The Cryptographic Fix for US Elections Is Still Sitting on the Shelf

In 2006, software engineer Michal Postpieszalski discovered dangerous defects in American voting machines – Flaws he says that the American elections are still threatening today.

Pospieszalski was hired by the Election Science Institute, where he was Chief Technology Officer, to the headquarters of election seller election systems and software (ES & s) in Omaha, Nebraska. His job was to analyze the company Ivotronic voting system.

For more than a week, Postpieszalski discovered a wide range of problems, including “bad code practices, back doors, static passwords”, and especially what he described as a complete lack of “end-to-end cryptographic evidence”.

“The biggest thing that was not there was end-to-end cryptographic evidence,” said Pospieszalski Decrypt In an interview. “This means that the machine is not, even with perfect external security, can know whether a mood is legitimate, or whether it has been counted twice, three times or 1000 times.”

What is missing in today’s voting machines

The CEO of Blockchain Security and Identity Software Company MatChefiPostpieszalski, said that vulnerability is not hypothetical; It is easy to operate through everyone with access to voting engines and voter registration systems.

“You could just run the same mood 10 times – and that is still true today – and it will just count as 10 votes,” he explained. “And the scanner does not know any better, and the tabulator is not. The tabulator in the central district is like:” Oh, it was 10 votes. “

Postpieszalski said that the separation of ballot and voter record systems often makes reconciliation impossible without referring to original paper files.

“There is no anonymous serialization of every mood with which the system could know that every serialized mood only needs to be counted once,” he said.

The solution, according to Postpieszalski, includes software – not hardware – and builds on cryptographic techniques developed for the first time in the 1980s by David ChaumA cryptographer who introduced pioneering pioneered digital money and blind signatures, allowing transactions to be verified without revealing their content.

Chaum later founded DigiCash, an early digital currency, and presented cryptographic voice systems that retain anonymity and at the same time enable public verification. His work laid an important foundation for both safe E-voices and modern cryptocurrencies such as Bitcoin.

“What you want is the machine at the end-the central count tabulator or election management system is getting a voice definition and you have a Chaumian-bare serialization on every mood,” said Postpieszalski. “So, just like in La County, that starting destination has a serial number. That serial number does not identify the voter, but it tells the tabulator in the central district:” Hey, this is a unique mood. “

“When I see two, someone cheated,” he added. “Especially when I see 50.”

In the proposed model of Postpieszalski there would be three counts: the paper ballot papers, the conventional digital count and a third cryptographic count.

“The way you cheat is that the digital count says there are 100 voices, and the cryptographic count says there should only be 90,” said Postpieszalski. “Now you know that someone has injected 10 votes.”

Lessons from Antrim County

In 2020, Postpieszalski was hired to perform forensic analysis in Antrim County, Michigan, after a short error of widespread speculation caused.

“There was a voting flip in Antrim County with, like about 2,000 votes, where it was 2,000 for Biden one day, and the next day it was 2,000 for Trump,” he remembered. “What really happened is that the ballot was incorrectly configured, so that the system thought that the voices were for Trump for Biden.”

He said that when the ballot papers were converted with the corrected definition file, “everything became normal again.”

Postpieszalski emphasized that although the error was technical, the optics of the situation fed the public suspicion.

“There was no enormous, hostile attack. But if a voter who is called up by the media-in particular right-wing media-seats people want to answer people,” he said, adding that such confusion is exactly what end-to-end, off-chain cryptographic evidence is designed to prevent.

But although he found no evidence from remote hacking or softwareback, Pospieszalski said that he encountered signs of possible voice injection during his analysis.

“If you have a mood with 42 choices, and in the analysis you see 100 ballot papers filled in exactly the same way, you are something like: eh, probably not really,” he said. “That is the stuff that I found proof in Antrim County.”

Asked why cryptographic ballot papers were not implemented, postpieszalski pointed to deep -rooted systems and businesses reluctant to make changes, and added that proposals for safe voices often could not get because they were too complicated.

“They suggest all kinds of real, really difficult to use schedules … things that people are used to, if you are a voice manufacturer, this will not make sense,” he said.

Various technologies are aimed at improving election security and trust. In April, New York Assemblyman Clyde Vanel introduced a bill that would use blockchain technology to secure voter records and election results. Although Blockchain has been promoted as a solution for safe voting, Pospieszalski argued that the core problem does not require that level of complexity.

“All you try to do is solve a simple problem: getting an accurate count of legitimate voices,” he said. “Extra complexity is superfluous. Many people push blockchain because it is popular, but you don’t really need it.”

Pospieszalski, on the other hand, says that his solution works with current machines.

“I only say: look, make a software upgrade of the existing system and work with Dominion, work with ES & S, and you can just switch it on or off,” he said.

Asked how adoption could happen, Postpieszalski suggested legislation or mandates of jurisdictions that supervise elections.

“Voice manufacturers and their customers – counts – need large districts to insist on change,” he explained. “If a law said that by 2028 or 2032, voice systems should contain end-to-end crypto documents, we would do business.”

According to him, the advantage would be clarity in future elections, especially in heated competitions where trust is fragile.