Presentation is loading. Please wait.

Presentation is loading. Please wait.

Electronic Voting Network Security 1 Edward Bigos George Duval D. Seth Hunter Katie Schroth.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Electronic Voting Network Security 1 Edward Bigos George Duval D. Seth Hunter Katie Schroth."— Presentation transcript:

1 Electronic Voting Network Security 1 Edward Bigos George Duval D. Seth Hunter Katie Schroth

2 Electronic Voting Network Security 2 Outline Introduction & Overview Network Definition Funding & Certification Security Concerns Recommendations Conclusion

3 Electronic Voting Network Security 3 Introduction Election security is a historic concern –Decides who has power and control –Often a heavily distributed process –Ancient Greeks cast secret, fully-auditable ballots Several important components –Anonymity of votes –Authentication of voters –Integrity of votes –Result tampering –Result validation

4 Electronic Voting Network Security 4 Overview First nationwide attempt at electronic voting in 2004 Presidential Election –PC-based DRE Voting Machines and Central Tabulators Network security concerns exist at the Central Tabulators and their links to voting machines –Network capability just as important as actual usage Disclaimer: NOT a political argument –Election security in a modern context –Recent election chosen solely because it was the first large- scale rollout of such technology

5 Electronic Voting Network Security 5 Network Definition ‘Legacy’ voting machines –Punch card readers –Optical scanners Direct Recording Electronic (DRE) machines –AccuVote-TS Central Tabulators –Diebold GEMS Network capabilities –Ethernet NIC –Dial-up modem – commonly used. –Occasionally, wireless NIC! –Little to no protection, and enabled by default.

6 Electronic Voting Network Security 6 Funding And Certification of E-voting systems

7 Electronic Voting Network Security 7 Significance Need to determine How and Where the money comes from to upgrade the voting systems. Who and What establishes the Standard that the new machines are tested against

8 Electronic Voting Network Security 8 HAVA, NASED and the ITA Help America Vote Act (HAVA) –Formed from the Federal elections commission to funnel funds to upgrade voting equipment National Association of State Election Directors (NASED) –Formed out of the Election Assistance Commission to help standardize the evaluation of Equipment Independent Testing Authorities (ITA) –“Specialists” hired to test the HW and SW of the new Electronic Voting Equipment.

9 Electronic Voting Network Security 9 Independent Testing Authorities Pot-holes in the system Wyle Labs were used for the HW testing –Left security to be tested by the manufacturer Ciber Inc Hired to test SW –Penetration and security tests “Not Applicable”

10 Electronic Voting Network Security 10 Integrity and Security Concerns Vote Integrity –Entry point Problems: Punch Cards, Optical Scanners and DREs Rogue Voting Machines –Vulnerable to malicious attacks like: Network Access, Authentication, Man-in-the-Middle, Desynchronization Eavesdropping –Line taps, Packet sniffing and Man-In-The-Middle Result Tampering

11 Electronic Voting Network Security 11 Hypothetical Tampering Tampering with out notice Point of Entry : National Election Poll –Assume a direct link to the Central Tabulators are accessible to NEP workers Gains Access to the network Accesses the Database Likely Suspects: –NEP poll worker or a Technician familiar with the manufacturing of the voting equipment

12 Electronic Voting Network Security 12 Security of Electronic Voting

13 Electronic Voting Network Security 13 Notable Security Reviews Hopkins Report –Review of voting terminal security. SAIC Report –Management controls RABA Report –Actual security tests.

14 Electronic Voting Network Security 14 Hopkins Report In depth review of C++ source code left on an open Diebold FTP server. Suggested several potential attacks. “cryptography, when used at all, is used incorrectly” –Hard coded encryption key = F2654hD4. Same since 1998 ! –“Even unsophisticated attackers can perform ‘untraceable’ man-in-the-middle attacks.”

15 Electronic Voting Network Security 15 Key Points from the Hopkins Report Key Management –a hard coded key: #define DESKEY ((des_key*)"F2654hD4") Encryption –implementation always uses zero for its IV. DesCBCEncrypt((des_c_block*)tmp, (des_c_block*)record.m_Data, totalSize, DESKEY, NULL, DES_ENCRYPT); Message Authentication –16-bit CRC of the plaintext data is an un-keyed public function –CRC is stored with the Cipher text in the file and read whenever its decrypted and verified. –Problem is that the cipher text shouldn’t be stored with the CRC in an unencrypted form.

16 Electronic Voting Network Security 16 SAIC Report Management and policy, not a technical review. Commissioned by MD Governor Ehrlic. –Suggested the use of controls & “tamper tape”. “Dr Rubin did not have a complete understanding of Maryland’s implementation, process, controls and environment.” Conclusion: Systems at high risk, but risk could be mitigated by management controls.

17 Electronic Voting Network Security 17 RABA Report Reviewed & critiqued the Hopkins & SAIC. –Hopkins report substantially correct. –Agrees with the evaluation that the election station software code quality is poor. RED TEAM laboratory exercise. –Used current Diebold source and actual AccuVote-TS hardware (January 2004). –Poor security related to DES key (F2654hD4) and administrative password (1111) still unchanged in newest versions.

18 Electronic Voting Network Security 18 Recommendations

19 Electronic Voting Network Security 19 Plug Most Severe Network Security Vulnerabilities DRE Voting Machines –Mandatory paper ballot receipts Ensuring that a proper recount can be conducted Finding a compromised DRE does not mean lost votes Central Tabulators –Open Source Code Eliminating the need for ITAs Ensuring secure software solutions

20 Electronic Voting Network Security 20 Policies & Regulations Audit Reform –Require a standard for recognizing the need for a recount Prohibit Direct Feeds into Central Tabulators –Only as strong as the weakest link –Other network feeds increases vulnerability

21 Electronic Voting Network Security 21 Conclusions Defined the system components of the election network Discussed financing and certification Explained network security concerns for the system components Suggested first steps to improving network security

22 Electronic Voting Network Security 22 Backup

23 Electronic Voting Network Security 23 Key Management Code snippet reveals a hard coded key: –#define DESKEY ((des_key*)"F2654hD4")[1][1] [1] Kohno, Stubblefield, Rubin, Wallach. “Analysis of an Electronic Voting System.” IEEE Symposium on Security and Privacy 2004. IEEE Computer Society Press, May 2004.

24 Electronic Voting Network Security 24 Encryption Another code sample of the GEMS software source code shows that the implementation always uses zero for its IV. –DesCBCEncrypt((des_c_block*)tmp, (des_c_block*)record.m_Data, totalSize, –DESKEY, NULL, DES_ENCRYPT);11 A Null in the argument forces the DesCBCEncrypt to use all zeros. “strong” random numbers are required for each encryption of CBC mode.

25 Electronic Voting Network Security 25 Message Authentication 16-bit CRC of the plaintext data is an un-keyed public function CRC is stored with the Cipher text in the file and read whenever its decrypted and verified. Problem is that the cipher text shouldn’t be stored with the CRC in an unencrypted form. –Better to first encrypt the data to be stored and then to compute a keyed cryptographic checksum of the cipher text. –The checksum could then be used to detect any tampering with the plaintext. –Since each entry has a timestamp, it can be used to detect reordering

Download ppt "Electronic Voting Network Security 1 Edward Bigos George Duval D. Seth Hunter Katie Schroth."

Similar presentations

Secret Ballot Receipts: True Voter Verifiable Elections Author: David Chaum Published: IEEE Security & Privacy Presenter: Adam Anthony.

Secret Ballot Receipts: True Voter Verifiable Elections Author: David Chaum Published: IEEE Security & Privacy Presenter: Adam Anthony.
Electronic Voting Systems

Electronic Voting Systems
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Requirements for a Secure Voting System  Only authorized voters can vote  No one can vote more than once  No one can determine for whom anyone else.

Requirements for a Secure Voting System  Only authorized voters can vote  No one can vote more than once  No one can determine for whom anyone else.
ETen E-Poll ID – Strasbourg COE meeting 23-24 November, 2006 Slide 1 E-TEN 29332 E-POLL Project Electronic Polling System for Remote Operation Strasbourg.

ETen E-Poll ID – Strasbourg COE meeting November, 2006 Slide 1 E-TEN E-POLL Project Electronic Polling System for Remote Operation Strasbourg.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.

Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.
CMSC 414 Computer and Network Security Lecture 10 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 10 Jonathan Katz.
Analysis of an Electronic Voting System

Analysis of an Electronic Voting System
By Varun Jain. Introduction  Florida 2000 election fiasco, drew conclusion that paper ballots couldn’t be counted  Computerized voting system, DRE (Direct.

By Varun Jain. Introduction  Florida 2000 election fiasco, drew conclusion that paper ballots couldn’t be counted  Computerized voting system, DRE (Direct.
CMSC 414 Computer and Network Security Lecture 11 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 11 Jonathan Katz.
1 J. Alex Halderman Security Failures in Electronic Voting Machines Ariel Feldman Alex Halderman Edward Felten Center for Information Technology Policy.

1 J. Alex Halderman Security Failures in Electronic Voting Machines Ariel Feldman Alex Halderman Edward Felten Center for Information Technology Policy.
1 MD5 Cracking One way hash. Used in online passwords and file verification.

1 MD5 Cracking One way hash. Used in online passwords and file verification.
How secure are 802.11b Wireless Networks? By Ilian Emmons University of San Diego.

How secure are b Wireless Networks? By Ilian Emmons University of San Diego.
Security Controls – What Works

Security Controls – What Works
Chapter 17 Controls and Security Measures

Chapter 17 Controls and Security Measures
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.

Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID 001790660.

1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
Voting Machine Technology Tom Trumpbour Computer Software Consultant United States.

Voting Machine Technology Tom Trumpbour Computer Software Consultant United States.
Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP)

Similar presentations

Ads by Google