National: Voting’s Hash Problem: When the System for Verifying the Integrity of Voting Software Lacks Integrity Itself | Kim Zetter/Zero Day
In September 2020, just weeks before voters went to the polls in one of the nation’s most critical and contentious presidential elections, state officials in Texas learned of a disturbing problem with election software used widely across their state and the country: a component of software provided by Election Systems and Software — the top voting machine maker in the country — didn’t work the way it was supposed to work. The component wasn’t involved in tabulating votes; instead it was a software tool provided by ES&S to help officials verify that the voting software installed on election equipment was the version of ES&S software certified by a federal lab, and that it hadn’t been altered by the vendor or anyone else since certification. But Texas officials learned that the tool — known as a hash-verification tool — would indicate that ES&S software matched the certified version of code even when no match had been performed. This meant election officials had been relying on an integrity check that had questionable integrity. When voters or security experts express concern that elections can be hacked, officials often cite the hash-verification process as one reason to trust election results. Hash verification involves running software through an algorithm to produce a cryptographic value, or hash, of the code. The hash — a string of letters and numbers — serves as a fingerprint of the program. If the software is altered and then run through the same hashing algorithm again, the hash that’s created won’t match the original hash. But Brian Mechler, an engineering scientist at Applied Research Laboratories at the University of Texas at Austin, discovered while testing ES&S software for the Texas secretary of state’s office last year, that the company’s hash verification tool didn’t always work correctly.