that it's not currently being used in the status quo - 32 states are letting overseas and military voters vote remotely, via email, fax, or web. The security issue is exacerbated by the fact that email voting shares a lot of common properties with fax voting.

Infrastructure attack protection
All internet voting systems are vulnerable to denial-of-service attacks. There are defenses against these kind of attacks, but they can't stand up to an adversary given sufficient computing power. In the event of such a situation voters would have to vote in person (or by mail). The problem is made even worse by VBM because millions of emails can be sent to the voting email address. The problem is exacerbated if vote by email is only allowed on election day - there's no chance to revote.

Outsider hacking protection
Anyone can attack the server collecting emailed votes - "if the attackers are competent... there is essentially no chance that they will fail" Even if this isn't the case email might allow malware into the election network.

Malware and virus protection
This is a problem, and such malware would be easy to program - just create a virus that sends mail intended for the voting email address to the attacker's address where it can be tampered with. There's no verifiability either, so there's no solution.

Man in the middle attack protection
It would be very easy for someone to perform a man in the middle attack. Email is sent in the clear - it would be easy for someone who owns one of these routers to make a program that changes/deletes votes. Also, Yahoo, Google, or any other email provider could easily tamper with votes themselves - making election results depend on the niceness of corporations is a bad idea.

Insider attack protection
It's an issue that might be resolvable in part with enough resources (it's unlikely this will be so however.) Further, based on the scale of the other problems with email voting this isn't going to be a major issue.

Coercion resistance
Vote selling would be simple with an email voting system. Voters can just forward their ballot to the vote seller who will fill it out for them. Maybe the system could allow for re-voting, however? This point is kind of moot because it would be a lot more economical to just break into the system rather than bribe everyone.

Ensuring one person, one vote
I haven't seen much regarding passing keys out so I assume that that you can only vote once in theory - again, it's kind of a moot point though based on the insecurity of email voting in the other categories.

Counting and tallying accuracy
Whether the system effectively stops re-voting ultimately depends on how authentication is done. If voters can email in their ballots (with each having a serial number or something along those lines for authentication) then authentication would have to take place at the registration end. If voters need to register an email from which to send their ballot from, this would also have to take place at the registration end (but then this raises questions about viruses and the security of the voter's email address. The tallying software should also be secure, but then again it would seem very hard to verify the correctness of that system without in part sacrificing the anonymity of the voters who voted via email.

Voter anonymity
It's not anonymous at all - email is sent in the clear. David Jefferson notes that "It is common for national intelligence agencies (including our own) to collect and store all email that crosses national boundaries, and that would include emailed ballots along with the names of the voters," which makes conducting a national election via email seem like a scary thought.

Voter verifiability
There is no voter verifiability in email based systems. Because there is no other verifiable record of the voter's intent, email based systems are not auditable. There seems to be no solution to this problem, given that there's no way to send (through email) securely a confirmation note verifying that the vote was a) cast and b) done so correctly.

Immediate results protection
Because votes are stored unencrypted or at least sent unencrypted it would be easy for someone to obtain results before the voting period is over, whether that person is a national intelligence agency or the election officials.

Ease of performing a recount
A recount would be useless because it would merely exacerbate the same problems that email voting suffers from. There is no verifiable record of the voter's intent with email voting, so there is no solution to this problem.

Usability
Even though most people have email accounts (and if not, it's not too complex to make one) usability is still a concern. What if voters botch up the template that they are supposed to send? The usability of email voting is harder than it would seem. It may actually be a lot easier for users to vote via a web portal.

Transparency
The transparency of this system is unknown because it outlines a general framework for a voting system rather than the details of a specific implementation. Yet while there are remote voting trials in about 32 states, little data has been published about them.