E-voting seems to be a rather hot-button issue, especially considering all the potential security problems, technical issues and other hang-ups which seem to plague all the manufacturers of the new electronic voting machines.

The current voting system in the US is a patchwork of paper ballots, electronic machines and electromechanical voting booths, many of which have been in operation since the 1930’s. As seen in the 2000 election, and in many incidents since, these methods are less than optimal and not necessarily the most secure or reliable means of counting votes.

In the wake of the 2000 election and all the “pregnant chads,” ballot card confusion, claims of corruption and other issues, E-Voting machines were hailed as a solution to all such voting issues. But security, reliability and general issues with the ease of hacking and tampering with such machines have since become apparent. This isn’t actually that surprising, considering that many of them actually run Windows XP.

See more information here: http://www.eff.org/Activism/E-voting/

So is it actually possible to have secure electronic voting? Of course it is. I contend that a highly secure, cheap, reliable and tamper-resistant machine could be created with off the shelf technology. The most important aspect: KISS (Keep it simple stupid). Don’t think “PC Computer” but rather think “Simple ATM Machine.”

 

My design:

Ditch the Windows interface, ditch the PC design, even ditch Linux! Don’t get me wrong, I love Linux but it’s overkill for this job. You cannot root a system without a root account and you can’t telnet into a machine that isn’t connected to the internet. A voting machine only requires a simple logic controller, a character and graphic generator, a few memory chips and other simple components. The display is just a monochrome touch screen, such as those on credit card terminals.

 

I created this conceptual design to illustrate how a brutally simple, highly secure and easy to build voting machine could be created. It could very easily become a standard, making voting locations consistent and simple. It would be much cheaper than other systems and the security and reliability, though not necessarily 100% perfect is very much better than most systems currently in use.

Why can’t companies like Diebold get the message? The incompetence in government and big institutions can be maddening…

 

Construction and Operation of Voting Machine:

- Contains relatively simple electronics, including a logic controller, less than a megabyte of RAM storage, a smartcard reader, a strong encryption engine and a time signal receiver

- Each machine also contains a CD-R or similar high-capacity write-once medium, which is located in an armored box with a tamper-proof seal. This is designed to record the (encrypted) vote information in a verifiable manner incase the data is called into question. It can only be opened by the elections commission and is designed to be of sufficient capacity to be used for many years without changing.

- The interface is a basic touch screen display, not much more advanced than the signature pads for credit card purchases at some stores. It also has a pen or can display a virtual keyboard for “pencil in” candidates

- The machines are cheap and easy enough to manufacture that they could be sold for well under a thousand dollars and be standardized throughout a state or even nationwide.

- Having many machines at voting locations will reduce wait time and assure things run smoothly

Operation of the Machine:

1. The state elections commission approves the candidates and election questions and they are then written to electronic “smart card” medium, of the type used for credit cards, satellite television and so on.

2. The cards are sent to the local municipalities. Each one is strongly encrypted and bound to one of the machines by serial number. Only that machine can read it. In the event that a card is lost, a new one can be sent to the municipality and it will not compromise security because the lost card is encrypted and only contains the question data anyway.

3. Before the election, the poll workers put a card into the machine, simply putting the one with the correct serial number into the correct machine. In the event that they have received the wrong card or something, they could also use a emergency “universal” card, which is not machine bound, but bound only to the systems in that state. However, this would require notification of the electoral commission, as the universal card would be flagged when the data is returned. If all else fails, paper ballots could be a backup.

4. After the election is finished, the cards can be ejected. They cannot be ejected before a certain time, as the machine’s card reader will lock up until an approved time. There’s no danger of it locking in the wrong card, because it would give an error if an improper card was used.

5. The cards are simply swiped by a card reader, which prints a mark on the cards (to aid in knowing which have been read already.) If a card is swiped twice, in error, then it will be noted, as all cards are numbered. This can be done with any computer and an internet connection, or a very simple terminal, similar to a credit card processing machine.

The back of the machine has a simple function display and smart card slot.
On the side is the tamper resistant box containing the write-once archival media.

 

 

Voting:

1. The person goes to the machine and touches the screen to begin voting. They are asked if they would like a confirmation ticket. If they say yes, they will get a card which has their votes printed on it and the number of the machine. This is optional and private, but assures people won’t worry later if they voted correctly.

2. For each election, the person can touch the candidates name, or in cases of bond measures and alike a “yes/no” option. The name is then highlighted and they can press “cast vote” or press the option to “abstain” from voting on a given election or “pencil in.”

3. If “pencil in” is chosen, the person can used a stylus to write the name of the candidate or can press a button for a “touch keyboard.” They can also press “erase” if they made a mistake.

4. At the end, they are told who they have voted for and given the option to “Start over” or “cast votes.” After each question they also have a “Go back” button, incase they think they pressed the wrong name.

5. They can take their ticket (if they chose to get one) and go on their merry way.

Security:

- The system is encrypted and secure end-to-end and has all the appropriate time stamps and binding numbers to assure everything is there.

- If a card does not dump properly or is lost when removed, a blank card can be placed in and the machine will dump the last election’s data, stored in onboard memory.

- If this is not sufficient or the data is in question in any way, the state can then open the machine and read the write-once media’s data

- It only records votes and does not record who cast them

- After each person, it will produce a beep, to assure they don’t stick around and cast another vote.

 

Of course, the system I propose is just an example. This basic idea could easily be adapted or use optically scanned ballots, replace the smart card with other media or somehow otherwise report votes. The basic idea is simply to go back to basics.

But was that so difficult?

Is it obvious to anyone else that sometimes, simple embedded electronic systems are superior to a complex software-based voting system?

---

This entry was posted on Thursday, August 2nd, 2007 at 10:35 am and is filed under Bad Science, Culture, Good Science, Politics. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

---

View blog reactions