slide1 n.
Skip this Video
Loading SlideShow in 5 Seconds..
Nathanael Paul PowerPoint Presentation
Download Presentation
Nathanael Paul

Loading in 2 Seconds...

play fullscreen
1 / 16

Nathanael Paul - PowerPoint PPT Presentation

  • Uploaded on

Nathanael Paul. CRyptography Applications Bistro February 3, 2004. Electronic Voting. Convenient Supposed to increase voter turnout Quicker counts Handicapped/disabled “I wonder where the votes go once you touch the screen and if it's possible to mess with the vote.”

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Nathanael Paul' - mirabelle

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

Nathanael Paul

CRyptography Applications Bistro

February 3, 2004

electronic voting
Electronic Voting
  • Convenient
  • Supposed to increase voter turnout
  • Quicker counts
  • Handicapped/disabled
  • “I wonder where the votes go once you touch the screen and if it's possible to mess with the vote.”

Carol Jacobson, Berkeley, CA

  • Vote Coercion
  • Vote Selling
  • Vote Solicitation
  • Online Registration
  • Voter Privacy
  • Could have a scrawny teenage script kiddy but now a foreign government
rubin s security considerations for remote electronic voting over the internet
Rubin’s “Security Considerations for Remote Electronic Voting over the Internet”
  • Hosts are assumed to be Windows using IE/Netscape
  • Internet connection using TCP/IP
  • Attack the endpoints (user, servers) or communications
attacking the host
Attacking the host
  • Malicious payloads
    • Proxy settings
      • Javascript or Java applets
    • BackOrifice
      • PCAnywhere, open source
    • Chernobyl virus
      • Activate on certain day
      • Modified bios
get the code on their machine
Get the code on their machine
  • MyDoom
  • instant messenger, file sharing
    • Windows Media Player (Java vulnerability)
  • AOL
  • Microsoft Office code
dos ddos attacks
DoS/DDoS attacks
  • Attack servers
    • Public key encryption
    • Regular expression attacks
  • Ping of death
  • DoS attacks on individual applications
    • Java (exploit system code)
social engineering
Social Engineering
  • SSL
    • Average user checking a certificate
    • Even if it’s bad, will some just proceed anyways?
  • Spoofing
    • Web site
    • Poisoning DNS cache
what is needed
What is needed?
  • Trusted path between user and election server
    • Malicious code should not have a way to interfere with normal operation.

Allow citizens outside of the country to vote in an easy manner

  • Should be at least as secure as current absentee voting ballot designs
  • SSL connection to a central server
  • Local Election Official (LEO) precinct computer downloads registration/ballots from central server
serve design
SERVE design


<name, Ekv(ballot)>





LEO precinct computer

some security considerations
Some Security Considerations
  • Attack central server, LEO server, host machine, communications (DNS)
  • Privacy
    • LEO’s can view entire precinct’s votes
    • Central server could view everyone’s votes
  • Windows only
  • ActiveX and Java used for central server and user
    • 75 flaws in Java from 1999-2003 according to CVE (not all are actual entries)
dos ddos in serve
  • Central server provides a single point of attack
  • LEO
  • Election spans longer period of time (month)
  • DDoS excess of 150 Gbps
    • E-commerce sites with 10 Gbps link
measuring it all up
Measuring it all up
  • Vote Coercion
    • Impossible to detect
  • Vote Selling
    • Buyers outside of US?
  • Vote Solicitation
    • AOL and Pop-ups will go crazy
  • Online Registration
    • Man-in-the-middle
  • Voter Privacy
    • Not possible with this scheme
proposed alternatives
Proposed Alternatives
  • Remote ballot printer recommended with the voter mailing in the printed ballot
  • Chaum’s SureVote scheme with voter-verifiable receipts using Visual Cryptography
  • VoteHere (covered by Richard) with a threshold cryptography scheme
additional reading
Additional Reading
  • IEEE Security & Privacy, Jan/Feb 2004 special issue on E-voting
  • SureVote, VoteHere DRE schemes
  • David Dill’s

“The fact that 50 votes were cast in Florida using VOI, and that a change of 269 votes in the official tally of that state would have resulted in Al Gore becoming President.”

SERVE report, Jan. 21, 2004