Internet Voting Technology and policy issues David Wagner UC Berkeley.

Slides:



Advertisements
Similar presentations
Electronic Voting Ian Brown (with some slides from Matt Bishop, UC Davis)
Advertisements

ELECTRONIC VOTING (HK) FEBRUARY 2004 COPYRIGHT © 2004 MICHAEL I. SHAMOS Electronic Voting: The Technology of Democracy Michael I. Shamos, Ph.D., J.D.
Good or Bad?.  One of the closest contests in US history  Florida was the pivotal state  Neither Democrat Al Gore nor Republican George W. Bush had.
Internet Voting Technology and policy issues. Selective History of Voting (US) early 1800’s: public oral voting at County Hall 1800’s: free-form, non-secret.
October 7, 2010 Who decides who runs for political office Would you ever run for office? What are different ways you can participate in politics?
Administration of Absentee Ballot Programs Barry C. Burden (University of Wisconsin) Brian J. Gaines (University of Illinois)
Electrons Chapter 7 Section 2.
TGDC Meeting, Jan 2011 Evaluating risk within the context of the voting process Ann McGeehan Director of Elections Office of the Texas Secretary of State.
By Varun Jain. Introduction  Florida 2000 election fiasco, drew conclusion that paper ballots couldn’t be counted  Computerized voting system, DRE (Direct.
Breaking Trust On The Internet
Pretty Good Voting (PGV) Christian Bell, Jason Duell, Amir Kamil Computer Security CS 261 Fall 2004.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci530 Computer Security Systems Lecture.
Electronic Voting (E-Voting) An introduction and review of technology Written By: Larry Brachfeld CS591, December 2010.
Voting Naked: A Feasible Election System or Just a Recurring Nightmare Presented by: Danita McRae Daniel Bramell.
17-803/ Electronic Voting Session 10: Internet Voting
Internet Voting. What is Internet Voting? Internet voting is: an election process whereby people can cast their votes over the Internet, most likely through.
Chapter 10.1 Who Can Vote?.
Chapter 10 Section 1: p  Early America: most voters were white, adult males who owned property ◦ White adult males who could not afford property,
Guide to the Voting Action Planner Voting is the way we elect government officials, pass laws and decide on issues…
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
Objectives Analyze how the administration of elections in the United States helps make democracy work. Define the role of local precincts and polling places.
United States Election Assistance Commission EAC UOCAVA Documents: Status &Update EAC Technical Guidelines Development Committee Meeting (TGDC)
Election Administration. Ensuring legitimacy of the government Legitimacy: acceptance of the right of public officials to hold office and to promulgate.
Chapter 7: The Electoral Process Section 2
Web Browser Security Prepared By Mohammed EL-Batta Mohammed Soubih Supervised By Eng. Eman alajrami Explain Date 10. may University of Palestine.
Network Security Introduction Some of these slides have been modified from slides of Michael I. Shamos COPYRIGHT © 2003 MICHAEL I. SHAMOS.
UOCAVA Report Overview and Status July 2008 Andrew Regenscheid Computer Security Division National Institute of Standards and Technology.
Elections Americans vote at extreme levels –Elections are held almost everyday besides Sundays and holidays –500,000 office holders are elected in the.
Digital Democracy: A look at Voting Machines Presented by Justin Dugger April 2003.
Nathanael Paul CRyptography Applications Bistro February 3, 2004.
1 CERN’s Computer Security Challenges Denise Heagerty CERN Computer Security Officer Openlab Security Workshop, 27 Apr 2004.
Objectives Analyze how the administration of elections in the United States helps make democracy work. Define the role of local precincts and polling places.
The Electoral Process Chapter 7.
Attack and Malicious Code Andrew Anaruk. Security Threats Denial of Service (DoS) Attacks Spoofing Social Engineering Attacks on Encrypted Data Software.
Internet Voting Ashok CS 395T. What is “E-voting” Thomas Edison received US patent number 90,646 for an electrographic vote recorder in Specific.
E-voting Bringing the voting process to the technology age.
Elections. The detailed procedures that govern the casting of votes for elected officials help ensure a democratic way of life The Big Idea.
Computer Security By Duncan Hall.
The Administration of Elections Extent of Federal control Elections need to be free, honest, and accurate Most election law in the U.S. is State Law.
Secure Remote Electronic Voting CSE-681 Fall 2006 David Foster and Laura Stapleton Laura StapletonLaura Stapleton.
7 th Grade Civics Miss Smith *pgs  Must be 18 years old by a set date before the next election  Voter registration protects your vote  No.
WHO CAN VOTE?. VOTING RIGHTS DENIED Voting in America has changed dramatically since the birth of our nation. Initially, many groups were denied that.
Goal 4- Political Parties. Qualifying to Vote Voting is an important right of American citizenship, without it citizens cannot choose who will run their.
SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #
Lesson 7: The Voting Process. Who is able to vote? To be able to vote in Ontario provincial elections, you must: –Be a Canadian citizen, –Be at least.
Election Day.
Unit 5: Ante Up Types of Elections.
Chapter 7: Elections.
Evaluating risk within the context of the voting process
EVoting 23 October 2006.
How do Elections Work? Section 2 (pages ).
Lesson 7: The Voting Process
Political Participation
Electronic voting – safe or not?
NAVY TRANSITION PROGRAM
Voting Assistance Element 49.
Who can Vote? And Types of Elections
Voting Assistance Element pg.208.
eVoting System Proposal
Chapter 7: The Electoral Process Section 2
Chapter 7: The Electoral Process Section 2
Chapter 7: The Electoral Process Section 2
Voting Assistance Element 49 P. 217.
Essential Question What are the procedures for voting?
7th Grade Civics Miss Smith *pgs
Chapter 7: The Electoral Process Section 2
Qualifications and Procedures for Voting
Voting Assistance Element 49 P. 217.
Voting Assistance Element 49 P. 217.
Presentation transcript:

Internet Voting Technology and policy issues David Wagner UC Berkeley

Introductions I’m a computer security researcher We study attacks and countermeasures –Before one can design a system that will resist attack, one must anticipate how it might be attacked

No Secrets Proactive study of attacks is generally a good thing Mounting such attacks is not, of course –Don’t use your super powers for evil

Selective History of Voting (US) early 1800’s: public oral voting at County Hall 1800’s: free-form, non-secret paper ballots popular 1884: widespread vote fraud 1888: adoption of Australian secret ballot 1930’s: lever machines widely adopted 1960’s: punchcard voting developed 2000: butterfly ballots, chad, Florida, gack! 2002: HAVA

Attacks on the Secret Ballot Registration fraud: Register in multiple jurisdictions Graveyard voting “Cleanse” the voter list Districting & re-districting Voter fraud: Vote multiple times (ballot box stuffing) Multiple voting Impersonation Insider fraud: Throw ballot boxes into the bay Stuff ballot box after polls close Sleight of hand Voter intimidation “Run out of ballots” Tallying attacks: Malicious talliers might calculate wrong results Give talliers bogus tools

Attacks on the Secret Ballot Registration fraud: Identity fraud Voter fraud: Impersonation Vote multiple times Vote buying, chain voting Insider fraud: Ballot box stuffing Ballot marking Tallying attacks: Inaccurate counts Ballot marking Manipulation of challenge procedure

How Secure is the Secret Ballot? It’s easy to forge a few fraudulent votes But: It’s very hard to forge a lot of fraudulent votes… Summary: Australian secret ballot is quite robust; a well-designed security system.

History of Internet Voting 2000: 36,000 Arizona citizens vote in Democratic primary over the Internet; 85 military personnel vote in November elections over the Internet 2000: California studies Internet voting; task force recommends against it 2000: NSF panel warns of security risks in Internet voting 2004: SERVE will accept votes over the Internet

The SERVE Project A DoD project for overseas voters Register & vote from abroad Vote over the Internet, using your Windows computer

Who is eligible for SERVE? Overseas & military voters from participating jurisdictions (7 states, 51 counties)

The SERVE Architecture (1) Internet Citizen HTTPS UVS Control Data Ballot Definitions Voted Ballots (Encrypted) LEO Processes Voter Registration Ballot Definition Ballot Decryption Ballot Tabulation Voter History Web Server HTTPS, SFTP SERVEUSA.gov * * * Firewall ** Identification & Authentication Process SERVE server infrastructure Election officials UVS Laptop Ballot Definition Voting Engine Ballot Reconciliation Voter Registration I & A Process ** Voter Status Check Overseas voters Encrypted Voted Ballots Ballot Def. Data UVS Control Data

The SERVE Architecture (2) LEO Infrastructure UOCAVA Voting System (UVS) Citizen HTTPS Encrypted Voted Ballots Manual Ballot Def. Data UVS Control Data Central Server Voter History

Security Risks in SERVE (1) Software flaws: Unintentional bugs might enable remote attacks Malicious code might contain a backdoor COTS software might be insecure or backdoored Insider attacks: Votes cast could be modified or deleted Election officials could learn how you voted, or count your votes incorrectly Sysadmins, developers could bypass security

Security Risks in SERVE (2) Attacks on the client: Worms, viruses Remote attacks Malicious websites, ActiveX Denial of service attacks: DDoS might render servers unreachable Targeted disenfranchisement Website spoofing: Voters might be re- directed to the wrong site (DNS hijacking, ) Spoofed site might observe or change votes Automated vote swapping and vote buying

Summary How do you know that your vote was counted? How much security is enough? How much security is too much? You won the election, but I won the count. -- Somoza

Discussion?

Fighting Words Internet voting is a danger to democracy No voting system will ever be perfectly secure; why worry? Absentee vote-by-mail is already insecure; why should Internet voting be held to a higher standard? 30% of our military today can’t vote; a little insecurity is worth it if it fixes the problem The threat of extraterritorial election fraud is new, and requires new laws

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.