hac k a vote studying se c ur ity issue s with e voting
play

Hac k- a- Vote : Studying Se c ur ity Issue s with E - Voting Da - PowerPoint PPT Presentation

Apr 27, 2023 •274 likes •542 views

Hac k- a- Vote : Studying Se c ur ity Issue s with E - Voting Da n Wa lla c h Ric e Unive rsity Collabor ator s: Jo na tha n Ba nne t Da vid W. Pric e Alg is Rudys Justin Sing e r Pe r c e ption vs. r e ality Pe r c e ption vs. r

  1. Hac k- a- Vote : Studying Se c ur ity Issue s with E - Voting Da n Wa lla c h Ric e Unive rsity Collabor ator s: Jo na tha n Ba nne t Da vid W. Pric e Alg is Rudys Justin Sing e r

  2. Pe r c e ption vs. r e ality Pe r c e ption vs. r e ality � Vo te r fe e ls tha t � Vo te wa s c o unte d � Vo te wa s priva te � No b o dy e lse c a n vo te mo re tha n o nc e � No b o dy c a n a lte r o the rs’ vo te s � Pe o ple b e lie ve tha t the ma c hine wo rks c o rre c tly � T he se ha ve to do with pe rc e ptio n It is also impor tant that the se pe r c e ptions ar e tr ue .

  3. Re lianc e on c e r tific ation I nde pe nde nt T e sting Autho ritie s � Allo we d to se e the c o de � No b o dy e lse lo o ks � Ce rtify sa tisfa c tio n o f F E C sta nda rds � Re q uire d b y ma ny sta te s Re sult: “F aith- base d voting”

  4. Inspir ation Ha ve a n e -vo ting syste m to “de mo nstra te ” inside r fla ws � Orig ina l ide a fro m Da vid Dill � Orig ina l c o de b y Da vid W. Pric e � Writte n summe r 2003 � Ab o ut 2000 line s o f Ja va Unne c e ssa ry a fte r Die b o ld finding s

  5. Se c ond applic ation? Ho w a b o ut in-c la ss use ? � Old pro je c t: “sma rt c a rd so da � ma c hine ” 1) de sig n & fo rma lly mo de l c rypto pro to c o l 2) swa p with o the r g ro ups 3) imple me nt with re a l c a rds � Re a l sma rt c a rds a re pa inful

  6. Hac k- a- Vote pr oje c t Re mo ve “c he a ting ” c o de ~150 line s, mo stly in o ne file T hre e pha se a ssig nme nt 1) Be e vil (2 we e ks) 2) Be a n I T A (1 we e k) 3) De sig n / fo rma lly mo de l b e tte r ve rsio n o f Die b o ld sma rtc a rd (2.5 we e ks)

  7. Be e vil? � Stude nts’ ro le : c o rrupt de ve lo pe r inside ve ndo r � Co de must still pa ss te sts � “Minima l” c o de c ha ng e s � Multiple ha c ks e nc o ura g e d � Co de sho uld a ppe a r “no rma l” De live rable s: Co de + Writte n Re po rt

  8. Be an IT A? � Swa p c o de fro m g ro ups � E ve ry g ro up a udits two ve rsio ns � Ho no r c o de : no running diff � I mpe rfe c t simula tio n o f re a l I T As � Stude nt fa milia rity with c o de � Sma lle r c o de b a se De live rable s: Writte n Re po rt

  9. Be tte r smar tc ar d pr otoc ols? � L e c ture s ha ve pre pa re d stude nts yptyc fo r pro to c o l mo de lling � c r � (Re la tive ly) usa b le type c he c ke r c ryptyc .c s.de pa ul.e du De live rable s: Mo de l + Writte n Re po rt

  10. Die bold’s smar t c ar d pr otoc ol d is ( 8 byte s ) My passwor T e rmina l Ca rd “Okay” Ar e you valid? “Yup” Canc e l your se lf, ple ase . “Okay”

  11. nte rCivic e Sla te e Hac k- a- Vote softwar nspira tio n: Ha rt I I

  12. e Slate pr otoc ol (hope fully) Valid? 1234 ne twor k Pin: 1234 Base station Voting mac hine … Pin: 1234

  13. Hac k- a- Vote live de mo

  14. Hac k- a- Vote de sign

  15. Hac k- a- Vote de sign

  16. Hac k- a- Vote de sign

  17. Hac k- a- Vote de sign

  18. Wide gamut of attac ks � Ma nipula te e le c tio n re sults � Vio la te vo te r a no nymity � Cra sh / Do S vo ting ma c hine

  19. Cle ve r hac ks � Ove rlo a d equals() / hashCode() � Va ria b le with sa me na me a s c la ss � Unusua l c o ntro l flo ws � Re use c o nsta nts in the c o de � Ne two rk po rt: 1776 � Use a s b a c kdo o r PI N � “Sta rt o ve r” a lso sub mits a vo te

  20. De e pe r hac ks � We a k ra ndo m numb e r g e ne ra to r � E a sie r to g ue ss va lid PI Ns � RNG fo r vo te shuffle se e de d with te rmina l I D � Atta c ke r c a n undo shuffle � Only c he a t if te rmina l I D > 2 � L e ss like ly to o c c ur in te sting

  21. Did the IT As c atc h the hac ks? Ha c k Atte mpts F ound F ound onc e twic e Mo dify a lre a dy- 6 6 5 c a st vo te s Ca st multiple 7 7 6 vo te s Vio la te vo te r 4 3 2 a no nymity De nia l o f se rvic e 4 3 2

  22. Implic ations for r e al IT As � Ca n re a l I T As do b e tte r? + T he y c a n run diff + T he y c a n pe rfo rm “pa ra lle l te sting ” – Co de b a se s a re muc h la rg e r – Are the y e xpe c ting T ro ja n Ho rse s? – Ho w c lo se ly do the y re a d the c o de ? � Ve ry little suppo rt fro m to o ls

  23. Uglie r issue s for c e r tific ation � T o o lc ha in ta mpe ring (T ho mpso n) � T a mpe ring with “e mb e dde d” OS � Audite d c o de = a c tua l c o de in ma c hine ?

  24. Public ity I E E E S e c urity & Privac y, Jan/ F e b 2004 � Re printe d in Co mpute r Use r � Sto ry o n lo c a l T V ne ws � I mpa c t o n ve ndo rs / I T As?

  25. Choose Hac k- a- Vote ! ic e .e du/ ~dwallac h / c o urse s/ www.c s.r c o mp527_f2003/ vo te pro je c t.html BSD-style lic e nse T rust us, it wo rks fine

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

REGISTER TO VOTE | MAKE A VOTING PLAN VISIT WMICH.EDU/VOTE TO LEARN HOW. MAKE A VOTING PLAN:

REGISTER TO VOTE | MAKE A VOTING PLAN VISIT WMICH.EDU/VOTE TO LEARN HOW. MAKE A VOTING PLAN:

BRONCOS VOTE EARLY REGISTER TO VOTE | MAKE A VOTING PLAN VISIT WMICH.EDU/VOTE TO LEARN HOW. MAKE A VOTING PLAN: Registration: Visit wmich.turbovote.org to get help with voter registration and voting by mail, and sign up for election

62 views • 5 slides
STRIKE AUTHORIZATION VOTE SEIU 503 OUS NEGOTIATIONS September 2013 WHAT ARE WE VOTING ABOUT?

STRIKE AUTHORIZATION VOTE SEIU 503 OUS NEGOTIATIONS September 2013 WHAT ARE WE VOTING ABOUT?

STRIKE AUTHORIZATION VOTE SEIU 503 OUS NEGOTIATIONS September 2013 WHAT ARE WE VOTING ABOUT? Whether or not to authorize our SEIU Bargaining Team to call for a strike WHY IS THIS VOTE NEEDED? Because OUS has failed to offer us

235 views • 23 slides
Lagrangian E-Voting: e-Voting Concept Our contribution Verifiability on Demand and Strong

Lagrangian E-Voting: e-Voting Concept Our contribution Verifiability on Demand and Strong

Lagrangian E-Voting Lagrangian E-Voting: e-Voting Concept Our contribution Verifiability on Demand and Strong Privacy Scheme Description Registration Ballot Structure Casting a Vote ukasz Krzywiecki, Mirosaw Kutyowski Mixing

708 views • 66 slides
An introduction to electronic voting Application to single transferable vote Orange Labs Jacques

An introduction to electronic voting Application to single transferable vote Orange Labs Jacques

An introduction to electronic voting Application to single transferable vote Orange Labs Jacques Traor July 8-12 th 2014 Interdisciplinary Analysis of Voting Rules Outline Outline Outline Outline Context Problematic / Security

515 views • 37 slides
Absentee and Early Voting in America Who can vote? All U.S. Citizens except: Citizens under the

Absentee and Early Voting in America Who can vote? All U.S. Citizens except: Citizens under the

Absentee and Early Voting in America Who can vote? All U.S. Citizens except: Citizens under the age of 18 Some prisoners and convicted felons (depending on the state of residence) In some states, U.S. citizens who have never resided

301 views • 12 slides
The Right to Vote protects all other rights The right of voting for representatives is the

The Right to Vote protects all other rights The right of voting for representatives is the

The Right to Vote protects all other rights The right of voting for representatives is the primary right by which other rights are protected. To take away this right is to reduce a man to slavery, for slavery consists in being subject to the

930 views • 90 slides
How do senators vote? -Issues - Strategies -Affiliation - Influence Voting Behavior 1

How do senators vote? -Issues - Strategies -Affiliation - Influence Voting Behavior 1

4/30/18 CSCI 3210: Computational Game Theory The Power of Context: Ideal Points with Social Interactions Ref: Irfan & Gordon Mohammad T. Irfan How do senators vote? -Issues - Strategies -Affiliation - Influence Voting Behavior 1

314 views • 15 slides
Getting Out the Vote: Information and Voting Behavior Yi-Yi Chen Washington University in St.

Getting Out the Vote: Information and Voting Behavior Yi-Yi Chen Washington University in St.

Getting Out the Vote: Information and Voting Behavior Yi-Yi Chen Washington University in St. Louis October 19, 2013 228, One Million People Hand-In-Hand to Protect Taiwan Figure: Two million Taiwanese formed a 500-kilometer long human chain

636 views • 17 slides
Human Factors in Coercion-Resistant Internet Voting Oksana Kulyk I voted for A I voted

Human Factors in Coercion-Resistant Internet Voting Oksana Kulyk I voted for A I voted

Human Factors in Coercion-Resistant Internet Voting Oksana Kulyk I voted for A I voted for A +1 vote for B +1 vote for A ITU CIST 29/05/2019 1 Coercion in Internet Voting Internet voting is an unsupervised channel

580 views • 22 slides
HAVA HAVA Help America Vote Act Help America Vote Act What Every Voter Should Know Why Is HAVA

HAVA HAVA Help America Vote Act Help America Vote Act What Every Voter Should Know Why Is HAVA

HAVA HAVA Help America Vote Act Help America Vote Act What Every Voter Should Know Why Is HAVA Necessary? Between 4 million and 6 million votes in the 2000 election were lost due to problems with ballots, voting machines and registration

746 views • 36 slides
Voting Series Part One: Registering People Experiencing Homelessness to Vote Friday September 11

Voting Series Part One: Registering People Experiencing Homelessness to Vote Friday September 11

Voting Series Part One: Registering People Experiencing Homelessness to Vote Friday September 11 at 1pm Eastern Presenters Katherine Cavanaugh, Consumer Advocate, National Health Care for the Homeless Council, Baltimore, MD Megan

171 views • 6 slides
Some issues in verifying e-voting systems Mark D. Ryan Present-day e-voting offers few

Some issues in verifying e-voting systems Mark D. Ryan Present-day e-voting offers few

Some issues in verifying e-voting systems Mark D. Ryan Present-day e-voting offers few security properties [KohnoStubblefieldRubinWallach2004] compared to what is desirable: Eligibility: only eligible voters can vote, and only once.

406 views • 7 slides
Estimating the Margin of Victory for Instant-Runoff Voting* David Cary * also known as

Estimating the Margin of Victory for Instant-Runoff Voting* David Cary * also known as

Estimating the Margin of Victory for Instant-Runoff Voting* David Cary * also known as Ranked-Choice Voting, preferential voting, and the alternative vote 1 v7 Overview Why estimate? What are we talking about? Estimates

683 views • 45 slides
An introduction to electronic voting Application to single transferable vote Orange Labs Jacques

An introduction to electronic voting Application to single transferable vote Orange Labs Jacques

An introduction to electronic voting Application to single transferable vote Orange Labs Jacques Traor 21 June 2016 COST Action IC1205 Industry Day Outline Context Problematic / Security issues Some challenges in Electronic

621 views • 41 slides
Vote-Independence: A Powerful Privacy Notion for Voting Protocols Jannik Dreier, Pascal

Vote-Independence: A Powerful Privacy Notion for Voting Protocols Jannik Dreier, Pascal

Introduction Intuitive Definitions Formal Definitions Analysis and Case Studies Conclusion Vote-Independence: A Powerful Privacy Notion for Voting Protocols Jannik Dreier, Pascal Lafourcade, Yassine Lakhnech Universit Grenoble 1, CNRS,

1.12k views • 58 slides
Avon Pension Fund Fund Manager Vote Monitoring Paul Hewitt Manifest Information Services Ltd

Avon Pension Fund Fund Manager Vote Monitoring Paul Hewitt Manifest Information Services Ltd

Avon Pension Fund Fund Manager Vote Monitoring Paul Hewitt Manifest Information Services Ltd September 2012 Agenda Background: Manifest and Vote Monitoring Governance Issues in 2011 Voting Fund Managers and Voting Q&A 2 Manifest &

397 views • 15 slides
Cristian Cadar Department of Computing Imperial College London Joint work with Peter

Cristian Cadar Department of Computing Imperial College London Joint work with Peter

Symbolic Crosschecking of Data-Parallel Code Cristian Cadar Department of Computing Imperial College London Joint work with Peter Collingbourne and Paul Kelly [EuroSys 2011, HVC 2011] Dawson Engler, Daniel Dunbar, Peter Pawlowski, Vijay Ganesh,

397 views • 27 slides
Relational Interfaces Relational Interfaces Stavros Tripakis UC Berkeley Joint work with Ben

Relational Interfaces Relational Interfaces Stavros Tripakis UC Berkeley Joint work with Ben

Relational Interfaces Relational Interfaces Stavros Tripakis UC Berkeley Joint work with Ben Lickly, Joint work with Ben Lickly, Tom Henzinger and Edward Lee UC Berkeley, Feb 2010 Component Based Design Component Based Design How can we

736 views • 49 slides
Analysis of Timing Constraints in Heterogeneous Middleware Interactions Ajay Kattepur 1 , Nikolaos

Analysis of Timing Constraints in Heterogeneous Middleware Interactions Ajay Kattepur 1 , Nikolaos

Analysis of Timing Constraints in Heterogeneous Middleware Interactions Ajay Kattepur 1 , Nikolaos Georgantas 2 , Georgios Bouloukakis 2 & Valrie Issarny 2 1 PERC, TCS Innovation Labs, Mumbai, India 2 MiMove Team, Inria Paris-Rocquencourt,

575 views • 38 slides
Topics in Timed Automata B. Srivathsan RWTH-Aachen Software modeling and Verification group

Topics in Timed Automata B. Srivathsan RWTH-Aachen Software modeling and Verification group

Topics in Timed Automata B. Srivathsan RWTH-Aachen Software modeling and Verification group 1/25 Reachability: Does something bad happen? The gate is still open when the train is 2 minutes away from the crossing This problem is

1.38k views • 96 slides
CEE 772: Instrumental Methods in Environmental Analysis Lecture #24 Special Applications:

CEE 772: Instrumental Methods in Environmental Analysis Lecture #24 Special Applications:

Updated: 10 December 2014 Print version CEE 772: Instrumental Methods in Environmental Analysis Lecture #24 Special Applications: Chromatographic Retention Time and Environmental Properties (Skoog, nothing) (Harris, Nothing) () CEE 772

845 views • 26 slides
Multi Language Support for Virtual Assistants Sierra Kaplan-Nelson, Max Farr Mentor: Mehrad

Multi Language Support for Virtual Assistants Sierra Kaplan-Nelson, Max Farr Mentor: Mehrad

Multi Language Support for Virtual Assistants Sierra Kaplan-Nelson, Max Farr Mentor: Mehrad Moradshahi Broad Topic (everything we do now in many other languages) Speech

315 views • 28 slides
http://cs246.stanford.edu Often, our data can be represented by an -by- matrix And

http://cs246.stanford.edu Often, our data can be represented by an -by- matrix And

Note to other teachers and users of these slides: We would be delighted if you found our material useful for giving your own lectures. Feel free to use these slides verbatim, or to modify them to fit your own needs. If you make use of a

741 views • 61 slides
Low-rank sums-of-squares representations Cynthia Vinzant, North Carolina State University joint

Low-rank sums-of-squares representations Cynthia Vinzant, North Carolina State University joint

Low-rank sums-of-squares representations Cynthia Vinzant, North Carolina State University joint work with Greg Blekherman, Daniel Plaumann, and Rainer Sinn JMM 2017 Cynthia Vinzant Low-rank sums-of-squares representations Sums of squares and

640 views • 34 slides

More recommend