Embed Size (px)
DESCRIPTION
Yossi Oren and Avishai Wool , . Attacks on RFID-Based Electronic Voting Systems. IEEE RFID’2010, Orlando FL. snipurl.com/e-voting. http://eprint.iacr.org/2009/422. Agenda. What’s the Israeli e-Voting Scheme? How can we break it cheaply and completely?. Not on the Agenda. - PowerPoint PPT Presentation
Citation preview
Attacks on RFID-Based Electronic Voting Systems
Yossi Oren and Avishai Wool,
http://eprint.iacr.org/2009/422snipurl.com/e-votingIEEE RFID’2010, Orlando FL
Agenda
What’s the Israeli e-Voting Scheme? How can we break it cheaply and
completely?
Not on the Agenda
Why the new scheme is legally unsound
Why the scheme is discriminatory against… [insert underprivileged group here]…
The biometric database
Preliminaries Definition: An election E is an NP
election, if…
N P
Conjecture: An election is only secure if it is NP-secure Claim: The Israeli Scheme is NP-insecure
How Do We Vote Today?
Israel votes by national list proportional representation
How Do We Vote Today?
Voter
Voting Booth
LocalElections
Committee
Ballot Box
Paper Ballots
Blank Ballots
Blank Ballots
Signed Envelopes
Blank Ballots
Blank Ballots
Cast Votes
List of Authorized
Voters
NP
Voter
Voting Booth
LocalElections
Committee
Ballot Box
Paper Ballots
Blank Ballots
Blank Ballots
Signed Envelopes
Blank Ballots
Blank Ballots
Cast Votes
List of Authorized
Voters
N
How Do We Vote Today?
NP
Voter
Voting Booth
LocalElections
Committee
Ballot Box
Paper Ballots
Blank Ballots
Blank Ballots
Signed Envelopes
Blank Ballots
Blank Ballots
Cast Votes
List of Authorized
Voters
How Do We Vote Today?
NP
•72.1% participation rate•Less than 1.3% disqualified votes
(including protest “blank ballot” votes)•99% final results 6 hours after poll closes
Public Trust
How Will We Vote Tomorrow?
Voter
Voting Booth
LocalElections
Committee
Ballot BoxVoting and Counting Terminal
Verification Terminal
Blank Ballots
Blank Ballots
Blank Ballots
Blank Ballots
Blank Ballots
Cast Votes
Population Register Terminal
Tomorrow’s Ballot
How Will We Vote Tomorrow?
Voter
Voting Booth
LocalElections
Committee
Ballot BoxVoting and Counting Terminal
Verification Terminal
Blank Ballots
Blank Ballots
Blank Ballots
Blank Ballots
Blank Ballots
Cast Votes
Population Register Terminal
How Will We Vote Tomorrow?
Voter
Voting Booth
LocalElections
Committee
Ballot BoxVoting and Counting Terminal
Verification Terminal
Blank Ballots
Blank Ballots
Blank Ballots
Blank Ballots
Blank Ballots
Cast Votes
Population Register Terminal
How Will We Vote Tomorrow?
Voter
Voting Booth
LocalElections
Committee
Ballot BoxVoting and Counting Terminal
Verification Terminal
Blank Ballots
Blank Ballots
Blank Ballots
Blank Ballots
Blank Ballots
Cast Votes
Population Register Terminal
N PN
How Will We Vote Tomorrow?
Voter
Voting Booth
LocalElections
Committee
Ballot BoxVoting and Counting Terminal
Verification Terminal
Blank Ballots
Blank Ballots
Blank Ballots
Blank Ballots
Blank Ballots
Cast Votes
Population Register Terminal
N PN
At the end of the day Voting terminal has an immediate count
This is considered the “preliminary count” Can be transmitted to center immediately
Then the election committee scan the ballots on the verification terminal and count This is the official binding count
If there is a discrepancy between the 2 counts “small” difference – alert election security officer “large” discrepancy (30%) – voting station disqualified
Attacks on the Voting System
Relay Attacks Ballot Sniffing Single Dissident Ballot Stuffing
Non-Relay Attacks Zapper Remote Jamming Implementation Attacks
Relay Attacks Ballot Sniffing Single Dissident Ballot Stuffing
Non-Relay Attacks Zapper Remote Jamming Implementation Attacks
The Zapper Attack
Voting Booth
LocalElections
Committee
Ballot BoxVoting and Counting Terminal
Verification Terminal
Blank Ballots
Blank Ballots
Blank Ballots
PPPP
P
P
PP
Zap!
Zap!
•Variant: take zapper into booth and zap my own ballot•… after registering a vote
•Collusion of N voters create a discrepancy of +N•… disqualify everyone’s vote
Relay Attacks
5 cm
HF RFID Reader HF RFID Tag
L
G
HF RFID Tag
The Ballot Sniffing Attack
Voting Booth
LocalElections
Committee
Ballot BoxVoting and Counting Terminal
Verification Terminal
Blank Ballots
Blank Ballots
Blank Ballots
P N
N
N
PPN
N
N PNP N
N
N
PPN
N
The Ballot Stuffing Attack
Voting Booth
LocalElections
Committee
Ballot BoxVoting and Counting Terminal
Verification Terminal
Blank Ballots
Blank Ballots
Blank Ballots
P N
N
N
PPN
N
N P
P
P
P
NP
P
P
Implementation Attacks
Session Hijacking Replay Attacks Semantic Insecurity …
Conclusion
Is the new e-voting scheme a good scheme? General Free Equal Fair
Is the new e-voting scheme a good scheme? General Free Equal Fair
Thank You!
If it ain’t broke, don’t fix it!
http://eprint.iacr.org/2009/422snipurl.com/e-voting
![Attacks on RFID protocols · els designed for RFID protocol analysis, such as Avoine [Avo05], Juels and Weis [JW07], Vaudenay [Vau07], Damg˚ard and Pedersen [DP08], and Paise and](https://img.pdfslide.net/doc/110x75/5fb3216bfb70c93ca86e8cce/attacks-on-rfid-protocols-els-designed-for-rfid-protocol-analysis-such-as-avoine.jpg)
