How can the location of online election voters be inferred based on communication delays?
Some countries have already introduced 'online voting (internet voting)' that allows voters to vote from home or other places via the Internet, and in Japan, Tsukuba City in Ibaraki Prefecture
Proof of location for online polls - Network Latency Geolocation
https://ip-vote.com/geolocation_via_latency.html
Internet voting allows voters to vote from anywhere in the world, but since voting rights are given to people who live in specific countries or regions, there is a risk that the location of voters cannot be confirmed. Even if filtering based on IP addresses is implemented, it is possible to circumvent it using techniques such as IP spoofing, which disguises the sender's IP address.
To prevent fraud in online voting, a mechanism has been proposed that estimates the location of a device based on network delays. According to known physical laws, even signals used for Internet communication cannot travel faster than the speed of light, so there is always some delay in communication for online voting. By measuring multiple delays to different servers and plotting 'areas where a device may exist' on the surface of the Earth for each communication, it is possible to infer that the device is located where those areas overlap.
For example, the figure below shows the area where a device may be located, based on the communication latency to eight servers around the world, with circles for each server. Although the area estimated from each server is large, the area where all the circles overlap is quite narrow, and the device is estimated to be located in the area shown in red in the figure. In the case below, the device was located in Amsterdam, Netherlands, which overlaps with the area shown in red, so we can see that the location estimation based on communication latency works well.
The location inference process relies on the physical limitations of transmitting data through internet infrastructure: Signals travel through fiber optic cables at roughly two-thirds the speed of light in a vacuum, and routing inefficiencies and electronics can increase signal latency by 20% or more.
These limitations allow us to infer the location of the device relative to the servers. Even if a malicious actor changes their apparent location, they cannot shift the latency faster than the speed of light. Also, if a user has unusually slow latency to all servers, they can be removed from the polls, as they are likely using
To make location estimation based on communication latency work, it is necessary to first estimate the clock difference between the client and server. To prevent people from sending measurement signals early to spoof location information, the master server generates a random number and sends it to the client's device, which then relays it to the latency measurement server. To prevent this, an HTTPS request is established with the server, and a request is sent from the client's device to the server before measuring the latency.
If location inference based on communication delays were used, a malicious actor would need to take additional steps and resources to spoof location information, such as controlling multiple devices in the target area and using them to vote, manipulating requests at multiple points in the routing infrastructure to which the server is connected, and doing so undetectably. The more expensive it is to manipulate votes, the more difficult it becomes for a malicious actor to launch an attack.
Explaining the method in a blog post, Chris Rieckman said, 'Geolocation based on network delay triangulation is a way to reliably pinpoint the physical location of a device. It can detect when voting responses originate from outside the intended region and can be used as an additional layer of validation beyond IP address-based geolocation and IP reputation . For voting results to be truly trustworthy, geolocation measurements should be performed by multiple, independently audited organizations.'
Related Posts:
in Web Service, Posted by log1h_ik