natalie

Document Sample
natalie Powered By Docstoc
					Cell Phones and Voting
   System Integrity



      Natalie Podrazik
     natalie2@umbc.edu
                                         Overview
    I.            Introduction                      III.          WINvote System
    II.           Cell Phones                              I.      Overview
           I.            Background                        II.     How it works
           II.           Potential Attack tools            III.    Vulnerabilities and
                   I.        Recording Abilities                   Attacks
                   II.       Wireless connections          IV.     Evaluation of
           III.          Traceability                              WINvote’s
                                                                   preparedness for cell
           IV.           Relevance to Voting                       phone attacks
                         Systems
                                                    IV.           Recommendations
                                                    V.            Conclusions


Natalie Podrazik – natalie2@umbc.edu                                                       2
                                          Introduction
     Why                this project was started
     Why                this project is relevant
     Why                it is novel



     UMBC                     CSEE; CS 491V/691V
     Program                          Investigator: Natalie Podrazik

Natalie Podrazik – natalie2@umbc.edu                                    3
                     Cell Phones: At a Glance

     Became       extremely              Growth towards greater
          popular in late 90’s             computing capacity and
            203    million +              personal feel
                Americans own them
                today
                                          Integrationof PDA and
                                           cell phones
     More               customizable
                                            Leads   to functionality of
                                             PC’s
     Smaller                  in size


Natalie Podrazik – natalie2@umbc.edu                                       4
                  What can a cell phone do?
         Carry on conversation over phone line (GSM...)
         Voicemail
                                          Take digital photographs
         Address book
                                          Record sound
         Speed dial                      Record Video
         Call history                    Photo messaging
         Calculator                      Run PC-oriented applications
                                           (iTunes)
         Games                           Access wireless devices
         Alarm clock                       Bluetooth
                                            802.11
         Text messaging
                                          Programmable


Natalie Podrazik – natalie2@umbc.edu                                      5
    Why Recording Devices are Problematic

     Invasion                         of privacy
     Easier                  means of vote influence
     Taking                   home TMI
     Disabled                         citizens’ voting
     Member                           registration
                 Easy recreation of interfaces with model




Natalie Podrazik – natalie2@umbc.edu                         6
       Why Wireless Devices are Problematic

     Systems                          use Bluetooth or Wi-Fi

     Disruptions
                                                                iPAQ H6315
           Ballotloading to DRE’s                               Pocket PC
           Sending of data to remote printers
           Gathering of voter registration data
           Pertinent election day updates
           Tabulation of votes
           More...
                                                                T-Mobile M/DA
Natalie Podrazik – natalie2@umbc.edu                                            7
                                   A Unique Territory
     Cell     phones as potential
          attackers in critical systems

     Electronic                       voting systems:
           Inaccuracy
           Unpredictability
           Holes                in security

     Cost     of attacks; identification of
          attacker
Natalie Podrazik – natalie2@umbc.edu                     8
                            Case Study: WINvote

      DRE,               PPV
      Wireless                    Internet
      Chosen                    for easy setup
      Checkered                       history
              Binds  County, MI: Failures
              Arlington, VA: Praises

      2006              Elections: VA
                                                  VA

Natalie Podrazik – natalie2@umbc.edu                   9
               On Election Day: Setting Up

         Setup of                        Master downloads
          equipment                        ballot via Wi-Fi

         Boot up all                     Master distributes
          machines
                                           ballot to other
                                           stations
         Display of
                                              Displays Serial #s
          machine data
                                               on Master screen

         Choose Master                   Open Unit Report



Natalie Podrazik – natalie2@umbc.edu                                10
                       On Election Day: Voting
     Election  official inserts
          BALLOT card


     EO      leaves; voter
          votes


     Votes               recorded in:
            Harddrive
            USB Memory stick


Natalie Podrazik – natalie2@umbc.edu             11
           On Election Day: Counting Votes
         EO enters smart card on           Serial #s of each machine
          one chosen Master                  displayed until “Stop
         EO confirms “Close Poll            Searching”
          Location”                         EO can “Export Location
         Other machines “wake up”           Data”
         Master receives vote tallies      “Unit Close” report prints
          from other machines in             on each machine
          precinct




Natalie Podrazik – natalie2@umbc.edu                                      12
          Recording Devices Exploit WINvote Flaws

     Vote               bribery/intimidation
     Capturing                        of exact interface
           GUI ballots
           Disabled voters’ ballots
           Bootup procedures
           Shutdown procedures

     Inability   to determine when recording is
          going on

Natalie Podrazik – natalie2@umbc.edu                        13
                       System Integrity Attacks
     Background:
           Types                 of DoS Attacks to Wireless
                   Deauthentication
                   MAC                layer duration stalling
           Strength
           Cost

     Technologies                            to fret about
           Bluetooth
           802.11                     (Wi-Fi)

Natalie Podrazik – natalie2@umbc.edu                             14
                   WINvote’s Vulnerabilities I
                                        Recording Election Data


  Range                 of sensitive material
         Machine  Details
         Registration Paperwork
         Precinct Environment
         Voting Procedures



  Challenge                      of Detection
  Identifying                     Attackers


Natalie Podrazik – natalie2@umbc.edu                              15
                             Evaluation of Attack I
                                        Recording Election Data

                                               Record Casting
                                                  of Votes
                                                  P/ND/$



                       Record Screen            Record Votes              Record
                       Touch History            Cast by DRE             Voter Voting
                          I/D/$$                   I/D/$$                 P/ND/$



        Recording                      Embedded                  Hidden,          Cell Phone
        Hardware                        Software                Traditional        P/ND/$
         I/D/$$$                         I/D/$$                  P/ND/$$

         P = Possible                    D = Detectable                $ = Relatively Cheap
       I = Impossible                  ND = Not Detectable            $$ = Moderately Priced
                                                                       $$$ = Very Expensive
Natalie Podrazik – natalie2@umbc.edu                                                           16
                             Evaluation of Attack I
                                       Recording Election Data



         Feasibility                               Impact
                 Cost?                                 Machine
                 Resources?                            Polling Place
                 Time?                                 Precinct
                 Risk?                                 Election

         Traceability
                                                Cheap and possible attack
         Likelihood
                                                   with minor to major
                                                     consequences


Natalie Podrazik – natalie2@umbc.edu                                        17
                 WINvote’s Vulnerabilities II
                                       Disrupting the Tallying of Votes



         Denial Of Service Attack
               Repeated deauthentications
               MAC Duration field delay



         Redundancies for vote counts
               Wireless submission
               Paper trail
               USB Memory stick

         Broader impact of attack

Natalie Podrazik – natalie2@umbc.edu                                      18
                            Evaluation of Attack II
                                        Disrupting the Tallying of Votes

                                                        Block
                                                     Tabulation                     Remove
                Destroy                               P/ND/$$I                    Pollworkers
                Machines
                                                                                     I/D/$
                 I/D/$$
                                                                        Ruin Wi-Fi
                       Ruin USB
                                                                        Connection
                        P/D/$
                                                                         P/ND/$$
            Swap                       Steal
           I/D/$$                      I/D/$       Ruin
                                                              Break/Damage      Special
                                                Paper Trail
                   Break/Damage                                   I/D/$       Equipment
                                                  P/D/$
                       P/D/$                                                   P/ND/$$

                                          Swap            Steal       Laptop         Jammer
                                         I/ND/$           I/D/$      P/ND/$$         P/D/$$
                                               Break/Damage
                                                                             Cell Phone
                                                   P/D/$
                                                                              P/ND/$$
Natalie Podrazik – natalie2@umbc.edu                                                            19
                            Evaluation of Attack II
                                       Disrupting the Tallying of Votes


       Feasibility                                      Impact
              Cost?                                         Machine
              Resources?                                    Polling Place
              Time?                                         Precinct
              Risk?                                         Election
       Traceability
       Likelihood                                Requires some work and may
                                                   have minor consequences.
                                                 Redundancies in vote recording
                                                   protect accuracy of election.


Natalie Podrazik – natalie2@umbc.edu                                               20
                WINvote’s Vulnerabilities III
                                            Wake-On-LAN (WoL)



       How              it works
              Tells  WINvote machines to
                  connect at receipt of a “magic
                  packet”


       Spoofing                       of magic packet

       Repercussions                       of a “harmless
           attack”

Natalie Podrazik – natalie2@umbc.edu                            21
                          Evaluation of Attack III
                                           Wake-On-LAN (WoL)

                                       Disturb WoL
                                        P/ND/$$


                             Destroy           Send Premature
                             Machines           WoL Request
                              I/D/$               P/ND/$$


                                        Insert Smart          Spoof
                                         Card Early         WoL Request
                                           I/D/$             P/ND/$$


                                                       Computer     Cell Phone
                                                       P/ND/$$       P/ND/$$


Natalie Podrazik – natalie2@umbc.edu                                             22
                          Evaluation of Attack III
                                       Wake-On-LAN (WoL)

     Feasibility                                Impact
            Cost?                                   Machine
            Resources?                              Polling Place
            Time?                                   Precinct
            Risk?                                   Election

     Traceability
     Likelihood                             Requires some work and may
                                               not affect overall election
                                             results, but it severely affects
                                            voter confidence in the system.


Natalie Podrazik – natalie2@umbc.edu                                            23
                WINvote’s Vulnerabilities IV
                                           Ballot Loading



     Denial-Of-Service                      Attacks
           Deauthentication
           MAC                Duration field delay

                                                            Official Ballot
     Redundancies


     Broader                      impact of attack


Natalie Podrazik – natalie2@umbc.edu                                          24
                              Evaluation of Attack IV
                                                    Ballot Loading

                                                 Block Ballot Loading
               Destroy                                 P/ND/$
                                                                                   Remove
               Machines
                                                                                 Pollworkers
                I/D/$$
                                                                                    I/D/$

                           Disable Smart Cards                 Prevent Wi-Fi via DoS
                                  P/D/$                              P/ND/$



                      Swap                     Ruin Cards      Laptop        Cell Phone
                    I/ND/$$                     P/D/$$        P/ND/$$         P/ND/$


                                       Steal
                                       P/D/$


Natalie Podrazik – natalie2@umbc.edu                                                           25
                              Evaluation of Attack IV
                                       Ballot Loading

    Feasibility                                Impact
            Cost?                                  Machine
            Resources?                             Polling Place
            Time?                                  Precinct
            Risk?                                  Election

    Traceability
    Likelihood                              A likely attack with a major
                                                effect on election day
                                              with very few resources



Natalie Podrazik – natalie2@umbc.edu                                        26
                     WINvote’s Preparedness
     Preventative                       measures
           Prohibitingcell phones
           Limiting duration field
           Requiring additional packet ID


     Recognizing                        attack

     Identifying                      Attackers


Natalie Podrazik – natalie2@umbc.edu                27
       What We Can Learn from WINvote

    Process redundancy
    Encryption of vote data
    Encryption methods


    Use of Wireless Internet
    Wake-On-LAN
    Danger of portable
     devices
Natalie Podrazik – natalie2@umbc.edu    28
                                           Summary
     Cell             phones pack a lot of punch

     WINvote                          as a case study
           Privacy
           System  disruption
           Probability and ease of attack


     Reevaluate                         today’s attacker


Natalie Podrazik – natalie2@umbc.edu                        29
                                       Works Cited I
    1.       "802.11 at the Polls". Wi-Fi Planet. Date of Access: 04 May 2006: http://www.wi-
             fiplanet.com/news/article.php/2211761

    2.       "Advanced Voting Solutions Homepage". Advanced Voting Solutions. Date of
             Access: 04 May 2006: http://217.160.190.12/jlo775/

    3.       "Advanced Voting Solutions: WINvote Results". Acessible Voting Systems Vendor Fair Survey
             Results. Date of Access: 04 May 2006:
             http://www.sos.state.or.us/elections/HAVA/vendorfair/survey_results/avswin_results.html

    4.       "A Report on the Feasibility of Internet Voting", California Secretary of
             State Bill Jones and California Internet Voting Task Force. Created June 2000. Date of Access:
             04 May 2006: http://www.ss.ca.gov/executive/ivote/final_report.htm

    5.       "A Vote for the Future". Gpvernment Technology. Date of Access: 04 May
             2006: http://www.govtech.net/magazine/story.php?id=61857&issue=8:2003

    6.       "AVS.doc". Oregon Secretary of State Help America Vote Act (HAVA) Page. Date of Access: 04
             May 2006: www.sos.state.or.us/elections/HAVA/vendorfair/survey_results/AVS.doc




Natalie Podrazik – natalie2@umbc.edu                                                                          30
                                       Works Cited II
    7.        "AVS Election Article: Advanced Voting Solutions Debuts Successfully in
              Three States". The Advocate Online. Date of Access: 04 May 2006:
              http://www.sims.berkeley.edu/~ping/diebold/lists/announce.w3archive/200211/msg00013.html

    8.        Bellardo, John, and Stefan Savage. "802.11 Denial-of-Service Attacks: Real Vulnerabilities and
              Practical Solutions" in the Proceedings of the USENIX Security Symposium, August 2003.

    9.        "Digital Voting Fears are Grounded in Facts". VoteTrust USA. Date of
              Access: 04 May 2006:
              http://www.votetrustusa.org/index.php?option=com_content&task=view&id=419&Itemid=86

    10.       "Election Day Guide". Arlington County, Virginia Electoral Board and Voter
              Registration. Date of Access: 04 May 2006:
              http://www.arlingtonva.us/departments/VoterRegistration/eo/images/EdayGuide.pdf

    11.       "Electronic Voting Bibliography". Personal Website: Anne-Marie Oostveen.
              Date of Access: 04 May 2006: http://www.social-informatics.net/evoting

    12.       "FAQ's: Voting Machine Replacement - Frequently Asked Questions". Fairfax
              County, Viringia Official Website. Date of Access: 04 May 2006:
              http://www.fairfaxcounty.gov/eb/FAQ_votingmachine_repl.pdf




Natalie Podrazik – natalie2@umbc.edu                                                                           31
                                       Works Cited III
      13.      "HP iPAQ Pocket PC Information Center System Specifications". Pocket PC Central. Date of
               Access: 18 April 2006: http://pocketpccentral.net/ipaq6300.htm

      14.      "Mobile Device Reviews". BrightHand. Date of Access: 18 April 2006:
               http://www.brighthand.com

      15.      "Number of Precincts and Registered Voters by Congressional District -
               February 1, 2006". Virginia State Board of Elections . Date of Access: 04 May 2006:
               http://www.sbe.virginia.gov/cms/Statistics_Polling_Places/Registration_Statistics/2006/Congres
               sional/Counties_Cities_within_Congressional_Districts_-_February_1,_2006.html

      16.      "Products: Architectural Elements: Voice Output Voting Machine". Abledata. Date of Access: 04
               May 2006: http://www.abledata.com/abledata.cfm?pageid=19327&top=15499&trail=22,10445

      17.      "State & County QuickFacts: Virginia County Selection Map". US Census
               Bureau. Date of Access: 04 May 2006: http://quickfacts.census.gov/qfd/maps/virginia_map.html

      18.      "Tech Glitches Slow Vote Count". The Washington Times. Date of Access: 04
               May 2006: http://www.washingtontimes.com/metro/20031123-111644-2120r.htm

      19.      "The Electoral Board and General Registrar". Fairfax County, Virginia
               Official Website. Date of Access: 04 May 2006: http://www.fairfaxcounty.gov/eb/homepage.htm

Natalie Podrazik – natalie2@umbc.edu                                                                            32
                                       Works Cited IV
      •        United States Federal Election Commission. Agenda Document 01-62 from 13
               December 2001. Volume 1, Section 5: Telecommunications.

      •        "UT-STARCOM F1000G System Specifications". UTstarcom. Date of Access: 18 April 2006:
               http://www.utstar.com/Solutions/Handsets/WiFi/

      •        "Va. Official: E-voting Security Not Easily Breached". The Citizens Voice.
               Date of Access: 04 May 2006:
               http://www.zwire.com/site/news.cfm?newsid=13976846&BRD=2259&PAG=461&dept_id=4551
               54

      •        "Voting System Certification Status". Pennsylvania Department of State.
               Date of Access: 04 May 2006:
               http://www.hava.state.pa.us/hava/lib/hava/votingsystemexamination/vs_certification_status.pdf

      •        "What is Wake On Lan?". Depicus Software. Date of Access: 04 May 2006:
               http://www.depicus.com/wake-on-lan/what-is-wake-on-lan.aspx

      •        "Wi-Fi". Wikipedia. Last updated: 18 April 2006. Date of Access: 18
               April 2006: http://en.wikipedia.org/wiki/Wi-Fi

      •        "Wireless Use in Presidential Primary Draws Positive Reviews". Spectrum
               Resellers. Date of Access: 04 May 2006: http://spectrumresellers.com/publications/page207-
               725565.asp
Natalie Podrazik – natalie2@umbc.edu                                                                           33

				
DOCUMENT INFO
Shared By:
Categories:
Stats:
views:19
posted:11/24/2010
language:English
pages:33