Free & Fair is creating a guaranteed secure, correct, resilient and publicly-verifiable voting system that comprehensively addresses on-site and remote voting on and before Election Day, as well as post-election tabulation and audits. We will deliver these results by leveraging decades of expertise in building national security critical systems for the Department of Defense and the intelligence community.
We are releasing the system as open-source, making it available to jurisdictions and election officials around the U.S. for free. Our goal is to provide an alternative to the overly expensive proprietary systems that have been demonstrated to be unreliable, and to significantly reduce the cost of conducting elections. The proposed system will enhance public trust in election outcomes by producing publicly verifiable evidence about the correctness of the results in each election, which is unprecedented in any available system to date. The system will place special emphasis on accessibility and usability, aiming to increase voter access and participation in elections.
Free & Fair is a spin-out of Galois, an Oregon company with 17 years of experience in producing deployable, trustworthy critical systems for the Department of Defense, intelligence community, NASA, NIST, Amazon, Department of Homeland Security, and others. Our expertise is in a field of computer science that employs formal mathematical methods that result in the creation of formally verified systems. Systems of this nature are exact in the way mathematical proofs are exact. This means that our techniques can prove the correctness of the system in a way that traditional software development cannot.
In the past, we have utilized these techniques to produce a wide range of projects, including “hack-proof” software for aerial vehicles, formally proven free of vulnerabilities, at Boeing, a system for information sharing across clearance levels with absolute security guarantees and a formal proof of correctness, and mathematically proven cryptographic algorithms for deployment in critical systems.
Computer systems are trusted far more than they deserve. Election systems are no different. They are a ‘black box’ of private computer code known to have reliability and security issues—issues that are problematic due to their complexity and the desire for Internet connectivity. These trends exacerbate the challenge of trusting the results election systems produce. Essentially, today’s election systems are as untrustworthy as every other system you read about crashing and being hacked: your email, the stores you shop in, the banks you rely on, and government systems and records. The major difference between trusting those systems and trusting election systems, however, is that the very foundation of democratic governance hinges upon trust in election results.
Security experts have shown that current proprietary election systems are not reliable and should not be used. However, jurisdictions have no real alternative in the market. Open-source software often plays that role in other areas. For example, the Linux operating system is an open-source alternative to proprietary operating systems like those from Microsoft and Apple, and has been extensively used in critical systems by the Department of Defense. It has also enabled dozens of companies to create a thriving support ecosystem and been the catalyst for hundreds of thousands of new jobs. We aim to create the Linux equivalent for election systems.
Correctness, Security and Certification
Whereas traditional approaches use testing and quality assurance teams to check for bugs and “ensure” correctness, the use of formal methods establishes the correctness of a system as it is created. Formal methods can ensure not only that a system will work as intended, but also that the system will work only as intended: it will not malfunction, contain vulnerabilities, or be able to be subverted by malicious actors. For critical systems, like those that operate our elections, such assurance is essential.
We are a politically neutral organization, focused on ensuring both that each person legally eligible to vote can do so, and that the process maintains strict voter privacy while enabling independent verification of aggregated results.
Key Team Members
On our team at Free & Fair we have scientists with in-depth experience in elections technology, critical systems, and formal methods.
Dr. Joe Kiniry
Dr. Kiniry has fifteen years of experience in the design, development, support, and auditing of supervised and Internet/remote electronic voting systems. He has served as an adviser to multiple governments in matters relating to electronic voting. He is the CEO and Chief Scientist of Free & Fair and leads Rigorous Software Engineering and High-assurance Cryptography at Galois.
Dr. Stephanie Singer
Dr. Singer has dual expertise in technology and elections. She has extensive experience with elections over more than a decade in roles ranging from poll worker to candidate to election data analyst to Chair of the Philadelphia County (Pennsylvania) Board of Elections. For three years she served on the Board of the County Commissioners Association of Pennsylvania and as Co-Chair of the statewide Elections Reform Committee of that organization.
Dr. Dan Zimmerman
Dr. Zimmerman has extensive experience in formal methods, high-assurance software engineering, and concurrent and distributed systems. Dr. Zimmerman’s primary research interest is in the application of formal methods to the software development process. He has contributed to the design and development of other widely-used software engineering and formal methods tools.
Dr. Joey Dodds
Dr. Dodds has implemented both a tabulator and a risk limiting audit system and done specifications for both. He also fully proved the correctness of the tabulator. He is a key participant in the verification of Amazon’s s2n library. He has been responsible for both the verification of the library and implementing a system to automatically report metrics about the progress of the project to Amazon’s upper management.
You can learn more about our products HERE.
Any IT organization will be able to offer integration, deployment, and maintenance services for our products. Free & Fair also offers such services with competitive, open pricing to ensure that jurisdictions that want to deploy the system immediately can find the needed support to do so.
Free & Fair’s products are transparently priced on a per-citizen basis, as the customer owns the bespoke, hardened system for their jurisdiction and can use it perpetually without cost.