Abstract — With significant U.S. federal funds now available to replace outdated punch-card and mechanical voting systems, municipalities and states throughout the U.S. are adopting paperless electronic voting systems from a number of different vendors. We present a security analysis of the source code to one such machine used in a significant share of the market. Our analysis shows that this voting system is far below even the most minimal security standards applicable in other contexts. We identify several problems including unauthorized privilege escalation, incorrect use of cryptography, vulnerabilities to network threats, and poor software development processes. We show that voters, without any insider privileges, can cast unlimited votes without being detected by any mechanisms within the voting terminal software. Furthermore, we show that even the most serious of our outsider attacks could have been discovered and executed without access to the source code. In the face of such attacks, the usual worries about insider threats are not the only concerns; outsiders can do the damage. That said, we demonstrate that the insider threat is also quite considerable, showing that not only can an insider, such as a poll worker, modify the votes, but that insiders can also violate voter privacy and match votes with the voters who cast them. We conclude that this voting system is unsuitable for use in a general election. Any paperless electronic voting system might suffer similar flaws, despite any “certification ” it could have otherwise received. We suggest that the best solutions are voting systems having a “voter-verifiable audit trail, ” where a computerized voting system might print a paper ballot that can be read and verified by the voter. I.

Abstract not found

We studied the notion of human verification of software-based attestation, which we base on the Pioneer framework. We demonstrate that the current state of the art in software-based attestation is not sufficiently robust to provide humanly verifiable voting machine integrity in practice. We design and implement a selfattesting machine based on Pioneer and modify, and in some cases, correct the Pioneer code to make it functional and more secure. We then implement it into the GRUB bootloader, along with several other modifications, to produce a voting machine that authenticates and loads both the Diebold AccuVote-TS voting software as well as its underlying operating system. Finally, we implement an attack on the system that indicates that it is currently impractical for use and argue that as technology advances, the attack will likely become more effective.

Abstract: Literature has shown that countries with strong democratic traditions, such as the United States and Canada, are not yet using electronic voting systems intensively, due to the concern for and emphasis on security. It has revealed that there is no such thing as an error-free computer system, let alone an electronic voting system, and that existing technology does not offer the conditions necessary for a reliable, accurate and secure electronic voting system. In this context, then, what are the risks of e-voting to democracy? In what ways, if at all, can more fragile, less mature democracies be buttressed with e-voting systems? As a key component of e-democracy, it seems that e-voting technologies are to become more secure and increasingly reliable in the near future and will indeed be adopted in many countries. In what ways, if at all, will the introduction of such systems increase voter confidence in the political system, promote citizen engagement in political life, and nurture the evolution of democracy? If both e-voting and e-democracy are emerging based on popular demand- that is, as a demand-driven alternative to current processes, then there is no doubt that they are likely to

A representative democracy depends on a universally trusted voting system for the election of representatives; voters need to believe that their votes count, and all parties need to be convinced that the winner and loser of the election were declared legitimately. Direct recording electronic (DRE) voting systems are increasingly being deployed to fill this role. Unfortunately, doubts have been raised as to the trustworthiness of these systems. This article presents a research voting system and associated class project which was used to demonstrate several classes of bugs that might occur in such a voting system unbeknownst to voters, with the difficulty of detecting these bugs through auditing. The intent of this project is to justify the mistrust sometimes placed in DRE voting systems that lack a voter-verifiable audit trail.

In this paper a pilot e-voting system is being studied in order to gain insight into the complexity of IT security issues. The current debate about whether or not electronic voting systems need to have a verifiable paper audit trail provides the context of the paper. Contrary to public perception, there is a long history of technical "glitches " and irregularities involving voting machines. According to many researchers a voter-verified paper audit trail is the only way voters can have confidence that their vote has been recorded correctly each time, and that recounts and spot checks are possible. However, more and more well-known technologists acknowledge that security mechanisms are fundamental social mechanisms. In all of this the issue of trust is of great importance; people no longer have a blind faith in scientific objectivity and do no longer trust the "experts". In this paper we will examine the opinions of users involved in the testing of the TruE-Vote electronic voting system, in particular concerning issues like security, verifiability and trust. The results do indeed suggest that IT security is more than just a technological issue. 1.

Abstract In this paper a pilot e-voting system is being studied to gain insight into the complexity of IT security issues. The current debate about whether or not electronic voting systems need to have a verifiable paper audit trail provides the context of the paper. According to many researchers a voter-verified paper trail is the only way voters can have confidence that their vote has been recorded correctly. However, technologists start to acknowledge that security mechanisms are fundamental social mechanisms. Trust is of great importance; people no longer have a blind faith in scientific objectivity and the “experts”. We examine the opinions of users involved in the testing of the TruE-Vote e-voting system, in particular concerning issues like security, verifiability and trust. The results do indeed suggest that IT security is more than just a technological issue. 1.