Yossi Oren and Avishai Wool, IEEE RFID’2010, Orlando FL snipurl.com/e-voting http://eprint.iacr.org/2009/422 What’s the Israeli e-Voting Scheme? How can we break it cheaply and completely? Why the new scheme is legally unsound Why the scheme is discriminatory against … [insert underprivileged group here]… The biometric database Definition: An election E is an NP election, if… N P Conjecture: An election is only secure if it is NP-secure Claim: The Israeli Scheme is NP-insecure Israel votes by national list proportional representation V List of Aut horized Vot ers g in ot h ot Bo Ballot Box Vot er Paper Ballot s BB aknakst l alnC BB l alaV ltot tes l oo s s Local Elect ions Commit t ee S ne BEB lnai g d la nv kn k BB alal ol ltoetl ospes s V List of Aut horized Vot ers g in ot h ot Bo Ballot Box Vot er Paper Ballot s BB aknakst l alnC BB l alaV ltot tes l oo s s Local Elect ions Commit t ee S ne BEB lnai g d la nv kn k BB alal ol ltoetl ospes s List of Aut horized Vot ers V •72.1% participation rate •Less than 1.3% disqualified votes g in ot h ot Bo (including protest “blank ballot” votes) Ballot Box •99% final results 6 hours after poll closes Vot er Paper Ballot s BB aknakst l alnC BB l alaV ltot tes l oo s s Local Elect ions Commit t ee Public Trust S ne BEB lnai g d la nv kn k BB alal ol ltoetl ospes s V Populat ion Regist er Terminal g in ot h ot Bo Vot ing and Count ing Terminal Ballot Box Vot er Verificat ion Terminal BB aknakst l alnC BB l alaV ltot tes l oo s s Local Elect ions Commit t ee BB lnalnakn l aB k k BB a B l lltol ot t al l o a s ss V Populat ion Regist er Terminal g in ot h ot Bo Vot ing and Count ing Terminal Ballot Box Vot er Verificat ion Terminal BB aknakst l alnC BB l alaV ltot tes l oo s s Local Elect ions Commit t ee BB lnalnakn l aB k k BB a B l lltol ot t al l o a s ss V Populat ion Regist er Terminal g in ot h ot Bo Vot ing and Count ing Terminal Ballot Box Vot er Verificat ion Terminal BB aknakst l alnC BB l alaV ltot tes l oo s s Local Elect ions Commit t ee BB lnalnakn l aB k k BB a B l lltol ot t al l o a s ss N P V Populat ion Regist er Terminal g in ot h ot Bo Vot ing and Count ing Terminal Ballot Box Vot er Verificat ion Terminal BB aknakst l alnC BB l alaV ltot tes l oo s s Local Elect ions Commit t ee BB lnalnakn l aB k k BB a B l lltol ot t al l o a s ss V Populat ion Regist er Terminal g in ot h ot Bo N P Vot ing and Count ing Terminal Ballot Box Vot er Verificat ion Terminal BB aknakst l alnC BB l alaV ltot tes l oo s s Local Elect ions Commit t ee BB lnalnakn l aB k k BB a B l lltol ot t al l o a s ss Voting terminal has an immediate count This is considered the “preliminary count” Can be transmitted to center immediately Then the election committee scan the ballots on the verification terminal and count This is the official binding count If there is a discrepancy between the 2 counts “small” difference – alert election security officer “large” discrepancy (30%) – voting station disqualified Relay Attacks Ballot Sniffing Single Dissident Ballot Stuffing Non-Relay Attacks Zapper Remote Jamming Implementation Attacks V •Variant: take zapper into booth and zap my own ballot •… after registering a vote g in ot h ot Bo Vot ing and Count ing Terminal Ballot Box P P P Local Elect ions Commit t ee P P P •Collusion of N voters create a discrepancy P P of +N •… disqualify everyone’s vote Za p! Verificat ion Terminal BB lnalnakn l aB k k BB a B l lltol ot t al l o a s ss HF Re RFI D ad er G L 5 cm HF R T a FI D g V g in ot h ot Bo N P Vot ing and Count ing Terminal Ballot Box P N N P P N Verificat ion Terminal Local Elect ions Commit t ee N N BB lnalnakn l aB k k BB a B l lltol ot t al l o a s ss N P V g in ot h ot Bo Vot ing and Count ing Terminal Ballot Box P P N P N P P N P Verificat ion Terminal Local Elect ions Commit t ee N P N P BB lnalnakn l aB k k BB a B l lltol ot t al l o a s ss Session Hijacking Replay Attacks Semantic Insecurity … Is the new e-voting scheme a good scheme? General Free Equal Fair in’ a t i If snipurl.com/e-voting ke, o r b t fix on’t it! d http://eprint.iacr.org/2009/422
© Copyright 2024 Paperzz