{"id":1547181,"date":"2025-07-15T21:40:00","date_gmt":"2025-07-16T01:40:00","guid":{"rendered":"https:\/\/bugaluu.com\/news\/?p=1547181"},"modified":"2025-07-15T21:40:00","modified_gmt":"2025-07-16T01:40:00","slug":"the-cryptographic-fix-for-us-elections-is-still-sitting-on-the-shelf","status":"publish","type":"post","link":"https:\/\/bugaluu.com\/news\/the-cryptographic-fix-for-us-elections-is-still-sitting-on-the-shelf\/1547181\/","title":{"rendered":"The Cryptographic Fix For US Elections Is Still Sitting On The Shelf"},"content":{"rendered":"

The Cryptographic Fix For US Elections Is Still Sitting On The Shelf<\/span><\/p>\n

\n

Authored by Jason Nelson via Decrypt.co,<\/em><\/a><\/p>\n

In brief<\/h2>\n

A former voting machine auditor says U.S. election systems still lack basic cryptographic safeguards to detect ballot tampering or duplication.<\/p>\n

He proposes adding end-to-end cryptographic proofs – without blockchain – to secure future elections and restore public trust.<\/p>\n

Despite identifying vulnerabilities as early as 2006, he says vendors won\u2019t act without legal pressure or updated election laws.<\/p>\n

In 2006, software engineer Michal Pospieszalski uncovered dangerous flaws in U.S. voting machines\u2014flaws he says still threaten American elections today.<\/p>\n

Hired by the Election Science Institute, where he served as Chief Technology Officer, Pospieszalski was flown to the headquarters of election vendor Election Systems & Software (ES&S) in Omaha, Nebraska. His task was to analyze the company\u2019s\u00a0iVotronic<\/a>\u00a0voting system.<\/p>\n

For over a week, Pospieszalski uncovered a wide range of issues, including \u201cbad code practices, backdoors, static passwords,\u201d and most importantly, what he described as a complete lack of \u201cend-to-end cryptographic proofs.\u201d<\/strong><\/p>\n

<\/a><\/p>\n

\u201cThe biggest thing that wasn\u2019t there was end-to-end cryptographic proofs,\u201d <\/strong><\/em>Pospieszalski told\u00a0Decrypt<\/em>\u00a0in an interview. \u201cMeaning there\u2019s no way the machine, even with perfect external security, could know if a ballot is legitimate, or if it\u2019s been counted twice, three times, 10 times, or 1,000 times.\u201d<\/p>\n

What\u2019s missing from today\u2019s voting machines<\/h2>\n

The CEO of blockchain security and identity software company\u00a0MatterFi<\/a>, Pospieszalski, said that vulnerability isn\u2019t hypothetical; it\u2019s easily exploitable by anyone with access to voting machines and voter registration systems.<\/p>\n

\u201cYou could just run the same ballot through 10 times\u2014and that\u2019s still true today\u2014and it\u2019ll just count as 10 votes,\u201d<\/strong><\/em> he explained. \u201cAnd the scanner doesn\u2019t know any better, and neither does the tabulator. The tabulator in the central precinct is like, \u2018Oh, it was 10 votes.\u2019\u201d<\/p>\n

Pospieszalski said the separation of ballot and voter record systems often makes reconciliation impossible without referring to original paper records.<\/p>\n

\u201cThere\u2019s no anonymous serialization of each ballot that would allow the system to know that each serialized ballot has to be counted only once,\u201d <\/strong><\/em>he said.<\/p>\n

The solution, according to Pospieszalski, involves software\u2014not hardware\u2014and builds on cryptographic techniques first developed in the 1980s by\u00a0David Chaum<\/a>, a cryptographer who pioneered digital cash and introduced blind signatures, allowing transactions to be verified without revealing their contents.<\/p>\n

Chaum later founded\u00a0DigiCash<\/a>, an early digital currency, and proposed cryptographic voting systems that preserve anonymity while enabling public verification. His work laid key foundations for both secure e-voting and modern cryptocurrencies like\u00a0Bitcoin<\/a>.<\/p>\n

\u201cWhat you want is the machine at the end\u2014the central count tabulator or election management system\u2014gets a vote definition, and you have a Chaumian-blinded serialization on every ballot,\u201d Pospieszalski said. \u201cSo, like in LA County, that output ballot that\u2019s printed has a serial number. That serial number doesn\u2019t identify the voter, but it tells the tabulator in the central precinct, \u2018Hey, this is a unique ballot.\u2019\u201d<\/p>\n

\u201cIf I see two of them, then somebody cheated,\u201d<\/strong><\/em> he added. \u201cEspecially if I see 50 of them.\u201d<\/p>\n

In Pospieszalski’s proposed model, there would be three counts: the paper ballots, the conventional digital tally, and a third cryptographic count.<\/p>\n

\u201cThe way you see cheating is the digital count says there are 100 votes, and the cryptographic count says there should only be 90,\u201d Pospieszalski said. \u201cNow you know someone injected 10 votes.\u201d<\/p>\n

Lessons from Antrim County<\/h2>\n

In 2020, Pospieszalski was hired to conduct forensic analysis in Antrim County, Michigan, after a brief vote-counting error triggered widespread speculation.<\/p>\n

\u201cThere was a vote flip in Antrim County by, like, roughly 2,000 votes, where, like, one day it was 2,000 for Biden, and the next day it was 2,000 for Trump,\u201d he recalled. \u201cWhat really happened is the ballot definition was misconfigured so that the system thought that the votes for Trump were for Biden.\u201d<\/strong><\/p>\n

He said that when the ballots were rescanned with the corrected definition file, \u201cEverything went back to normal.\u201d<\/p>\n

Pospieszalski emphasized that while the error was technical, the optics of the situation fed public suspicion.<\/p>\n

\u201cThere wasn\u2019t a huge, hostile attack. But as a voter being riled up by the media\u2014particularly right-wing media\u2014people are going to want answers,\u201d he said, adding that such confusion is exactly what end-to-end, off-chain cryptographic proofs are designed to prevent.<\/p>\n

But while he found no evidence of remote hacking or software backdoors, Pospieszalski did say he encountered signs of possible ballot injection during his analysis.<\/p>\n

\u201cIf you have a ballot with 42 choices, and in the analysis you see 100 ballots with all 42 filled out the exact same way, you\u2019re like: Um, probably not real,\u201d <\/strong><\/em>he said. \u201cThat\u2019s the stuff I found some evidence of in Antrim County.\u201d<\/p>\n

Asked why cryptographic ballot serialization hasn\u2019t been implemented, Pospieszalski pointed to entrenched systems and corporate reluctance to make changes, adding that proposals for secure voting often failed to gain traction because they were too complicated.<\/p>\n

\u201cThey\u2019re suggesting all sorts of really, really difficult-to-use schemes… stuff that people are just like, if you\u2019re a voting machine manufacturer, this isn\u2019t going to make any sense,” he said.<\/p>\n

Several technologies aim to improve election security and trust. In April, New York Assemblyman Clyde Vanel\u00a0introduced<\/a>\u00a0a bill that would use blockchain technology to secure voter records and election results. While\u00a0blockchain<\/a>\u00a0has been promoted as a solution for secure voting, Pospieszalski argued that the core issue doesn\u2019t require that level of complexity.<\/p>\n

\u201cAll you’re trying to do is solve a simple problem: get an accurate count of legitimate votes,\u201d <\/strong><\/em>he said. \u201cExtra complexity is unnecessary. A lot of people push blockchain because it’s popular, but you don’t actually need it.\u201d<\/p>\n

By contrast, Pospieszalski says his solution works with current machines.<\/p>\n

\u201cI\u2019m just saying: Look, make it a software upgrade to the existing system and work with Dominion, work with ES&S, and you can just turn it on or off,” <\/strong><\/em>he said.<\/p>\n

Asked how adoption might happen, Pospieszalski suggested legislation or mandates from jurisdictions that oversee elections.<\/p>\n

\u201cVoting manufacturers and their customers\u2014counties\u2014need big precincts to push for change,\u201d he explained. \u201cIf a law said that by 2028 or 2032, voting systems must include end-to-end crypto proofs, we\u2019d be in business.\u201d<\/p>\n

The advantage, according to him, would be clarity in future elections, especially in heated contests where trust is fragile.<\/strong><\/p>\n<\/div>\n

Tyler Durden<\/a><\/span>
\nTue, 07\/15\/2025 – 17:40<\/span><\/p>\n

\u200bhttps:\/\/www.zerohedge.com\/crypto\/cryptographic-fix-us-elections-still-sitting-shelf<\/a>\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"

The Cryptographic Fix For US Elections Is Still Sitting On The Shelf Authored by Jason Nelson via Decrypt.co, In brief A former voting machine auditor…<\/p>\n","protected":false},"author":0,"featured_media":1547182,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-1547181","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","wpcat-1-id"],"_links":{"self":[{"href":"https:\/\/bugaluu.com\/news\/wp-json\/wp\/v2\/posts\/1547181","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bugaluu.com\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bugaluu.com\/news\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/bugaluu.com\/news\/wp-json\/wp\/v2\/comments?post=1547181"}],"version-history":[{"count":0,"href":"https:\/\/bugaluu.com\/news\/wp-json\/wp\/v2\/posts\/1547181\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bugaluu.com\/news\/wp-json\/wp\/v2\/media\/1547182"}],"wp:attachment":[{"href":"https:\/\/bugaluu.com\/news\/wp-json\/wp\/v2\/media?parent=1547181"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bugaluu.com\/news\/wp-json\/wp\/v2\/categories?post=1547181"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bugaluu.com\/news\/wp-json\/wp\/v2\/tags?post=1547181"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}