Elections and voter fraud - what we can do about it?

2014-11-05T02:54:27-05:00

My analysis of elections, voter fraud, and how we, as a country, can nearly 100% eliminate it...

Tonight, on the way home from my current job as a network administrator, I was listening to late night talk (you know the one - the one that is always talking about UFOs and Bigfoot...) Anyway, tonight the topic was voter fraud. George Noory (the host) had a guest on who was discussing how voter fraud is always going to be a problem, no matter what country you live in, or what voting procedures you have...

I found myself in complete disagreement. Sure, under current standards, with the technology we are currently fielding, we don't have a way to stop voter fraud, especially when states refuse to require people to have IDs so you can vouch that they are the actual people casting a ballot. I'm not trying to get into a political debate on this though... what I'm trying to point out, is that there is a way to stop voter fraud dead... as in, almost IMPOSSIBLE to commit. That's right... nearly impossible.

Here's how it works: Anyone in IT, is (or should be) familiar with the Public and Private key infrastructure that we use to encrypt and decrypt messages, as well as generating a hash value. Think of a package, within a package, within a package, and so on, much like the Russian wooden dolls that are hollow, and each time you open one, there's another doll inside it.. similar concept.. I know, this is complicated, so if you don't care, fine, but I do, and I think this will work 99-100%!

What we need to do, as a country/state, whatever, is every person should be able to pick up a Driver's license or state ID (even if it is subsidized) that proves who they say they are - let's call it a Personal ID or PID. Embedded in the PID, should be a smart chip. On the chip, just like on our CAC and PIV cards, is the person's encrypted private key, their public key, and a hash key. For those of you who don't understand this, bear with me for a minute.

When a person goes to vote, whether through a polling station, the internet, whatever, they insert their PID into the slot just like we do with a DoD CAC or PIV. They then cast their vote. When their vote is cast, several things happen:

First, the persons vote is recorded, and then encrypted with the person's private key. The only way to change it, is using the private key. However, you can decrypt it and read what was cast with the public key - just bear that in mind for a moment. So here's our package [encrypted vote]<-using person's private key

Second: The encrypted vote, combined with some personal identification values and the person's public key, is then hashed (that is, a hash is generated using the person's hash key).
Now our package looks like this: ([encrypted vote] + [personal id values] + [person's public key]) x [personal hash key] = [personal hash value]

Third: the encrypted vote, the person's ID values, the person's public key, and the person's hash are ALL encrypted using the Government's (or voting authority - doesn't matter what you call it) Public Key (yes, this is important, the government/voting authority must have both a public and private key, and a hash key as well). What this does is makes the info that was encrypted, unreadable UNLESS you have the private key for the voting authority.

Our package now looks like this: {[encrypted vote] + [personal id values] + [Personal hash key] + [Personal hash value] + [person's public key]} = [encrypted package] <-- using voting authority's public key

Fourth: The data is then REHASHED using the government's Hash key. [encrypted package] x [Voting Auth Hash Key] = [VA Hash Value]

Fifth: The encrypted data, and the generated hash are then both sent to the voting authority. So now our package: ([Encrypted package]+[VA Hash Value]) sent to Voting Auth.

Sixth: The voting authority, using their hash key, re-hashes the encrypted package, the same as step four above. This should create the exact same hash key, which verifies that the encrypted data was NOT tampered with during transmission to the Voting Authority.

SO [encrypted package] x [Voting Auth Hash Key] should still = [VA Hash Value]

The package can now be stripped of the hash value that was sent with it:
[Encrypted Package]

7th: The Voting Authority takes private key that belongs to them, decrypts the data. Since the package was sent with the VA's public key, the only key that can decrypt it is the private key the VA has. This gets them to here:

[encrypted vote] + [personal id values] + [person's hash key] + [person's hash value] + [person's public key] <-- decrypted with VA's private key.

8th: The voting authority can take the person's hash key, and re-hash the encrypted votes with that person's ID values - if the encrypted vote data and the person's ID data was not tampered with, the hash key should generate the SAME hash value that was sent with all the other data to them.

So ([encrypted vote] + [personal id] + [person's public key]) x [personal hash] should still = [personal hash value]

9th: Since the hash value they generated above should be the same as what was transmitted, the VA can now decrypt the encrypted vote using the person's public key.

The entire process does the following: 1) It makes the vote unalterable. If it is altered, the hash values change and won't match. 2) it makes the vote irrefutable - the person can't say they didn't cast the ballot, because their personal ID is tied to the vote. 3) it makes the the vote nearly 100% unforge-able. Because the vote is tied to the person's personal data that only they will have, it can't be forged and if it is, the person can almost 100% prove they didn't send the vote. 4) no one on either end can tamper with the vote results, and if they do it becomes instantly obvious. 5) LAST, and most important, it makes it so that if there is EVER a question about the vote, an independent party can come in and verify all of the above.

So for those of you who understood every step I described above, what do you think? Leave me some feedback or vote below!

Thanks.

V/R

Marc Wayman

Response by PO3 Shaun Taylor made Nov 5 at 2014 3:01 AM

2014-11-05T03:01:37-05:00

I must admit I'm a little confused, but I understand your concept. Once you build a prototype I suggest you try it out in Florida and Wisconsin.

Response by SFC Private RallyPoint Member made Nov 5 at 2014 4:46 AM

2014-11-05T04:46:10-05:00

Ok, here's the short version: encrypt vote, generate a hash so you can verify the data when it's received, encrypt all of that using voting authority's public encryption key, send them the data, they can then decrypt, verify, and tally the vote. The entire process is nearly infallible because it's double encrypted, and each encryption is then hashed, which provides and guarantees data integrity. Since voter's ID is also mixed in to the hash, the voter's ID is also protected from falsification, and doubly serves to prove how the voter voted.

Response by MAJ Robert (Bob) Petrarca made Nov 5 at 2014 5:41 AM

2014-11-05T05:41:23-05:00

I like it. Only problem is we can't get the buttheads in DC to approve a National ID/ID card which would make this more possible.

Response by SFC William Swartz Jr made Nov 5 at 2014 8:39 AM

2014-11-05T08:39:58-05:00

LMAO....I would fully support this measure, but I think that based upon what has already been brought up by certain segments within our society, "forcing" everyone to have a government issued photo ID would "disenfranchise" their particular segment. It still amazes me that you are required to provide a photo ID to do almost everything within our society, ie. obtain hunting/fishing licenses, fly on a commercial airline, etc., but are not required to produce a photo ID to verify you are who you say you are for the purpose of electing officials or voting for or against legislature....(a side not to those who say that it's a form of poll tax etc....it is so very easy to obtain government issued support in the form of welfare and SNAP, why should it be no less different for obtaining official ID?!? Same state/national governments handle both issues, just sayin!)

Response by CW5 Private RallyPoint Member made Nov 5 at 2014 8:44 AM

2014-11-05T08:44:15-05:00

SFC Private RallyPoint Member, that's a great explanation of a way to eliminate voter fraud. The technology (PKI, etc.) is a wonderful idea, but to get there you have to have an ID card in everyone's hand, and therein lies the rub. We can't even get states to require any ID at all ... how are we going to convince the entire country that an ID card with a smart chip is a good idea.

So, while you have a great idea, I think it breaks down before Step 1. Check out the current state of affairs regarding voter ID requirements in the USA:

http://ballotpedia.org/State_by_State_Voter_ID_Laws#tab=Map

Voter identification laws by state - Ballotpedia

Ballotpedia is a nonprofit, nonpartisan professionally curated encyclopedia designed to connect people to politics and elections at the local, state and federal level.

Response by SGT Scott Curtice made Nov 5 at 2014 12:23 PM

2014-11-05T12:23:02-05:00

yeah, i agree, if an ID card is good enough for our military personnel, it's good enough for the civilians also.

Response by CPT Jason Torpy made Nov 5 at 2014 12:35 PM

2014-11-05T12:35:06-05:00

There is no voter fraud. There's no bigfoot. There's no UFOs. Benghazi was a tragedy but an isolated incident. There's no ISIS in the US. Obama is a Christian born in Hawaii not a Muslim born in Kenya. Ebola is downright hard to contract. All these things and voter fraud are just part of the Republican machine of lies intended to get poor people to vote against their own interests and in favor of war and greed.

Response by SPC David S. made Nov 5 at 2014 4:35 PM

2014-11-05T16:35:25-05:00

Is this a test to see if I'm crazy?

Response by COL Randall Cudworth made Nov 5 at 2014 5:18 PM

2014-11-05T17:18:33-05:00

SFC Private RallyPoint Member, absolutely agree that the concept of using PKI would stop it dead (as you said, no possibility of voter fraud any where along the process), but it would never happen, no matter what support you have, for a variety of reasons. Almost all of the reasons are economical, and if you can't get agreement on the low cost options of just using government issued photo ID, how would you expect to get any agreement for a more expensive solution?

DoD pays about $8 each for an Level of Authentication 4 credential (the CAC) which is what you are describing (less the biometric info). Figure at scale (200M eligible voters) the government could get it down to $5 ... that's still $1B just for the cards and a LOT more for the infrastructure (readers, management, etc). Think about all the stuff you have to go through for your passport (that's a LOA3 credential) and now add the PKI certs on top of that.

Response by LTC Private RallyPoint Member made Nov 5 at 2014 5:28 PM

2014-11-05T17:28:45-05:00

SFC Marc Wayman, That was awesome!!! Like CW5 Montgomery noted, first things first; get every state to require ID!!!! I was surprised to be reminded by my parents, that as long as you knew your name and address you can vote in Illinois. If I knew my buddy wasn't voting, I could vote my way as him by altering my looks, voting early, etc. It would not surprise me if it doesn't happen some. Besides, some of the folks running the poling places aren't as professional as you would expect either. The system definitely needs help. Unfortunately, you presented a graduate level solution, for an infrastructure that could barely handle a middle school level concept I'm afraid...

Response by PO3 Private RallyPoint Member made Nov 5 at 2014 5:42 PM

2014-11-05T17:42:01-05:00

I've always wondered what's the big deal about getting ID? But even if that's too much for you and we decide as a nation to require some proof of identity in order to vote then why wouldn't we just use our thumb print? The idea makes the hair stand up on my neck, but if we got to be all big brother why not just use that instead of some fancy encrypted ID card?

You get up to the polling station, you whip out your thumb and put it on the scanner. OK, you are you...go vote. As for how to transmit those votes I'll leave it to someone who knows what language your speaking! LOL

Response by LTC Private RallyPoint Member made Nov 5 at 2014 6:20 PM

2014-11-05T18:20:34-05:00

Sure, it could work. However, the issues I see are:

1) Voter fraud isn't really as big a deal as some pundits claim it is. See your own qualified that these pundits in particular support various other conspiracy theories.

2) Boat loads of people will claim that the chip you implanted on their ID card is some sort of tracking device and/or mark of the beast.

Response by Cpl Private RallyPoint Member made Nov 5 at 2014 6:48 PM

2014-11-05T18:48:48-05:00

My vote is my vote. I hold my vote private and do not disclose who or what I vote for. Non of your listed options account for that. As well your theory means that anyone with the public key would then know who voted for what. I would be against that.

Response by SFC Private RallyPoint Member made Nov 5 at 2014 10:08 PM

2014-11-05T22:08:26-05:00

So, for those of you who respond visually better than via verbal: I created a chart that shows the process as I am envisioning it. Yes, it's complicated as hell... but I was running out of room... so youse get's whats youse get's!

Response by MAJ Dallas D. made Nov 6 at 2014 10:56 AM

2014-11-06T10:56:59-05:00

I don't think a National ID (hopefully) will never happen and IMHO that is a good thing but stopping Voter Fraud is a bigger problem than I think a lot of people really believe.

Amazing the videos that popped up all showed someone selecting candidate "A" and the computer selecting candidate "B" and oddly "B" always turned out to be a Democrat. Interesting, and No I am not a Republican or Democrat so I am not taking sides in this. (I am a Libertarian)

Response by MSG Brad Sand made Nov 6 at 2014 11:23 AM

2014-11-06T11:23:33-05:00

F) All of the above?

The problem with any system is that someone can break it and fraud is possible. The question is, how much can be reduced and especially, can it be reduced a level where it does not effect the outcome of the election?

There will always be some level of error. We are working with humans? If nothing else, human error. They mark the wrong circle, push the wrong button, ETC. It would be nice if we did live in a perfect World, but we don't...at least not yet.

Response by MAJ Jim Woods made Nov 6 at 2014 11:30 AM

2014-11-06T11:30:53-05:00

I'm glad I live in a State that requires a picture ID in order to vote. The truth is, it can be legislated by any State. As long as certain people are in power their will not be any Federal legislation.

Response by CPT Zachary Brooks made Nov 6 at 2014 2:26 PM

2014-11-06T14:26:20-05:00

This is an interesting website that talks about how the votes are counted. You can also find information on how your vote can be tampered with in the current system.

Its surprising at the many ways they can do it.

http://verifiedvoting.org/

Response by CPT Zachary Brooks made Nov 6 at 2014 2:38 PM

2014-11-06T14:38:33-05:00

For anyone saying that voter fraud does not exist, then I just have to ask.

When did we allow felons to vote?
http://www.wbtv.com/story/27272286/convicted-felon-patrick-cannon-in-trouble-for-voting-early

Response by Sgt Jay Jones made Nov 7 at 2014 7:31 AM

2014-11-07T07:31:04-05:00

Why does this sound like the beginning of theAntiChrist and the Mark of the Beast??? IJS

Response by PO2 Corey Ferretti made Nov 19 at 2014 11:51 AM

2014-11-19T11:51:57-05:00

This is what i know. When i went to get my voters registration card all i did was give my name and they gave me the one i never got delivered no ID or anything. When i wen to vote i just gave my name and they ok go to station 2. I was amazed i did not have to prove who i am. I need an ID to get my fishing license but not to vote i think it is nuts.

Response by SGT(P) Gloria Francis made Nov 20 at 2014 9:14 AM

2014-11-20T09:14:38-05:00

This would NEVER be used because IT MAKES TO MUCH SENSE!!! Too many people would lose their spot on top of the pyramid if this took place. So many people did not vote this time around simple because they saw it was a waste of time and it made no difference if they did vote. They felt that their votes wouldn't be counted anyway. Your idea/solution leaves too much room for THE PEOPLE'S CHOICE to be voted into office. We say the majority rules but reality is that the few minority changes the rule. I love what I read. Great work.

Response by MSG Private RallyPoint Member made Nov 20 at 2014 9:21 AM

2014-11-20T09:21:31-05:00

Kind of does away with the secrecy of the ballot box. The voting authority could start tracking the voting habits of individuals.

There's a simpler way to stop in-person voter fraud--implement ID requirements at registration.

Response by Capt Richard I P. made Nov 20 at 2014 9:41 AM

2014-11-20T09:41:10-05:00

Everyone who cares about fair and representative elections, please, please watch this video list.
http://www.cgpgrey.com/politics-in-the-animal-kingdom/

Politics in the Animal Kingdom

Homepage for CGP Grey. Videos, articles and links.

Response by SFC A.M. Drake made Nov 20 at 2014 9:35 PM

2014-11-20T21:35:39-05:00

Voter fraud is as common as American Pie

Response by MSgt Neil Greenfield made Apr 7 at 2016 9:16 PM

2016-04-07T21:16:40-04:00

Well, if anything, your idea would open up a whole new side industry that would employ quite a few people. The thing with this idea is the fact that there is no such thing as 100% security. There's always going to be some researcher/hacker that will discover some vulnerability in these voting systems. Fraud exists. So does stupidity. You can't get rid of either, whether you're in government, or in industry.