Electronic Ballot Verification

Another election, and another slew of reports about election fraud.  Just because you're not using a touch screen does not meet you're safe from the problems of electronic voting.  If your votes aren't collected using scan-tron forms, they almost certainly are tallied using electronic equipment, which is where most of the fraud occurs.  The software used in these machines are not open-source, and programmers have testified in open court as being hired to rig elections.

The Solution I'm not going to just sit here and complain about it.  I have a real solution.  I will be creating an example implementation with open source code before I submit this solution to the Arizona state congress.  I am very open to critiques and suggestions, especially before I submit this.

When voting, each person will submit their birthday (without year) and a secret PIN that they must remember for later.  This PIN will not be recorded except with the ballot to preserve anonymity.  This pin/birthday will be fed into a hashing algorithm such as MD5 or SHA-1 to create a unique number (to keep the PIN secret).  The results of every ballot will be displayed on a public website for each precinct showing the votes cast along with the unique number so individuals can verify that their vote was counted.  (a tool would be provided to calculate the unique number from their PIN and birthday.)  Also, the tallies of each precinct can be calculated by anyone, and the count of the votes can be compared against the number of registered voters to ensure there aren't too many votes.

This doesn't solve registration fraud issues, but will make it much more difficult to change the votes after they are cast.  As an extra precaution, votes should be sent simultaneously to multiple servers running this open-source software, run by independent parties, so as to provide redundancy, making manipulation more difficult.  Corrections to votes should be allowed, but this data should also be tracked and recorded in this same list, so discrepancies can be investigated.

Another step of protection, a hash of all of the data should be calculated every time the data is changed, along with a timestamp, to ensure the data is never manipulated outside of the system.  This would require any tampering to have to change all servers storing the data simultaneously, a very difficult proposition.

A suggestion from a reader: there needs to be a way to verify the number of votes cast against the final tally.  Great suggestion!  I propose that every vote should have a separate record stored with the PIN number showing the time their ballot was cast, so that the number of votes cast in each precinct directly matches the number tallied.  Any votes thrown out could then be investigated individually.  Thank you for the input!

Please use my contact page to send any ideas and suggestions so I may implement them in this system before I submit it to my state's legislature.


What is a hashing algorithm?

A hashing algorithm is a one-way encryption system that generates a small number from a large set of data.  The value of this number varies greatly for even the smallest changes in the larger set, allowing a way to verify that the data has not been changed.   You can learn more details on this page on wikipedia.

How much work is involved?

This system will be implemented in a matter of days, not weeks or month.  The processes required are very straightforward.

What is to be submitted?

I will be submitting both a working example implementation and white papers explaining its use, how it functions, and the problems it solves.  All of this information will be posted on this page once its available.

Glitches in the News