Upload
apria
View
22
Download
0
Embed Size (px)
DESCRIPTION
Security flaws in existing voting systems. by Slavik Krassovsky. Introduction. HAVA $3.9 billion appropriated in states aid DRE Vendors: Diebold ES&S MicroVote WINvote Sequoia Hart InterCivic. DRE Machine Architecture. Certification process. Is done per FEC guidelines ITAs Ciber - PowerPoint PPT Presentation
Citation preview
Security flaws in existing voting systems
by Slavik Krassovsky
Introduction
HAVA $3.9 billion appropriated in states aid
DRE Vendors: Diebold ES&S MicroVote WINvote Sequoia Hart InterCivic
DRE Machine Architecture
Touch ScreenVoter
Smart Card Reader
Network
HardDrive
Certification process Is done per FEC guidelines
ITAs Ciber Wyle SysTest
Off-the-shelf hardware and software is exempt
Media reported problems
01/04, Broward County, Florida: 134 out of 10,844 votes are missing
11/03, Boone County, Indiana: 144,000 votes were cast but Boone
County contains fewer than 19,000 01/04, Hinds County, Mississippi:
Machines stayed down all day
Diebold
Analyzed by researches: Hardcoded DES key No Smart card authentication Unsecure smart card deactivation Hardcoded PIN Etc...
Attacks
Attacks on the machine
Undetectable rigging
Touch ScreenVoter
Smart Card Reader
Network
HardDrive
Other problems
No way to verify that their votes were recorded correctly
No way to publicly count the votes No meaningful recounts are possible
Conclusion
Some problems can be solved by strict certification
But some problems are inherent
It’s best to look for alternatives