Presentation is loading. Please wait.

Presentation is loading. Please wait.

TESTING THE SECRUITY OF ELECTRONIC VOTING SYSTEM Presented By: NIPUN NANDA 100823581.

Published byDiana Weaver Modified over 9 years ago

Similar presentations

Presentation on theme: "TESTING THE SECRUITY OF ELECTRONIC VOTING SYSTEM Presented By: NIPUN NANDA 100823581."— Presentation transcript:

1 TESTING THE SECRUITY OF ELECTRONIC VOTING SYSTEM Presented By: NIPUN NANDA 100823581

2 OUTLINE Introduction History Motivation Voting System Components Challenges Methodology Tools Vulnerabilities Attacks Improving the Security Conclusion

3 INTRODUCTION Voting is the process through which a democratic society determines its government. ELECTRONIC voting systems are becoming a pivotal element of many modern democracies. November 2006 Congressional District 13 election: 14.9 % of the total number of votes cast on electronic voting machines showed no vote for either candidate i.e. 17846 ballots. In addition, the race was determined by only 369 votes. Due to the impact of the malfunctions of voting systems, a number of vulnerability analysis exercises are carried out to improve the voting system security.

4 HISTORY First analysis of a major electronic voting system was performed in 2003 by Harris on Diebold system. Johns Hopkins also analyzed Diebold repository. A. Feldman performed security assessment of a complete voting system, including both the hardware and the software components. Analysis of Sequoia Voting System– California and ES&S Voting System – Ohio

5 MOTIVATION The necessary motivation needed for this research: 1.Helped develop a general methodology for testing electronic voting systems. 2.Utilize reverse-engineering experience to expose vulnerabilities in the voting system components. Sequoia Voting System– California and ES&S Voting System – Ohio

6 VOTING SYSTEM COMPONENTS Systems and voting procedures described are in the context of US-based elections DRE(Direct Recording Electronic) Voting Machine: Device to record the voter’s choices VVPAT(Voter-Verified Paper Audit Trail): Paper-based record of the choices selected by the voter EMS(Election Management System): System responsible for the initialization of the components that collect the votes and also for the final tallying of the votes Optical Scanner: An optical reader that counts votes cast on paper ballots DTD(Data Transport Device): Storage device to transfer data between different components of the systems.

7 DRE voting machines Optical scanners DTD

8 INTERACTION BETWEEN THE COMPONENTS

9 CHALLENGES WHEN TESTING THE SECURITY Physical Security Electronic Security Limited IT Training Certification Problems

10 METHODOLOGY Step 0:Information gathering Step 1:Identification and analysis of high level component and information flow Step 2:Develop cases for violating the assumptions

11 METHODOLOGY Step 3: System analysis and identification of low level information flow Step 4: Identification of threats and attack exposures Step 5 :Breaking the cycle: attacking a component of the voting process Step 6 :Closing the cycle: compromising the entire voting system

12 TOOLS Tools to support the development and testing of exploit payloads called Exploitation Support Tools 1. Debugger 2. Firmware Patching Framework Tools to read and write the voting machine’s data transport devices called DTD Manipulation Tools 1. DTD Reader/Writer 2. File System Reader/Modifier

13 VULNERABILITIES EMS Vulnerabilities 1. Buffer Overflow 2. Lack of Cryptographic Techniques 3. Incomplete Specification of System requirements 4. Poor Access Control Mechanism DRE Vulnerabilities Many of the same vulnerabilities as EMS 1. Cant Detect the firmware replacement 2. Back Doors 3. Lack of Physical Security Optical Scanner Vulnerabilities Same vulnerabilities as EMS and DRE

14 ATTACKS Sequoia Virus ES&S Virus Class of attacks successfully demonstrated on voting systems: Voting System Virus Primary goal: Influence the results of the election such that a designated candidate is reported as receiving the highest number of votes. The process for achieving the goal is called : Steal An Election

15 STEAL AN ELECTION DRE Attacks 1.Trusting Voter: Voter is not careful to check the physical audit trail for discrepancies 2.Careful Voter: Voter is careful to check the ballot summary 3.Fleeing Voter: Voters who leave the polling station before completing the ballot 4. Fake Fleeing Voter: Malicious firmware artificially induces a fleeing voter situation 5.After the Fact Vote: Similar to the above scenario except that the ballot is automatically cast 6.Vote Suppression: Malicious firmware suppressing undesirable votes Optical Scanner Attacks Assumption: Presence of a physical audit trail that can be inspected in order to verify the correctness of their ballot

16 LARGE SCALE ATTACKS At large Attack is constrained by following conditions. 1. The number of votes for the preferred candidates must be greater than those of the opponents. 2. The margin between vote tallies for any given race must be greater than that allowing a recount according to law. 3. Vote tallies must be “close” to pre-election polling. These can used as set linear constraints and parameters to implement large scale attacks can be done by Linear Programming denote the percentage of the votes that each candidate i should receive in precinct j, X 0,j is the preferred candidate. IE[x] denote the expected percentage of votes ε i,j margin of error associated with each candidate i in precinct j. δ percentage vote differential below which a recount can take place.

17 LARGE SCALE ATTACKS Suitable vote distribution for each precinct can be found by maximizing the objective function Subject to the constraints

18 IMPROVING THE SECURITY Poor integration leads to insecurity When integrating election components that were designed to be stand-alone, it is necessary to take into account the overall system design. Cryptography is hard to get right A mindful usage of strong encryption algorithms with strong, well protected keys along with data signing are a must for building secure voting systems Security training of developers is not sufficient Knowledge of basic security concepts, their application, and defensive programming practices should be prerequisites for the developers of critical systems, such as an electronic voting system

19 IMPROVING THE SECURITY Logic and accuracy testing gives a false sense of security The only way to make logic and accuracy tests realistic is to, at the very least, have the firmware totally unaware of any testing mode. COTS components are difficult to configure in a secure way When COTS components are used, vendors should either provide a detailed specification of how the systems should be configured or they should provide preconfigured systems Unfounded trust assumptions enable compromise One of the main premises for building a secure voting system is the absence of any unfounded assumptions and the careful checking of all inputs

20 CONCLUSION Completely secure systems are not attainable in practice. Implementing secure voting processes will require improvements in hardware design, software development, voting procedures, and voter education.

21 REFERENCES G. Vigna, R. Kemmerer, D. Balzarotti, G. Banks, M. Cova, V. Felmetsger, W. Robertson, and F. Valeur, “Security Evaluation of the Sequoia Voting System,” Top- To-Bottom Review of the California Voting Machines, July 2007. P. McDaniel, M. Blaze, and G. Vigna, “EVEREST: Evaluation and Validation of Election-Related Equipment, Standards and Testing,” Ohio Secretary of State’s EVEREST Project Report, Dec. 2007. A video that demonstrates the execution of these scenarios against one of the systems is available at http://www.cs.ucsb.edu/~seclab/projects/voting/

Download ppt "TESTING THE SECRUITY OF ELECTRONIC VOTING SYSTEM Presented By: NIPUN NANDA 100823581."

Similar presentations

Trusting the Vote Ben Adida - Cryptography and Information Security Group MIT Computer Science and Artificial.

Trusting the Vote Ben Adida - Cryptography and Information Security Group MIT Computer Science and Artificial.
Module 1 Evaluation Overview © Crown Copyright (2000)

Module 1 Evaluation Overview © Crown Copyright (2000)
Data Quality Considerations

Data Quality Considerations
Electronic Voting Systems

Electronic Voting Systems
Electronic Ballot Reader Rosa Arias Chad Feller Walter Smith.

Electronic Ballot Reader Rosa Arias Chad Feller Walter Smith.
Electronic Voting: Danger and Opportunity J. Alex Halderman Department of Computer Science Center for Information Technology Policy Princeton University.

Electronic Voting: Danger and Opportunity J. Alex Halderman Department of Computer Science Center for Information Technology Policy Princeton University.
PKE PP Mike Henry Jean Petty Entrust CygnaCom Santosh Chokhani.

PKE PP Mike Henry Jean Petty Entrust CygnaCom Santosh Chokhani.
By Varun Jain. Introduction  Florida 2000 election fiasco, drew conclusion that paper ballots couldn’t be counted  Computerized voting system, DRE (Direct.

By Varun Jain. Introduction  Florida 2000 election fiasco, drew conclusion that paper ballots couldn’t be counted  Computerized voting system, DRE (Direct.
1 J. Alex Halderman Security Failures in Electronic Voting Machines Ariel Feldman Alex Halderman Edward Felten Center for Information Technology Policy.

1 J. Alex Halderman Security Failures in Electronic Voting Machines Ariel Feldman Alex Halderman Edward Felten Center for Information Technology Policy.
New Direction for Software Protection in Embedded Systems Department of EECS University of Michigan Feb 22, 2007 Kang G. Shin.

New Direction for Software Protection in Embedded Systems Department of EECS University of Michigan Feb 22, 2007 Kang G. Shin.
Election Observer Training 2008 Elections Certification & Training Program 360.902.4180.

Election Observer Training 2008 Elections Certification & Training Program
TGDC Meeting, July 2011 Review of VVSG 1.1 Nelson Hastings, Ph.D. Technical Project Leader for Voting Standards, ITL

TGDC Meeting, July 2011 Review of VVSG 1.1 Nelson Hastings, Ph.D. Technical Project Leader for Voting Standards, ITL
Observation of e-enabled elections Jonathan Stonestreet Council of Europe Workshop Oslo, 18-19 March 2010.

Observation of e-enabled elections Jonathan Stonestreet Council of Europe Workshop Oslo, March 2010.
Voting Machines Failing the World *Voting machines around the world are failing in Colorado as well as 34 other states. *This could be crucial in the upcoming.

Voting Machines Failing the World *Voting machines around the world are failing in Colorado as well as 34 other states. *This could be crucial in the upcoming.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.

Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
Security Engineering II. Problem Sources 1.Requirements definitions, omissions, and mistakes 2.System design flaws 3.Hardware implementation flaws, such.

Security Engineering II. Problem Sources 1.Requirements definitions, omissions, and mistakes 2.System design flaws 3.Hardware implementation flaws, such.
Electronic Voting (E-Voting) An introduction and review of technology Written By: Larry Brachfeld CS591, December 2010.

Electronic Voting (E-Voting) An introduction and review of technology Written By: Larry Brachfeld CS591, December 2010.
Lecture 11 Reliability and Security in IT infrastructure.

Lecture 11 Reliability and Security in IT infrastructure.
Voting Machines Failing the World The true issue for these electronic voting machines is that the government has not been a full out supporter of this.

Voting Machines Failing the World The true issue for these electronic voting machines is that the government has not been a full out supporter of this.
Short Course on Introduction to Meteorological Instrumentation and Observations Techniques QA and QC Procedures Short Course on Introduction to Meteorological.

Short Course on Introduction to Meteorological Instrumentation and Observations Techniques QA and QC Procedures Short Course on Introduction to Meteorological.

Similar presentations

Ads by Google