1. No category

שקפים - CS, Technion

Yossi Oren and Avishai Wool,
IEEE RFID’2010, Orlando FL
snipurl.com/e-voting
http://eprint.iacr.org/2009/422


What’s the Israeli e-Voting Scheme?
How can we break it cheaply and completely?



Why the new scheme is legally unsound
Why the scheme is discriminatory against
… [insert underprivileged group here]…
The biometric database

Definition: An election E is an NP election,
if…
N


P
Conjecture: An election is only secure if it is NP-secure
Claim: The Israeli Scheme is NP-insecure

Israel votes by national list proportional
representation
V
List of
Aut horized
Vot ers
g
in
ot
h
ot
Bo
Ballot Box
Vot er
Paper Ballot s
BB
aknakst
l alnC
BB
l
alaV
ltot tes
l oo
s
s
Local
Elect ions
Commit t ee
S ne
BEB
lnai g
d
la
nv kn k
BB
alal ol ltoetl ospes
s
V
List of
Aut horized
Vot ers
g
in
ot
h
ot
Bo
Ballot Box
Vot er
Paper Ballot s
BB
aknakst
l alnC
BB
l
alaV
ltot tes
l oo
s
s
Local
Elect ions
Commit t ee
S ne
BEB
lnai g
d
la
nv kn k
BB
alal ol ltoetl ospes
s
List of
Aut horized
Vot ers
V
•72.1% participation rate
•Less than 1.3% disqualified votes
g
in
ot
h
ot
Bo
(including protest “blank ballot” votes)
Ballot Box
•99% final results 6 hours after poll closes
Vot er
Paper Ballot s
BB
aknakst
l alnC
BB
l
alaV
ltot tes
l oo
s
s
Local
Elect ions
Commit t ee
Public Trust
S ne
BEB
lnai g
d
la
nv kn k
BB
alal ol ltoetl ospes
s
V
Populat ion
Regist er
Terminal
g
in
ot
h
ot
Bo
Vot ing and
Count ing
Terminal
Ballot Box
Vot er
Verificat ion
Terminal
BB
aknakst
l alnC
BB
l
alaV
ltot tes
l oo
s
s
Local
Elect ions
Commit t ee
BB
lnalnakn
l aB
k k
BB
a
B
l lltol ot t
al l o
a
s
ss
V
Populat ion
Regist er
Terminal
g
in
ot
h
ot
Bo
Vot ing and
Count ing
Terminal
Ballot Box
Vot er
Verificat ion
Terminal
BB
aknakst
l alnC
BB
l
alaV
ltot tes
l oo
s
s
Local
Elect ions
Commit t ee
BB
lnalnakn
l aB
k k
BB
a
B
l lltol ot t
al l o
a
s
ss
V
Populat ion
Regist er
Terminal
g
in
ot
h
ot
Bo
Vot ing and
Count ing
Terminal
Ballot Box
Vot er
Verificat ion
Terminal
BB
aknakst
l alnC
BB
l
alaV
ltot tes
l oo
s
s
Local
Elect ions
Commit t ee
BB
lnalnakn
l aB
k k
BB
a
B
l lltol ot t
al l o
a
s
ss
N P
V
Populat ion
Regist er
Terminal
g
in
ot
h
ot
Bo
Vot ing and
Count ing
Terminal
Ballot Box
Vot er
Verificat ion
Terminal
BB
aknakst
l alnC
BB
l
alaV
ltot tes
l oo
s
s
Local
Elect ions
Commit t ee
BB
lnalnakn
l aB
k k
BB
a
B
l lltol ot t
al l o
a
s
ss
V
Populat ion
Regist er
Terminal
g
in
ot
h
ot
Bo
N P
Vot ing and
Count ing
Terminal
Ballot Box
Vot er
Verificat ion
Terminal
BB
aknakst
l alnC
BB
l
alaV
ltot tes
l oo
s
s
Local
Elect ions
Commit t ee
BB
lnalnakn
l aB
k k
BB
a
B
l lltol ot t
al l o
a
s
ss

Voting terminal has an immediate count
 This is considered the “preliminary count”
 Can be transmitted to center immediately

Then the election committee scan the ballots on
the verification terminal and count
 This is the official binding count

If there is a discrepancy between the 2 counts
 “small” difference – alert election security officer
 “large” discrepancy (30%) – voting station disqualified

Relay Attacks
 Ballot Sniffing
 Single Dissident
 Ballot Stuffing

Non-Relay Attacks
 Zapper
 Remote Jamming
 Implementation Attacks
V
•Variant: take zapper into booth and zap my
own ballot
•… after registering a vote
g
in
ot
h
ot
Bo
Vot ing and
Count ing
Terminal
Ballot Box
P P P
Local
Elect ions
Commit t ee
P P P
•Collusion of N voters
create a discrepancy
P P
of +N
•… disqualify everyone’s vote
Za
p!
Verificat ion
Terminal
BB
lnalnakn
l aB
k k
BB
a
B
l lltol ot t
al l o
a
s
ss
HF
Re RFI D
ad
er
G
L
5 cm
HF
R
T a FI D
g
V
g
in
ot
h
ot
Bo
N P
Vot ing and
Count ing
Terminal
Ballot Box
P N N
P P N
Verificat ion
Terminal
Local
Elect ions
Commit t ee
N N
BB
lnalnakn
l aB
k k
BB
a
B
l lltol ot t
al l o
a
s
ss
N P
V
g
in
ot
h
ot
Bo
Vot ing and
Count ing
Terminal
Ballot Box
P
P N
P N
P P N
P
Verificat ion
Terminal
Local
Elect ions
Commit t ee
N
P N
P
BB
lnalnakn
l aB
k k
BB
a
B
l lltol ot t
al l o
a
s
ss




Session Hijacking
Replay Attacks
Semantic Insecurity
…

Is the new e-voting scheme a good scheme?
 General
 Free
 Equal
 Fair
in’
a
t
i
If
snipurl.com/e-voting
ke,
o
r
b
t
fix
on’t
it!
d
http://eprint.iacr.org/2009/422

 Download  Report

Paperzz.com

Your Paperzz

© Copyright 2024 Paperzz