How to fix US elections.

Submitted by luminous on Fri, 06/24/2016 - 5:41pm

Their is a lot of talk about whats wrong with US elections, and sadly to much of it is center one of two parts of the system rather then the entire process, It is rather disturbing how little security our elections have, and its not just the voting machines, or the tabulation machines, or the county ran database that swaps every ones party affiliation so that prechosen candidates can win. Its not enough to complain about an issue however so I want to outline what we can do about it. I might get a bit technical in a few places, so feel free to ask questions and I will update to hopefully make it more clear, see section 5.

1. Voter registration, party identification.

This is where it all starts, the actual process of registering someone is not fraught with to many issues save a couple of States that have intentionally invented problems(Florida). The real problem is with the database that stores all of the documents, Their are absolutely ZERO security requirements, either for the software, network, or the physical security of the servers that contain these documents, With great ease any document in the server can altered, or new documents invented.

The invention of new documents being the larger problem, Old documents are harder to tamper/delete because off site backups can be used to find illegal modifications.

However both problems are solvable by combination of,

  • Serialized entry of documents into the database
  • Document file security hashes, generated by a combination of the last documents security hash and the contents of the current document
  • Voter cards issued after initial registration should include a smart card chip that includes RSA keys and a simple processor that can be feed the documents security hash to generate a second security hash to be stored with the document as a non forge-able signature device
  • Whenever new documents are created(party change, register at different address etc) the voter would need to provide their voter smart card to sign the documents
  • The smart card private keys should never be shared, and held solely on the smart card, and a secure key authority.
  • Off site secure backups, backups should be encrypted with keys held by a secure authority
  • Backup's will include database and document files, the database transaction log, and all other system logs from the computer running the database
  • Yearly audits of the database using duplicates of the backups from the last 3 years

Fraudulently altered documents, and fraudulently created documents would stick out like a sore thumb, they would be easily traceable. Any voter after their initial registration could easily verify the authenticity of their documents, and challenge discrepancies.

The overhead of regenerating security hashes for documents to fraudulently alter documents, or selectively delete old documents quickly becomes computationally difficult as more documents are entered into the system, so long as a computationally difficult hashing system is chosen, bcrypt for example, And with the voter smart card device they would lack the second hash or have a fake second hash which any voter could immediately call them out on.

2. Voter list maintenance.

Voting list maintenance is often used as a means to trim voters from the rolls, any excuse can, and will be used. Didn't vote in the last election, have a Latino sounding name, got caught in a voter caging operation, attempting to vote while black/young/wrong party/etc.

  • First cleaning the documentation process as described in section 1,will help a lot
  • Next a national voter information database, Whenever someone registers in a particular place a notice should be sent to this database, so that state and county registrar offices, can be directly to use this as their sole validation source
  • Notices sent by registrar offices known to security problems, or database does not meet the requirements in section 1, would not be displayed to other registrar offices
  • election officials of all capacities should have real time access to the live county/state registrar database and NEVER reference a printed document for the voter list
  • In all cases it must be incumbent on the State to prove a person is not valid to vote, and not the other way around, the voter must always be given the benefit

More could be added here I am sure.

I have always found it amazing that we still use printed voter lists, even in the modern age. Old lists, bad lists, intentionally bad lists, lost lists, or a myriad of confusing lists, have stolen more then a few votes this year. Really what is so hard about providing mobile hot spots to officials and letting them connect to the county/states master list directly through a web portal.

3. election day.

Standards for polling sites, and the number of polling sites, and the equipment provided to those polling sites, are badly badly needed. Porto Rico's 6 hour lines, or the 20,000 people per polling site in Arizona, are merely the most extreme examples. California was among a long list of States this year which had touch screen voting machines that where sent out to sites broken, with faulty touch screens, or flat didn't work, or had other software issues.

  • Election day will be a national Holiday, with one extra provision from other National holidays, Its not time hand a half on this day, its 4 times pay rate to work this day
  • No less then 1 polling site per 1000 persons, with turnout projections being based on 50% of registered voters, or 125% of the largest turnout of the last 5 federal elections, and of those whichever is greater
  • Ballots cast at a polling site will always be used with priority over mail in ballots
  • Mail in voters can always choose to vote in person if they change their mind, or otherwise have issues with the mail in form
  • All polling sites should provide a optional paper ballot that can be filled out without the aid of a computer
  • All voting machines will print a ballot, which is then used for the election
  • All pure electronic voting machines are banned
  • Printed ballots will have one line per voted item per option, and the picked option being clearly printed for quick verification by the voter
  • Ballots will use bond grade security paper prepared by the federal reserve that be marked with a non-visible serial number
  • Ballot paper will be tracked through the entire process and returned to the feral reserve to counted not for the election result but to make sure the same number of papers are returned and then be destroy
  • Electronic tabulation will be made entirely illegal
  • All ballots must be hand counted
  • A exit poll with no more then a 3% margin of error must be performed at every election and publicly reported
  • An exit poll off by more then 2% from the margin of error would trigger automatic investigation
  • An exit poll off by more then 5% from the margin of error would automatically decertify the election and trigger a revote after an investigation and correction of issues

With electronic voting machines its not enough to see the source code, The entire process of Compilation, executable file storage and transport, network communication, underlying operating system, and physical hardware would require inspection and continuous monitoring to ensure security. This is practically impossible.

Electronic voting machines can be an important part of the process however, So long as the only thing they do is print a paper ballot that is used by the voter for their actual vote. A printed Ballot has the advantages if not having any miss marked fields or hanging chads, and is easily inspect-able by the voter for correctness.

The number of voters through each precinct will still need to be counted by someone, to ensure number of voters and number of ballots cast match.

The serial numbered ballot paper will make ballot box stuffing very difficult, if large numbers of papers are missing when returned to the federal reserve, we would know, or if papers sent to California show up in Idaho we would know. The bond security paper would be extremely difficult to copy on short notice, and even then if we found duplicate serial numbers or numbers that where not used, we would know fraud had occurred.

4. Criminal prosecution

This is probably the hardest part, None of the above will work if nothing is done about infractions, and certain governments may choose to do nothing as problems will benefit them, so relying on the government to press charges will not work.

We must be given the ability to sue on behalf of the government, or to sue to obtain a private prosecutor and preempt the government from filing charges if it can be reasonably assumed they would pursue the case in dereliction of their responsibilities, or it would be a conflict of interest due to their position within the government.

A civil suite launched this way, must be able to pursue criminal sanctions

5. Technical notes.

  • Hash: A sort of password generated by a computer from some data of an arbitrary size, the same data would always generate the same hash, but its impossible to recreate the data from the hash, hashes can be computationally expensive, requiring anywhere from a few milliseconds to hundreds of seconds to calculate
  • RSA: I suggest wiki Wiki RSA
Tags: 
Voting
voters
ballots
Elections
fraud
registration
security
Share
up
0 users have voted.

Comments

Submitted by dkmich on Fri, 06/24/2016 - 7:42pm

I am sure we can vote safer and more conveniently than we do. Your outline is very thorough and well thought through.

up
0 users have voted.

"Religion is what keeps the poor from murdering the rich."--Napoleon