Presentation is loading. Please wait.

Presentation is loading. Please wait.

Internet Voting Technology and policy issues David Wagner UC Berkeley.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Internet Voting Technology and policy issues David Wagner UC Berkeley."— Presentation transcript:

1 Internet Voting Technology and policy issues David Wagner UC Berkeley

2 Introductions I’m a computer security researcher We study attacks and countermeasures –Before one can design a system that will resist attack, one must anticipate how it might be attacked

3 No Secrets Proactive study of attacks is generally a good thing Mounting such attacks is not, of course –Don’t use your super powers for evil

4 Selective History of Voting (US) early 1800’s: public oral voting at County Hall 1800’s: free-form, non-secret paper ballots popular 1884: widespread vote fraud 1888: adoption of Australian secret ballot 1930’s: lever machines widely adopted 1960’s: punchcard voting developed 2000: butterfly ballots, chad, Florida, gack! 2002: HAVA

5 Attacks on the Secret Ballot Registration fraud: Register in multiple jurisdictions Graveyard voting “Cleanse” the voter list Districting & re-districting Voter fraud: Vote multiple times (ballot box stuffing) Multiple voting Impersonation Insider fraud: Throw ballot boxes into the bay Stuff ballot box after polls close Sleight of hand Voter intimidation “Run out of ballots” Tallying attacks: Malicious talliers might calculate wrong results Give talliers bogus tools

6 Attacks on the Secret Ballot Registration fraud: Identity fraud Voter fraud: Impersonation Vote multiple times Vote buying, chain voting Insider fraud: Ballot box stuffing Ballot marking Tallying attacks: Inaccurate counts Ballot marking Manipulation of challenge procedure

7 How Secure is the Secret Ballot? It’s easy to forge a few fraudulent votes But: It’s very hard to forge a lot of fraudulent votes… Summary: Australian secret ballot is quite robust; a well-designed security system.

8 History of Internet Voting 2000: 36,000 Arizona citizens vote in Democratic primary over the Internet; 85 military personnel vote in November elections over the Internet 2000: California studies Internet voting; task force recommends against it 2000: NSF panel warns of security risks in Internet voting 2004: SERVE will accept votes over the Internet

9 The SERVE Project A DoD project for overseas voters Register & vote from abroad Vote over the Internet, using your Windows computer

10 Who is eligible for SERVE? Overseas & military voters from participating jurisdictions (7 states, 51 counties)

11 The SERVE Architecture (1) Internet Citizen HTTPS UVS Control Data Ballot Definitions Voted Ballots (Encrypted) LEO Processes Voter Registration Ballot Definition Ballot Decryption Ballot Tabulation Voter History Web Server HTTPS, SFTP SERVEUSA.gov * * * Firewall ** Identification & Authentication Process SERVE server infrastructure Election officials UVS Laptop Ballot Definition Voting Engine Ballot Reconciliation Voter Registration I & A Process ** Voter Status Check Overseas voters Encrypted Voted Ballots Ballot Def. Data UVS Control Data

12 The SERVE Architecture (2) LEO Infrastructure UOCAVA Voting System (UVS) Citizen HTTPS Encrypted Voted Ballots Manual Ballot Def. Data UVS Control Data Central Server Voter History

13 Security Risks in SERVE (1) Software flaws: Unintentional bugs might enable remote attacks Malicious code might contain a backdoor COTS software might be insecure or backdoored Insider attacks: Votes cast could be modified or deleted Election officials could learn how you voted, or count your votes incorrectly Sysadmins, developers could bypass security

14 Security Risks in SERVE (2) Attacks on the client: Worms, viruses Remote attacks Malicious websites, ActiveX Denial of service attacks: DDoS might render servers unreachable Targeted disenfranchisement Website spoofing: Voters might be re- directed to the wrong site (DNS hijacking, email) Spoofed site might observe or change votes Automated vote swapping and vote buying

15 Summary How do you know that your vote was counted? How much security is enough? How much security is too much? You won the election, but I won the count. -- Somoza

16 Discussion?

17 Fighting Words Internet voting is a danger to democracy No voting system will ever be perfectly secure; why worry? Absentee vote-by-mail is already insecure; why should Internet voting be held to a higher standard? 30% of our military today can’t vote; a little insecurity is worth it if it fixes the problem The threat of extraterritorial election fraud is new, and requires new laws

Download ppt "Internet Voting Technology and policy issues David Wagner UC Berkeley."

Similar presentations

Electronic Voting Ian Brown (with some slides from Matt Bishop, UC Davis)

Electronic Voting Ian Brown (with some slides from Matt Bishop, UC Davis)
ELECTRONIC VOTING (HK) FEBRUARY 2004 COPYRIGHT © 2004 MICHAEL I. SHAMOS Electronic Voting: The Technology of Democracy Michael I. Shamos, Ph.D., J.D.

ELECTRONIC VOTING (HK) FEBRUARY 2004 COPYRIGHT © 2004 MICHAEL I. SHAMOS Electronic Voting: The Technology of Democracy Michael I. Shamos, Ph.D., J.D.
Good or Bad?.  One of the closest contests in US history  Florida was the pivotal state  Neither Democrat Al Gore nor Republican George W. Bush had.

Good or Bad?.  One of the closest contests in US history  Florida was the pivotal state  Neither Democrat Al Gore nor Republican George W. Bush had.
Internet Voting Technology and policy issues. Selective History of Voting (US) early 1800’s: public oral voting at County Hall 1800’s: free-form, non-secret.

Internet Voting Technology and policy issues. Selective History of Voting (US) early 1800’s: public oral voting at County Hall 1800’s: free-form, non-secret.
October 7, 2010 Who decides who runs for political office Would you ever run for office? What are different ways you can participate in politics?

October 7, 2010 Who decides who runs for political office Would you ever run for office? What are different ways you can participate in politics?
Administration of Absentee Ballot Programs Barry C. Burden (University of Wisconsin) Brian J. Gaines (University of Illinois)

Administration of Absentee Ballot Programs Barry C. Burden (University of Wisconsin) Brian J. Gaines (University of Illinois)
Electrons Chapter 7 Section 2.

Electrons Chapter 7 Section 2.
TGDC Meeting, Jan 2011 Evaluating risk within the context of the voting process Ann McGeehan Director of Elections Office of the Texas Secretary of State.

TGDC Meeting, Jan 2011 Evaluating risk within the context of the voting process Ann McGeehan Director of Elections Office of the Texas Secretary of State.
By Varun Jain. Introduction  Florida 2000 election fiasco, drew conclusion that paper ballots couldn’t be counted  Computerized voting system, DRE (Direct.

By Varun Jain. Introduction  Florida 2000 election fiasco, drew conclusion that paper ballots couldn’t be counted  Computerized voting system, DRE (Direct.
Breaking Trust On The Internet

Breaking Trust On The Internet
Pretty Good Voting (PGV) Christian Bell, Jason Duell, Amir Kamil Computer Security CS 261 Fall 2004.

Pretty Good Voting (PGV) Christian Bell, Jason Duell, Amir Kamil Computer Security CS 261 Fall 2004.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Copyright © 1995-2006 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci530 Computer Security Systems Lecture.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci530 Computer Security Systems Lecture.
Electronic Voting (E-Voting) An introduction and review of technology Written By: Larry Brachfeld CS591, December 2010.

Electronic Voting (E-Voting) An introduction and review of technology Written By: Larry Brachfeld CS591, December 2010.
Voting Naked: A Feasible Election System or Just a Recurring Nightmare Presented by: Danita McRae Daniel Bramell.

Voting Naked: A Feasible Election System or Just a Recurring Nightmare Presented by: Danita McRae Daniel Bramell.
17-803/ Electronic Voting Session 10: Internet Voting

17-803/ Electronic Voting Session 10: Internet Voting
Internet Voting. What is Internet Voting? Internet voting is: an election process whereby people can cast their votes over the Internet, most likely through.

Internet Voting. What is Internet Voting? Internet voting is: an election process whereby people can cast their votes over the Internet, most likely through.
Chapter 10.1 Who Can Vote?.

Chapter 10.1 Who Can Vote?.
Chapter 10 Section 1: p. 236-239.  Early America: most voters were white, adult males who owned property ◦ White adult males who could not afford property,

Chapter 10 Section 1: p  Early America: most voters were white, adult males who owned property ◦ White adult males who could not afford property,
Guide to the Voting Action Planner Voting is the way we elect government officials, pass laws and decide on issues…

Guide to the Voting Action Planner Voting is the way we elect government officials, pass laws and decide on issues…

Similar presentations

Ads by Google