elections
play

Elections, Computer Security, and Electronic Voting CS161 - PowerPoint PPT Presentation

May 17, 2023 •46 likes •576 views

Elections, Computer Security, and Electronic Voting CS161 4/19/2010 David Wagner #1 #2 #3 #4 #5 Security Goals for an Election Integrity: No election fraud Transparency: Everyone especially the loser must be able to verify

  1. Elections, Computer Security, and Electronic Voting CS161 4/19/2010 David Wagner #1

  2. #2

  3. #3

  4. #4

  5. #5

  6. Security Goals for an Election • Integrity: No election fraud • Transparency: Everyone – especially the loser – must be able to verify that the election was conducted appropriately • Privacy: No one learns how the voter has voted • Secret ballot: Voter cannot prove how she voted #6

  7. Breakthrough! — the Australian secret ballot. Ballot printed by govt. Ballot boxes monitored by observers. Ballots counted, by hand, in public. Competing interests keep each other honest. #7

  8. #8

  9. #9

  10. #11

  12. #14

  13. Another anomaly during the 2000 election From: Lana Hires Subject: 2000 November Election I need some answers! Our department is being audited by the County. I have been waiting for someone to give me an explanation as to why Precinct 216 gave Al Gore a minus 16022 when it was uploaded. Will someone please explain this so that I have the information to give the auditor instead of standing here "looking dumb". #15

  14. #16

  15. #17

  16. #18

  17. #19

  18. #20

  19. Question: How do election security goals apply to touchscreen (DRE) electronic voting machines? 1. Machine must allow each authorized voter to vote exactly once; must prevent tampering with votes after they are cast. 2. Machine should be verifiably trustworthy. 3. Machine must randomize the order in which votes were cast. 4. Machine must not give voter a ―receipt‖.  Security Goals for an Election: Integrity, Transparency, Privacy, Secret ballot #21

  20. Nov 4, 2002: State of Georgia votes on Diebold DREs. March 18, 2003: Diebold source code leaks. July 23, 2003: Tadayoshi Kohno, Adam Stubblefield, Avi Rubin, Dan Wallach, ―Analysis of an Electronic Voting System‖. #22

  21. The voter authorization protocol QueryStatus ACTIVE (0x01) smartcard (record vote) SetStatus CANCELED (0x08) Status = CANCELED Succeeded #23

  22. The voter authorization protocol [Are you a valid card?] QueryStatus [Yup.] ACTIVE (0x01) smartcard (record vote) [Please cancel yourself.] SetStatus CANCELED (0x08) Status = CANCELED [Ok.] Succeeded #24

  23. Attack! QueryStatus ACTIVE (0x01) (record vote) SetStatus CANCELED (0x08) malicious Succeeded smartcard QueryStatus ACTIVE (0x01) (record another vote) SetStatus CANCELED (0x08) Succeeded #25

  24. Authenticating election officials What kind of card are you? An administrator card. What’s the secret PIN? 2301 What’s the secret PIN? 2301 Ok, you have admin access. #26

  25. Source code excerpts #define DESKEY ((des_key*)”F2654hD4”) DESCBCEncrypt((des_c_block*)tmp, (des_c_block*)record.m_Data, totalSize, DESKEY, NULL, DES_ENCRYPT); #27

  26. Source code excerpts // LCG - Linear Congruential Generator - // used to generate ballot serial numbers // A psuedo-random-sequence generator // (per Applied Cryptography, Bruce Schneier) int lcgGenerator(int lastSN) { return ((lastSN*1366) + 150889)%714025; } ―Unfortunately, linear congruential generators cannot be used for cryptography.‖ — Applied Cryptography, p.369 #28

  27. #31

  28. #32

  29. #33

  30. #34

  31. California Top-to-Bottom Review In 2007, California Secretary of State Debra Bowen commissions a review of California’s voting systems. 43 experts (led by David Wagner & Matt Bishop) examine voting systems used nationally. #36

  32. Technical findings of the CA TTBR All voting systems examined have serious security problems: • None followed sound engineering principles expected of security-critical systems. • All were vulnerable to viral attacks: one outsider could subvert all voting machines countywide #37

  33. Example flaw (Premier system) Bug: The code that reads data off the memory card has buffer overrun vulnerabilities. Attack: 1. Attacker writes malicious code onto 1 card 2. When central PC reads votes off card on election night, it gets infected 3. Infected PC writes malicious code onto all cards used in the next election, infecting entire county #38

  34. Quotes from the reports ―We found pervasive security weaknesses throughout the Sequoia software. Virtually every important software security mechanism is vulnerable to circumvention.‖ ―Our study of the Diebold source code found that the system does not meet the requirements for a security-critical system. It is built upon an inherently fragile design and suffers from implementation flaws that can expose the entire voting system to attacks.‖ ―The Hart software and devices appear to be susceptible to a variety of attacks which would allow an attacker to gain control of some or all of the systems in a county. [..] Many of these attacks can be mounted in a manner that makes them extremely hard to detect and correct. We expect that many of them could be carried out in the field by a single individual, without extensive effort, and without long-term access to the equipment.‖ #39

  35. Outcome of the CA TTBR Bowen decertifies most DRE voting systems and imposes strict new procedural protections. Result: Most Californians now vote on paper ballots. #40

  36. Trojan Horses and the Insider Threat Ronald Dale Harris Employee, Gaming Control Board, 1983-1995 Arrested, Jan 15,1995 Convicted, Sept 23, 1997, for rigging slot machines #41

  37. Attempted Trojan Horse in Linux Kernel … schedule(); goto repeat; } if ((options == (__WCLONE|__WALL)) && current->uid = 0)) retval = -EINVAL; retval = -ECHILD; ??? end_wait4: current->state = TASK_RUNNING; … #42

  38. Trojan Horses and Voting Machines Malicious logic hidden by an insider might, e.g., record votes incorrectly to favor one candidate. How would we defend a voting system against this kind of insider threat? Potential solutions: • Verify that the software is free of Trojans and will work correctly on all future elections. (beyond the state of the art) Voting on Satan’s computer. • Assume sw might contain Trojans. Verify that sw worked correctly in this particular election. (voter-verified paper records + random audits) #44

  39. #45

  40. #46

  41. #47

  42. #48

  43. #49

  44. #50

  46. #52

  47. Statistical audit • After election, randomly choose 1% of machines and manually recount the paper records on those machines. If paper count  electronic count, there was fraud. • If » 100 machines cheat, detection is likely. Consequently: If paper count  electronic count, then no more than ~100 machines cheated. The tallies are t 1 , …, t n Prover Verifier Show me the paper for machine i. (Elec. Official) (skeptical voter) (voter-verified paper audit trail) #56

  48. Trends in e-voting technology #57

  49. Adoption of paper records + random audits

  50. Timeline 2000 2002 2004 2006 2008 2010 HAVA Florida Sarasota TTBR #59

  51. Conclusions • E-voting security is hard, but... • E-voting can be made secure and trustworthy, if it can be audited. • Technical principles: - Two-person control, separation of duties - Statistical audit - Security against malicious insiders #60

  52. Lessons • Understand security requirements before you design & deploy an information system. • Independent review is valuable. • Sometimes technical threats can be handled through non-technical defenses. • Seek independent, end-to-end checks that the system is working properly. • Securing systems against malicious insiders is extremely challenging. • Business structure determines the technology that is built & deployed. If buyers cannot measure how secure a product is, be prepared for market failures. #61

  53. #63

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Community Council Elections 2015 Key facts: Elections will be held in all 25 community

Community Council Elections 2015 Key facts: Elections will be held in all 25 community

Community Council Elections 2015 Key facts: Elections will be held in all 25 community council areas Elections run as per agreed Scheme of Electoral Arrangements Delayed by one year from October 2014 Community Councillors elected

232 views • 10 slides
Local Government Elections Task Force Local Government Elections: Scale and Scope Local

Local Government Elections Task Force Local Government Elections: Scale and Scope Local

Local Government Elections Task Force Local Government Elections: Scale and Scope Local Government Act and Vancouver Charter govern local government elections; Apply to: Municipal and electoral area elections By-elections

461 views • 32 slides
Free and Fair Free and Fair Elections Elections Twenty-first Century Challenges At the

Free and Fair Free and Fair Elections Elections Twenty-first Century Challenges At the

Free and Fair Free and Fair Elections Elections Twenty-first Century Challenges At the December TACIR meeting, Commissioners voted to study elections and voting methods in Tennessee Goals of the comprehensive study: Increasing public

979 views • 23 slides
Elections 2018 Information Session November 22 & 23; December 6 & 7; January 10 & 11

Elections 2018 Information Session November 22 & 23; December 6 & 7; January 10 & 11

Elections 2018 Information Session November 22 & 23; December 6 & 7; January 10 & 11 Elections Contacts Talha Naeem mnaeem@wlu.ca Chair Elections Portfolio Abii Barrett sucro@wlu.ca Chief Returning Officer (CRO)

579 views • 30 slides
Local Elections 2019 1 Tonight Introductions Elections Process Overview Speakers

Local Elections 2019 1 Tonight Introductions Elections Process Overview Speakers

Local Elections 2019 1 Tonight Introductions Elections Process Overview Speakers TDC, SCDHB, ECan Housekeeping Emergency exits Questions Mobile phones Toilets Handouts Coffee/tea to follow 2 Part 1:

541 views • 36 slides
ELECTIONS 2015 Overview Treaty conveyed self governance rights Elections every 4 years

ELECTIONS 2015 Overview Treaty conveyed self governance rights Elections every 4 years

ELECTIONS 2015 Overview Treaty conveyed self governance rights Elections every 4 years Governed by Constitution Laws e.g. Election Act Regulations Established Government Chief Councillor & 5 Councillors

430 views • 13 slides
Joint Legislative Elections Oversight Committee December 15, 2017 North Carolina State Board of

Joint Legislative Elections Oversight Committee December 15, 2017 North Carolina State Board of

Joint Legislative Elections Oversight Committee December 15, 2017 North Carolina State Board of Elections and Ethics Enforcement 2017 Municipal Status Report Elections 2017 Municipal Elections September October November Partisan Second

280 views • 23 slides
EU DEMOCRATISATION: A CITIZEN PROCESS Kick-off event French Elections 2017- European Elections

EU DEMOCRATISATION: A CITIZEN PROCESS Kick-off event French Elections 2017- European Elections

EU DEMOCRATISATION: A CITIZEN PROCESS Kick-off event French Elections 2017- European Elections 2019: Two years to turn the EU towards its citizens Louvain la Neuve (Belgium), July 1 st & 2 nd , 2017 ------ Partners: FBN (Franck

201 views • 6 slides
Section 754 Elections on Form 1065: Making Valid Elections, Seeking Relief For Missed or Invalid

Section 754 Elections on Form 1065: Making Valid Elections, Seeking Relief For Missed or Invalid

FOR LIVE PROGRAM ONLY Section 754 Elections on Form 1065: Making Valid Elections, Seeking Relief For Missed or Invalid Elections WEDNESDAY , OCTOBER 11, 2017, 1:00-2:50 pm Eastern IMPORTANT INFORMATION FOR THE LIVE PROGRAM This program is

931 views • 74 slides
CSG Winter Elections Mandatory Candidates Meeting MARCH 6 TH , 2017 Overview I. Introduction

CSG Winter Elections Mandatory Candidates Meeting MARCH 6 TH , 2017 Overview I. Introduction

CSG Winter Elections Mandatory Candidates Meeting MARCH 6 TH , 2017 Overview I. Introduction to Elections II. About CSG III. Clean campaigning & Mandatory Retreat IV. Elections Rules and Infractions V. Department of Housing Guidelines VI.

329 views • 31 slides
The London Elections Media Briefing Wednesday 23 rd April London Borough Elections, 2014 Tony

The London Elections Media Briefing Wednesday 23 rd April London Borough Elections, 2014 Tony

The London Elections Media Briefing Wednesday 23 rd April London Borough Elections, 2014 Tony Travers London School of Economics London Government Greater London Authority Mayor and Assembly Elected last in 2012, next in 2016

400 views • 17 slides
Elections & Voter Services Polls / Precincts 2020 Elections & Rules Committee

Elections & Voter Services Polls / Precincts 2020 Elections & Rules Committee

CITY OF MINNEAPOLIS Elections & Voter Services Polls / Precincts 2020 Elections & Rules Committee September 11, 2019 Office of City Clerk 1 Polling Places - 2020 Three polling place changes (and one name change) Ward 4

419 views • 15 slides
presided over three (3) harmonised elections since its inception. Its independence is

presided over three (3) harmonised elections since its inception. Its independence is

The Zimbabwe Electoral Commission has presided over three (3) harmonised elections since its inception. Its independence is guaranteed by the Constitution of Zimbabwe Its mandate is to prepare, conduct and supervise elections and

887 views • 14 slides
2016 Elections Nikki Painter, Chief Deputy Clerk Voter Registration & Elections Legislative

2016 Elections Nikki Painter, Chief Deputy Clerk Voter Registration & Elections Legislative

2016 Elections Nikki Painter, Chief Deputy Clerk Voter Registration & Elections Legislative Updates Sen enate Bil ill l 249 Eliminates straight party voting. Sen enate Bil ill l 312 Disqualifies candidates from appearing on the

160 views • 11 slides
FIJIAN ELECTIONS OFFICE GIS PROJECTS PHASE II Presenter: Viliame Ledua Vuiyanuca Elections

FIJIAN ELECTIONS OFFICE GIS PROJECTS PHASE II Presenter: Viliame Ledua Vuiyanuca Elections

FIJIAN ELECTIONS OFFICE GIS PROJECTS PHASE II Presenter: Viliame Ledua Vuiyanuca Elections Coordinator Polling Venues &Pre Poll. INTRODUCTION Recap on Phase I Phase II List of Projects 1.Polling Venue Directory 2.Election Area

1.18k views • 16 slides
CSIR Elections Forecasting 2016 Local Government Elections Zaid Kimmie 28 October 2016 Overview

CSIR Elections Forecasting 2016 Local Government Elections Zaid Kimmie 28 October 2016 Overview

CSIR Elections Forecasting 2016 Local Government Elections Zaid Kimmie 28 October 2016 Overview 1. Team Members 2. Some History 3. Why Forecast? 4. Methods: Clustering 5. Methods: Predictions 6. Model Performance 7. What Next? 1

420 views • 39 slides
rt ttt rt

rt ttt rt

rt ttt rt s rt rst trs

1.98k views • 179 slides
NSI & SDN Guy Roberts, DANTE GLIF Chicago, October 12th, 2012 NSI v 2.0 Plugest

NSI & SDN Guy Roberts, DANTE GLIF Chicago, October 12th, 2012 NSI v 2.0 Plugest

NSI & SDN Guy Roberts, DANTE GLIF Chicago, October 12th, 2012 NSI v 2.0 Plugest Successful plugfest of NSI v2.0 yesterday 4 prototypes of NSI v2.0 shown interoperating Thanks to all who put in a big effort at short notice Look

461 views • 10 slides
Fairness-Aware Scheduling on Single-ISA Heterogeneous Multi-Cores Kenzo Van Craeynest + Shoaib

Fairness-Aware Scheduling on Single-ISA Heterogeneous Multi-Cores Kenzo Van Craeynest + Shoaib

Fairness-Aware Scheduling on Single-ISA Heterogeneous Multi-Cores Kenzo Van Craeynest + Shoaib Akram + Wim Heirman + Aamer Jaleel * Lieven Eeckhout + + Ghent University * VSSAD, Intel Corporation PACT 2013 - Edinburgh- September 11 th 2013

467 views • 20 slides
Van Hove Limit for Infinitely Extended Open Quantum Systems David Taj Physics Dept., University

Van Hove Limit for Infinitely Extended Open Quantum Systems David Taj Physics Dept., University

Van Hove Limit for Infinitely Extended Open Quantum Systems David Taj Physics Dept., University of Fribourg, Switzerland CPT - UMR 6207 and Universit e de Toulon, France david.taj@gmail.com 29th November 2010 David Taj david.taj@gmail.com

718 views • 29 slides
aks249 Parallel Metropolis-Hastings-Walker Sampling for LDA Xanda Schofield Topic :

aks249 Parallel Metropolis-Hastings-Walker Sampling for LDA Xanda Schofield Topic :

aks249 Parallel Metropolis-Hastings-Walker Sampling for LDA Xanda Schofield Topic : probability distribution across words (P(how) = 0.05, P(cow) = 0.001). Document : a list of tokens (how now brown cow). Topic model

1.8k views • 154 slides
R. (lele) Tripiccione Dipartimento di Fisica, Universita' di Ferrara

R. (lele) Tripiccione Dipartimento di Fisica, Universita' di Ferrara

Spin glass simulations on Janus R. (lele) Tripiccione Dipartimento di Fisica, Universita' di Ferrara raffaele.tripiccione@unife.it UCHPC, Rodos (Greece) Aug. 27 th , 2012 Warning / Disclaimer / Fineprints I' m an outsider here ---> a

3.52k views • 35 slides
Seminar: Entwicklungsprozess von Software-Produktlinien Review Process Sandro Schulze WiSE

Seminar: Entwicklungsprozess von Software-Produktlinien Review Process Sandro Schulze WiSE

Seminar: Entwicklungsprozess von Software-Produktlinien Review Process Sandro Schulze WiSE 2012/2013 Review Process Assigning Papers to PC members Reviews PC Meeting Program Program Committee (ICSE09) Antonia Bertolino,

200 views • 9 slides
Helen Basturkmen University of Auckland, New Zealand Todays talk An EAP/ESP Teacher Education

Helen Basturkmen University of Auckland, New Zealand Todays talk An EAP/ESP Teacher Education

Helen Basturkmen University of Auckland, New Zealand Todays talk An EAP/ESP Teacher Education Project Conference - theme ESP in Asia 2016: Frontier and Advancement This talk: Argues we should reconsider frontiers traditionally explored in

667 views • 45 slides

More recommend