tailieunhanh - Attacking the Washington, D.C. Internet Voting System

In 2010, Washington, . developed an Internet voting pilot project that was intended to allow overseas absentee voters to cast their ballots using a website. Prior to deploying the system in the general election, the District held a unique public trial: a mock election during which anyone was invited to test the system or attempt to compromise its security. This paper describes our experience participating in this trial. Within 48 hours of the system going live, we had gained nearcomplete control of the election server. We successfully changed every vote and revealed almost every secret ballot. Election officials did not detect our intrusion for nearly two business days—and might. | In Proc. 16th Conference on Financial Cryptography Data Security Feb. 2012 Attacking the Washington . Internet Voting System Scott Wolchok Eric Wustrow Dawn Isabel and J. Alex Halderman The University of Michigan Ann Arbor swolchok ewust dki jhalderm @ Abstract. In 2010 Washington . developed an Internet voting pilot project that was intended to allow overseas absentee voters to cast their ballots using a website. Prior to deploying the system in the general election the District held a unique public trial a mock election during which anyone was invited to test the system or attempt to compromise its security. This paper describes our experience participating in this trial. Within 48 hours of the system going live we had gained nearcomplete control of the election server. We successfully changed every vote and revealed almost every secret ballot. Election officials did not detect our intrusion for nearly two business days and might have remained unaware for far longer had we not deliberately left a prominent clue. This case study the first to our knowledge to analyze the security of a government Internet voting system from the perspective of an attacker in a realistic pre-election deployment attempts to illuminate the practical challenges of securing online voting as practiced today by a growing number of jurisdictions. Keywords Internet voting e-voting penetration testing case studies 1 Introduction Conducting elections for public office over the Internet raises grave security risks. A web-based voting system needs to maintain both the integrity of the election result and the secrecy of voters choices it must remain available and uncompromised on an open network and it has to serve voters connecting from untrusted clients. Many security researchers have cataloged threats to Internet voting . 11 15 even as others have proposed systems and protocols that may be steps to solutions someday . 6 12 meanwhile a growing number of states and countries