E-Vote Vendors Hand Over Software

R.A. Hettinga rah at shipwright.com
Tue Oct 26 22:51:43 EDT 2004


Wired News

E-Vote Vendors Hand Over Software 
By Kim Zetter?

Story location: http://www.wired.com/news/evote/0,2645,65490,00.html

03:00 PM Oct. 26, 2004 PT

In an effort to increase the integrity of next week's presidential
election, five voting machine makers agreed for the first time to submit
their software to the National Software Reference Library for safekeeping,
federal officials said on Tuesday.

 The stored software will serve as a comparison tool for election officials
should they need to determine whether anyone tampered with programs
installed on voting equipment.

 The National Software Reference Library is part of an election security
initiative launched by the U.S. Election Assistance Commission, a new
federal entity that Congress created after the Florida 2000 election
problems. The EAC is the first federal entity established to improve the
integrity and efficiency of elections.

 DeForest Soaries, chairman of the EAC, in June requested software from the
largest voting companies, which provide 90 percent of the software to be
used in computerized voting machines on Tuesday. The EAC will eventually
ask all voting companies, even those that produce counting software for
punch card machines, to submit their software.

 Soaries called the library a major step and praised the vendors for their
willingness to increase the transparency of elections.

 "Their acceptance of our request to submit their software begins the
process that assures the country that we will have (a) higher level of
security and therefore confidence in e-voting than we have ever had
before," Soaries said in a press conference.

 The National Institute of Standards and Technology -- the agency that sets
official measurements and defines standards for all kinds of commercial
products -- will maintain the voting software library. NIST already manages
a library of other types of software, like the Windows 2000 operating
system, to help law enforcement investigate crimes involving computers.
Doug White, the library's project leader, said NIST stores applications on
CDs in a room that is similar to a criminal investigator's evidence locker,
which means the software can be used as evidence in a court.

 Counties and states will eventually be able to use the library to verify
that they are using a certified version of software. This is good news to
Scott Konopasek, the registrar of voters for San Bernardino County in
California. In September, after California certified a new version of
software for his county's voting system, the vendor, Sequoia Voting
Systems, sent Konopasek the software to load on his machines. But when
Konopasek asked the state to verify that the software the vendor gave him
was unchanged from the version the state certified, state officials told
him they had no means to verify it and that Konopasek would have to trust
the vendor.

 Vendor trust was precisely the measure of verification the state was using
last November when it discovered that Diebold Election Systems had
installed uncertified software on machines in 17 California counties
without telling the state.

 NIST's voting software library was established too late this year to
examine software that has already been loaded onto locked voting machines,
so election officials won't be able to verify that they have unchanged,
certified software before Tuesday's election.

 But if questions about the veracity of a voting system arise after the
election, computer forensic experts will be able to compare the software
used on machines with the software in the NIST library to see if the
software was altered. They can do this by comparing hash files, which are
digital fingerprints that identify the integrity of software. The hash is a
mathematical sum derived from the software code. If someone changes the
software, the mathematical sum changes as well.

 "This gives us one more mechanism for assuring voters that their votes
have been recorded and reported correctly and haven't been tampered with,"
Konopasek said. "There's no one single thing that election officials will
ever be able to do to convince everyone. But the more we can add to our
inventory of audits and controls, the more we can establish confidence of
voters -- not just the technically savvy voters, but all voters."

 Soaries acknowledged that the library alone can't secure elections and
voting systems but can only work in concert with other procedures. And the
EAC still has to work out several issues related to the library, such as
who will be responsible for checking hashes before an election if county
election officials don't have someone knowledgeable on staff to do so. EAC
has to determine how best to handle patches, or last-minute fixes and
upgrades to machines. Currently, it will be up to the county and vendor to
decide whether to resubmit that software to the library before an election.
And the EAC has to establish a policy for dealing with false positives --
that is, when a hash check indicates that software has changed when it
actually hasn't.

 In addition to the library, the Commission has instigated several measures
to increase the integrity of elections. These include developing new voting
machine standards that would require voting machine companies to make
machines that are more secure.

 The commission is also looking at developing national standards for
election procedures to establish uniform methods for physically securing
voting machines and providing checks and balances to prevent and catch
voter fraud. Additionally, the commission has been speaking about creating
a clearinghouse to gather reports from states and counties about problems
they encounter with voting equipment.

R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list