Cryptanalysis of the windows random number generator
Proceedings of the 14th ACM conference on Computer and communications security
Security analysis of the diebold AccuVote-TS voting machine
EVT'07 Proceedings of the USENIX Workshop on Accurate Electronic Voting Technology
An analysis of the hart intercivic DAU eSlate
EVT'07 Proceedings of the USENIX Workshop on Accurate Electronic Voting Technology
TPM meets DRE: reducing the trust base for electronic voting using trusted platform modules
IEEE Transactions on Information Forensics and Security - Special issue on electronic voting
Security analysis of India's electronic voting machines
Proceedings of the 17th ACM conference on Computer and communications security
Eperio: mitigating technical complexity in cryptographic election verification
EVT/WOTE'10 Proceedings of the 2010 international conference on Electronic voting technology/workshop on trustworthy elections
Ethical issues in e-voting security analysis
FC'11 Proceedings of the 2011 international conference on Financial Cryptography and Data Security
Automated analysis of election audit logs
EVT/WOTE'12 Proceedings of the 2012 international conference on Electronic Voting Technology/Workshop on Trustworthy Elections
Hi-index | 0.00 |
The State of Ohio commissioned the EVEREST study in late summer of 2007. The study participants were charged with an analysis of the usability, stability, and security of all voting systems used in Ohio elections. This paper details the approach and results of the security analysis of the Premier and Hart systems within the EVEREST effort. As in previous studies, we found the election systems to be critically flawed in ways that are practically and easily exploitable. Such exploits could effect election results, prevent legitimate votes from being cast, or simply cast doubt on the legitimacy of the election itself. In this effort we identified new areas of concern including novel exploitable failures of software and election data integrity protection and the discovery of dangerous hidden software features. We begin by describing in depth our systematic methodology for identifying and validating vulnerabilities appropriate for the current complex political climate, and detail and illustrate broad classes of vulnerabilities uncovered using this approach. We conclude by considering the impact of this study both in terms of the tangible vulnerabilities discovered and as a model for performing future analyses.