Cell phones and voting system integrity l.jpg
This presentation is the property of its rightful owner.
Sponsored Links
1 / 33

Cell Phones and Voting System Integrity PowerPoint PPT Presentation


  • 160 Views
  • Uploaded on
  • Presentation posted in: General

Cell Phones and Voting System Integrity. Natalie Podrazik [email protected] Overview. Introduction Cell Phones Background Potential Attack tools Recording Abilities Wireless connections Traceability Relevance to Voting Systems. WINvote System Overview How it works

Download Presentation

Cell Phones and Voting System Integrity

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Cell phones and voting system integrity l.jpg

Cell Phones and Voting System Integrity

Natalie Podrazik

[email protected]


Overview l.jpg

Overview

  • Introduction

  • Cell Phones

    • Background

    • Potential Attack tools

      • Recording Abilities

      • Wireless connections

    • Traceability

    • Relevance to Voting Systems

  • WINvote System

    • Overview

    • How it works

    • Vulnerabilities and Attacks

    • Evaluation of WINvote’s preparedness for cell phone attacks

  • Recommendations

  • Conclusions

Natalie Podrazik – [email protected]


Introduction l.jpg

Introduction

  • Why this project was started

  • Why this project is relevant

  • Why it is novel

  • UMBC CSEE; CS 491V/691V

  • Program Investigator: Natalie Podrazik

Natalie Podrazik – [email protected]


Cell phones at a glance l.jpg

Became extremely popular in late 90’s

203 million + Americans own them today

More customizable

Smaller in size

Growth towards greater computing capacity and personal feel

Integration of PDA and cell phones

Leads to functionality of PC’s

Cell Phones: At a Glance

Natalie Podrazik – [email protected]


What can a cell phone do l.jpg

  • Take digital photographs

  • Record sound

  • Record Video

  • Photo messaging

  • Run PC-oriented applications (iTunes)

  • Access wireless devices

    • Bluetooth

    • 802.11

  • Programmable

What can a cell phone do?

  • Carry on conversation over phone line (GSM...)

  • Voicemail

  • Address book

  • Speed dial

  • Call history

  • Calculator

  • Games

  • Alarm clock

  • Text messaging

Natalie Podrazik – [email protected]


Why recording devices are problematic l.jpg

Why Recording Devices are Problematic

  • Invasion of privacy

  • Easier means of vote influence

  • Taking home TMI

  • Disabled citizens’ voting

  • Member registration

    • Easy recreation of interfaces with model

Natalie Podrazik – [email protected]


Why wireless devices are problematic l.jpg

Why Wireless Devices are Problematic

  • Systems use Bluetooth or Wi-Fi

  • Disruptions

    • Ballot loading to DRE’s

    • Sending of data to remote printers

    • Gathering of voter registration data

    • Pertinent election day updates

    • Tabulation of votes

    • More...

iPAQ H6315Pocket PC

T-Mobile M/DA

Natalie Podrazik – [email protected]


A unique territory l.jpg

A Unique Territory

  • Cell phones as potential attackers in critical systems

  • Electronic voting systems:

    • Inaccuracy

    • Unpredictability

    • Holes in security

  • Cost of attacks; identification of attacker

Natalie Podrazik – [email protected]


Case study winvote l.jpg

Case Study: WINvote

  • DRE, PPV

  • Wireless Internet

  • Chosen for easy setup

  • Checkered history

    • Binds County, MI: Failures

    • Arlington, VA: Praises

  • 2006 Elections: VA

VA

Natalie Podrazik – [email protected]


On election day setting up l.jpg

Master downloads ballot via Wi-Fi

Master distributes ballot to other stations

Displays Serial #s on Master screen

Open Unit Report

Setup of equipment

Boot up all machines

Display of machine data

Choose Master

On Election Day: Setting Up

BALLOT

LOCATION

Natalie Podrazik – [email protected]


On election day voting l.jpg

Election official inserts BALLOT card

EO leaves; voter votes

Votes recorded in:

Hard drive

USB Memory stick

On Election Day: Voting

BALLOT

Natalie Podrazik – [email protected]


On election day counting votes l.jpg

EO enters smart card on one chosen Master

EO confirms “Close Poll Location”

Other machines “wake up”

Master receives vote tallies from other machines in precinct

Serial #s of each machine displayed until “Stop Searching”

EO can “Export Location Data”

“Unit Close” report prints on each machine

On Election Day: Counting Votes

LOCATION

Natalie Podrazik – [email protected]


Recording devices exploit winvote flaws l.jpg

Recording Devices Exploit WINvote Flaws

  • Vote bribery/intimidation

  • Capturing of exact interface

    • GUI ballots

    • Disabled voters’ ballots

    • Bootup procedures

    • Shutdown procedures

  • Inability to determine when recording is going on

Natalie Podrazik – [email protected]


System integrity attacks l.jpg

System Integrity Attacks

  • Background:

    • Types of DoS Attacks to Wireless

      • Deauthentication

      • MAC layer duration stalling

    • Strength

    • Cost

  • Technologies to fret about

    • Bluetooth

    • 802.11 (Wi-Fi)

Natalie Podrazik – [email protected]


Winvote s vulnerabilities i l.jpg

Range of sensitive material

Machine Details

Registration Paperwork

Precinct Environment

Voting Procedures

Challenge of Detection

Identifying Attackers

WINvote’s Vulnerabilities I

Recording Election Data

Natalie Podrazik – [email protected]


Evaluation of attack i l.jpg

Record Castingof Votes

P/ND/$

Record ScreenTouch History

I/D/$$

Record VotesCast by DRE

I/D/$$

RecordVoter Voting

P/ND/$

EmbeddedSoftwareI/D/$$

Hidden,Traditional

P/ND/$$

Cell Phone

P/ND/$

RecordingHardware

I/D/$$$

$ = Relatively Cheap$$ = Moderately Priced$$$ = Very Expensive

P = Possible

I = Impossible

D = DetectableND = Not Detectable

Evaluation of Attack I

Recording Election Data

Natalie Podrazik – [email protected]


Evaluation of attack i17 l.jpg

Feasibility

Cost?

Resources?

Time?

Risk?

Traceability

Likelihood

Impact

Machine

Polling Place

Precinct

Election

Evaluation of Attack I

Recording Election Data

Cheap and possible attackwith minor to majorconsequences

Natalie Podrazik – [email protected]


Winvote s vulnerabilities ii l.jpg

Denial Of Service Attack

Repeated deauthentications

MAC Duration field delay

Redundancies for vote counts

Wireless submission

Paper trail

USB Memory stick

Broader impact of attack

WINvote’s Vulnerabilities II

Disrupting the Tallying of Votes

Natalie Podrazik – [email protected]


Evaluation of attack ii l.jpg

BlockTabulationP/ND/$$I

Remove

PollworkersI/D/$

DestroyMachinesI/D/$$

Ruin Wi-FiConnectionP/ND/$$

Ruin USBP/D/$

SwapI/D/$$

StealI/D/$

RuinPaper TrailP/D/$

SpecialEquipmentP/ND/$$

Break/DamageI/D/$

Break/DamageP/D/$

Swap

I/ND/$

StealI/D/$

LaptopP/ND/$$

JammerP/D/$$

Break/DamageP/D/$

Cell PhoneP/ND/$$

Evaluation of Attack II

Disrupting the Tallying of Votes

Natalie Podrazik – [email protected]


Evaluation of attack ii20 l.jpg

Evaluation of Attack II

Disrupting the Tallying of Votes

  • Feasibility

    • Cost?

    • Resources?

    • Time?

    • Risk?

  • Traceability

  • Likelihood

  • Impact

    • Machine

    • Polling Place

    • Precinct

    • Election

Requires some work and mayhave minor consequences.Redundancies in vote recordingprotect accuracy of election.

Natalie Podrazik – [email protected]


Winvote s vulnerabilities iii l.jpg

How it works

Tells WINvote machines to connect at receipt of a “magic packet”

Spoofing of magic packet

Repercussions of a “harmless attack”

zzzzzz

WINvote’s Vulnerabilities III

Wake-On-LAN (WoL)

Natalie Podrazik – [email protected]


Evaluation of attack iii l.jpg

Disturb WoL

P/ND/$$

Send PrematureWoL Request

P/ND/$$

DestroyMachines

I/D/$

Insert SmartCard EarlyI/D/$

SpoofWoL RequestP/ND/$$

Cell PhoneP/ND/$$

ComputerP/ND/$$

Evaluation of Attack III

Wake-On-LAN (WoL)

Natalie Podrazik – [email protected]


Evaluation of attack iii23 l.jpg

Feasibility

Cost?

Resources?

Time?

Risk?

Traceability

Likelihood

Impact

Machine

Polling Place

Precinct

Election

Evaluation of Attack III

Wake-On-LAN (WoL)

Requires some work and maynot affect overall electionresults, but it severely affectsvoter confidence in the system.

Natalie Podrazik – [email protected]


Winvote s vulnerabilities iv l.jpg

WINvote’s Vulnerabilities IV

Ballot Loading

  • Denial-Of-Service Attacks

    • Deauthentication

    • MAC Duration field delay

  • Redundancies

  • Broader impact of attack

Official Ballot

Natalie Podrazik – [email protected]


Evaluation of attack iv l.jpg

Block Ballot LoadingP/ND/$

DestroyMachinesI/D/$$

Remove

PollworkersI/D/$

Disable Smart CardsP/D/$

Prevent Wi-Fi via DoSP/ND/$

SwapI/ND/$$

Cell PhoneP/ND/$

Ruin CardsP/D/$$

LaptopP/ND/$$

StealP/D/$

Evaluation of Attack IV

Ballot Loading

Natalie Podrazik – [email protected]


Evaluation of attack iv26 l.jpg

Feasibility

Cost?

Resources?

Time?

Risk?

Traceability

Likelihood

Impact

Machine

Polling Place

Precinct

Election

Evaluation of Attack IV

Ballot Loading

A likely attack with a majoreffect on election day

with very few resources

Natalie Podrazik – [email protected]


Winvote s preparedness l.jpg

WINvote’s Preparedness

  • Preventative measures

    • Prohibiting cell phones

    • Limiting duration field

    • Requiring additional packet ID

  • Recognizing attack

  • Identifying Attackers

Natalie Podrazik – [email protected]


What we can learn from winvote l.jpg

What We Can Learn from WINvote

  • Process redundancy

  • Encryption of vote data

  • Encryption methods

  • Use of Wireless Internet

  • Wake-On-LAN

  • Danger of portable devices

Natalie Podrazik – [email protected]


Summary l.jpg

Summary

  • Cell phones pack a lot of punch

  • WINvote as a case study

    • Privacy

    • System disruption

    • Probability and ease of attack

  • Reevaluate today’s attacker

Natalie Podrazik – [email protected]


Works cited i l.jpg

Works Cited I

  • "802.11 at the Polls".  Wi-Fi Planet.  Date of Access: 04 May 2006: http://www.wi-fiplanet.com/news/article.php/2211761

  • "Advanced Voting Solutions Homepage".  Advanced Voting Solutions.  Date ofAccess: 04 May 2006: http://217.160.190.12/jlo775/

  • "Advanced Voting Solutions: WINvote Results".  Acessible Voting Systems Vendor Fair Survey Results. Date of Access: 04 May 2006: http://www.sos.state.or.us/elections/HAVA/vendorfair/survey_results/avswin_results.html

  • "A Report on the Feasibility of Internet Voting", California Secretary ofState Bill Jones and California Internet Voting Task Force.  Created June 2000.  Date of Access: 04 May 2006: http://www.ss.ca.gov/executive/ivote/final_report.htm

  • "A Vote for the Future".  Gpvernment Technology. Date of Access: 04 May2006: http://www.govtech.net/magazine/story.php?id=61857&issue=8:2003

  • "AVS.doc".  Oregon Secretary of State Help America Vote Act (HAVA) Page. Date of Access: 04 May 2006: www.sos.state.or.us/elections/HAVA/vendorfair/survey_results/AVS.doc

Natalie Podrazik – [email protected]


Works cited ii l.jpg

Works Cited II

  • "AVS Election Article: Advanced Voting Solutions Debuts Successfully inThree States". The Advocate Online. Date of Access: 04 May 2006: http://www.sims.berkeley.edu/~ping/diebold/lists/announce.w3archive/200211/msg00013.html

  • Bellardo, John, and Stefan Savage.  "802.11 Denial-of-Service Attacks: Real Vulnerabilities and Practical Solutions" in the Proceedings of the USENIX Security Symposium, August 2003.

  • "Digital Voting Fears are Grounded in Facts".  VoteTrust USA. Date ofAccess: 04 May 2006: http://www.votetrustusa.org/index.php?option=com_content&task=view&id=419&Itemid=86

  • "Election Day Guide". Arlington County, Virginia Electoral Board and VoterRegistration. Date of Access: 04 May 2006: http://www.arlingtonva.us/departments/VoterRegistration/eo/images/EdayGuide.pdf

  • "Electronic Voting Bibliography".  Personal Website: Anne-Marie Oostveen.Date of Access: 04 May 2006: http://www.social-informatics.net/evoting

  • "FAQ's: Voting Machine Replacement - Frequently Asked Questions". FairfaxCounty, Viringia Official Website. Date of Access: 04 May 2006: http://www.fairfaxcounty.gov/eb/FAQ_votingmachine_repl.pdf

Natalie Podrazik – [email protected]


Works cited iii l.jpg

Works Cited III

  • "HP iPAQ Pocket PC Information Center System Specifications".  Pocket PC Central.  Date of Access: 18 April 2006: http://pocketpccentral.net/ipaq6300.htm

  • "Mobile Device Reviews".  BrightHand.  Date of Access: 18 April 2006:http://www.brighthand.com

  • "Number of Precincts and Registered Voters by Congressional District -February 1, 2006". Virginia State Board of Elections . Date of Access: 04 May 2006: http://www.sbe.virginia.gov/cms/Statistics_Polling_Places/Registration_Statistics/2006/Congressional/Counties_Cities_within_Congressional_Districts_-_February_1,_2006.html

  • "Products: Architectural Elements: Voice Output Voting Machine". Abledata. Date of Access: 04 May 2006: http://www.abledata.com/abledata.cfm?pageid=19327&top=15499&trail=22,10445

  • "State & County QuickFacts: Virginia County Selection Map".  US CensusBureau. Date of Access: 04 May 2006: http://quickfacts.census.gov/qfd/maps/virginia_map.html

  •  "Tech Glitches Slow Vote Count". The Washington Times. Date of Access: 04May 2006: http://www.washingtontimes.com/metro/20031123-111644-2120r.htm

  • "The Electoral Board and General Registrar". Fairfax County, VirginiaOfficial Website. Date of Access: 04 May 2006: http://www.fairfaxcounty.gov/eb/homepage.htm

Natalie Podrazik – [email protected]


Works cited iv l.jpg

Works Cited IV

  • United States Federal Election Commission.  Agenda Document 01-62 from 13December 2001.  Volume 1, Section 5: Telecommunications.

  • "UT-STARCOM F1000G System Specifications".  UTstarcom.  Date of Access: 18 April 2006: http://www.utstar.com/Solutions/Handsets/WiFi/

  • "Va. Official: E-voting Security Not Easily Breached". The Citizens Voice.Date of Access: 04 May 2006: http://www.zwire.com/site/news.cfm?newsid=13976846&BRD=2259&PAG=461&dept_id=455154

  • "Voting System Certification Status". Pennsylvania Department of State.Date of Access: 04 May 2006: http://www.hava.state.pa.us/hava/lib/hava/votingsystemexamination/vs_certification_status.pdf

  • "What is Wake On Lan?". Depicus Software. Date of Access: 04 May 2006: http://www.depicus.com/wake-on-lan/what-is-wake-on-lan.aspx

  •  "Wi-Fi".  Wikipedia.  Last updated: 18 April 2006.  Date of Access: 18April 2006: http://en.wikipedia.org/wiki/Wi-Fi

  • "Wireless Use in Presidential Primary Draws Positive Reviews". SpectrumResellers. Date of Access: 04 May 2006: http://spectrumresellers.com/publications/page207-725565.asp

Natalie Podrazik – [email protected]


  • Login