Election Notice: Election Night Returns

Election Advisory No. 2022-30

To: All Election Officials
From: Keith Ingram, Director of Elections
Keith Ingram's signature
Date: September 19, 2022
RE: Hash Validation Procedures for Logic and Accuracy Testing

The purpose of this advisory is to provide an explanation of the procedures for conducting the hash validation as part of the testing for voting systems in accordance with Section 129.023 of the Texas Election Code.

All statutory references in this advisory are to the Texas Election Code (“the Code”), unless otherwise stated.

Section 1 – Hash Validation Definition
Section 2 – General Procedures for Hash Validation
Section 3 – Obtaining Trusted Hashes
Section 4 – Generating Your Hashes
Section 5 – Performing the Comparison
Section 6 – Voting Systems Certification

Section 1 – Hash Validation Definition

Hash validation, as applied to voting systems, consists of the process of verifying the integrity of the files and the source code of a specific voting system.

A hash is a mathematical function that creates a unique string of letters and numbers that identifies a system and its programming. A specific hashing algorithm will always create the same string, allowing vendors and elections officials to compare hash values and confirm that the voting system and its source code has not been altered.

During the hash validation process, a hash will be generated from the entity’s voting system and compared to a trusted hash (golden file) that was generated by the U.S. Election Assistance Commission (EAC) when the system was initially certified and tested at the federal level. Those two hash values are compared to verify that the firmware and software used on the system owned by the entity is the same as the firmware and software that was initially tested and certified by the EAC and by the Secretary of State (SOS).

If the generated hash is identical to the trusted hash that was generated by the EAC, then the hash validation is successful.

Section 2 – General Procedures for Hash Validation

Four types of voting system testing shall be performed for each election within a jurisdiction. The four tests are:

  1. Hardware Diagnostic Test,
  2. Logic and Accuracy (L&A) Test/Testing of Tabulation Equipment,
  3. Hash Validation, and
  4. Post-Election Audit (Partial Manual Count).

Senate Bill 1 (87th Leg., 2nd C.S., 2021) amended Section 129.023 to require that when conducting an L&A test for each election, the general custodian must also demonstrate, using a representative sample of the voting system equipment, that the source code has not been altered. The method for doing so is to perform a hash validation, which compares a hash generated by the system to a trusted hash provided by the SOS or the EAC to verify that the two hashes are identical.

This statutory requirement applies to each county and entity conducting an election.

For more detailed information on how to perform the other three voting system tests, please refer to Tex. Sec’y of State Election Advisory No. 2019-23.

The materials and results of the hash validation part of the test need to be stored with the testing materials corresponding to that election and may be subject to the corresponding retention periods. These may include media drives, digital (screenshots, computer generated reports, etc.) or printed copies of the results.

NOTE: Voting system vendors are aware of this new statutory requirement and must provide their customers with documentation that outlines the procedures for generating a hash from their system. Please contact your vendor for more guidance on the specific procedures for generating a hash from your voting systems.

General Procedures for Hash Validation

  1. Your voting system vendor must provide specific instructions on how to generate hashes from your voting system and the voting system equipment, and on how to perform the comparison with the trusted hashes.
  2. Using the vendor-provided instructions, the general custodian must generate a hash from the system and from a representative sample of the voting system equipment.
  3. The trusted hashes must be obtained from the SOS or directly from the EAC. To request the trusted hashes for your system from the SOS, please contact ElectionSecurity@sos.texas.gov.
  4. The general custodian will compare the hashes generated from the system and a representative sample of the voting system equipment to the trusted hashes provided by the SOS or the EAC to verify that those hashes are identical.
  5. If the generated hash and the trusted hash are identical, then the test is successful.

NOTE: If your voting systems version has not changed from the last time you obtained trusted hashes from the SOS, you may utilize the same files to perform the hash validation testing. You can submit another request if the previous files are unavailable.

Section 3 – Obtaining Trusted Hashes

In order to compare hashes, you must first obtain your trusted hashes from the SOS.
  1. When requesting your hashes, please send the following information to the SOS at ElectionSecurity@sos.texas.gov:
    1. Voting System Vendor (Hart, ES&S, etc.)
    2. Vendor Specific Software Version (Verity 2.X, EVS 6.X.X.X, etc.)
  2. You will receive two e-mail messages. The first one will include an encrypted, password protected compressed folder. The decrypting passcode will be included in the second e-mail message.
  3. You must download the encrypted file to your computer or an external storage device in order to extract and obtain the folder containing the trusted hashes.
  4. In order to access the files, you must enter the passcode provided on the second e-mail message.
  5. Once files are available, you must generate your voting systems values for comparison using the tool provided by the vendor or other authorized hashing tool.

Section 4 – Generating Your Hashes

You must follow your vendor-provided specific instructions when generating your hashes. Hash generation procedures vary depending on the software version, equipment and vendor. Normally, a file containing the hashes is generated on the voting system using a native tool and exported to an external drive for comparison.

You are not required to generate hashes from every individual voting device, but you are required to perform a hash validation of a representative sample of your voting system equipment. At a minimum, you need to generate a hash from at least one of every type of voting system device owned by your entity, including any voting devices, any precinct or central scanners, and any election management system workstations.

Section 5 – Performing the Comparison

Once you have received your trusted hashes and have successfully generated hashes from a representative sample of your voting devices, the final step is to compare your trusted hashes against your generated hashes to verify that they are identical. This comparison may be performed either through a visual comparison or by using a comparison tool.

You can perform your hash comparison by visually comparing the string of characters from your generated hash against the string of characters from your trusted hash. If the two sets of characters are identical, then the hash validation is successful.

You can also perform your hash comparison by using a software tool to perform the comparison. You should not use a vendor-provided comparison tool for this purpose. For recommendations on comparison tools, please work with your IT department or contact the SOS at ElectionSecurity@sos.texas.gov.

NOTE: Several counties have identified freeware products that have been effective when comparing files for the purpose of hash validation. Such products might not be compatible to use with all voting systems methods of hash comparison. It is your responsibility to verify and investigate software before you install it in your systems. Please consult your IT security personnel for guidance concerning the use of freeware for this purpose.

Section 6 - Voting Systems Certification

A voting system that is unable to generate a hash value to verify the programming cannot meet this requirement and therefore will not be certified by the SOS. (Secs. 122.003, 122.032).

If you have any questions regarding this advisory, please contact the Elections Division toll -free at 1-800-252-VOTE (8683).

KI:CP:DVP