Feds Issue Test Copies of E-voting Software
Officials can match digital signatures to reference copies, but initial use is limited     

News Story by Dan Verton

NOVEMBER 01, 2004 (COMPUTERWORLD) - Federal officials last week released a set of software files submitted by five vendors of e-voting systems and voting verification tools, saying that election officials can use the code and related digital signatures to check whether the software they have bought has been modified without their knowledge.

But the so-called reference data set issued by the National Institute of Standards and Technology will likely be of little use to state officials for verifying the integrity of e-voting systems being used in tomorrow's election. And the future value of the files could be limited for states that have customized their e-voting software.

The National Software Reference Library's (NSRL) Web site said the files typically can be used only to check software that has yet to be installed on a voting machine. The notice added that "with limited exceptions," e-voting software can't generate digital signatures after it has been installed.

The NSRL notice also said that election authorities using software that has been legitimately altered won't be able to use the reference data set to compare digital signatures. Only signatures derived from the identical product releases submitted by the five vendors are available on the NSRL's Web site.

Vendors that had provided software to the NSRL as of Oct. 22 include Diebold Inc., Election Systems & Software Inc., Hart InterCivic Inc., Sequoia Voting Systems Inc. and VoteHere Inc. Oakland, Calif.-based Sequoia said it has made several submissions over the past two weeks.

Bellevue, Wash.-based VoteHere said in late June that it had submitted a reference source-code implementation for inclusion in the NSRL. Omaha-based ES&S made a similar announcement in August, and Austin-based Hart InterCivic followed suit in mid-October. North Canton, Ohio-based Diebold couldn't be reached for comment.

Facing Skepticism

The submissions were made after the U.S. Election Assistance Commission called on all e-voting software vendors to provide code to the NSRL. In a letter dated July 13, commission Chairman DeForest Soaries Jr. said having access to the code would "facilitate the tracking of software version usage." Some observers have claimed that vendors have installed patches and upgrades prior to elections without letting officials inspect the code first. Sequoia spokesman Alfie Charles said the NSRL is storing "pristine copies" of vendor-submitted software "to help prepare for the inevitable challenges that take place whenever there are close elections."

But Avi Rubin, a professor at Johns Hopkins University who has criticized e-voting security controls, called the NSRL "smoke and mirrors." Rubin said that if e-voting software "is already rigged, storing the [digital signature] hashes only guarantees that the malicious code will be there if the hashes match."

Kim Alexander, president of the California Voter Foundation, called the vendor submissions good news, but only if there are no last-minute changes to the software. "If there are technical problems with software vote counts on election night, it's possible that vendors will, as they have in the past, install patches or upgrades to get the vote count started again," she said.

Election officials will have to keep a public audit log of all software testing and installations to ensure that there's no appearance of impropriety, Alexander added.