security flaws in existing voting systems by slavik krassovsky
TRANSCRIPT
![Page 1: Security flaws in existing voting systems by Slavik Krassovsky](https://reader036.vdocument.in/reader036/viewer/2022082817/56649daa5503460f94a97c6a/html5/thumbnails/1.jpg)
Security flaws in existing voting systems
by Slavik Krassovsky
![Page 2: Security flaws in existing voting systems by Slavik Krassovsky](https://reader036.vdocument.in/reader036/viewer/2022082817/56649daa5503460f94a97c6a/html5/thumbnails/2.jpg)
Introduction
HAVA $3.9 billion appropriated in states aid
DRE Vendors: Diebold ES&S MicroVote WINvote Sequoia Hart InterCivic
![Page 3: Security flaws in existing voting systems by Slavik Krassovsky](https://reader036.vdocument.in/reader036/viewer/2022082817/56649daa5503460f94a97c6a/html5/thumbnails/3.jpg)
DRE Machine Architecture
Touch ScreenVoter
Smart Card Reader
Network
HardDrive
![Page 4: Security flaws in existing voting systems by Slavik Krassovsky](https://reader036.vdocument.in/reader036/viewer/2022082817/56649daa5503460f94a97c6a/html5/thumbnails/4.jpg)
Certification process Is done per FEC guidelines
ITAs Ciber Wyle SysTest
Off-the-shelf hardware and software is exempt
![Page 5: Security flaws in existing voting systems by Slavik Krassovsky](https://reader036.vdocument.in/reader036/viewer/2022082817/56649daa5503460f94a97c6a/html5/thumbnails/5.jpg)
Media reported problems
01/04, Broward County, Florida: 134 out of 10,844 votes are missing
11/03, Boone County, Indiana: 144,000 votes were cast but Boone
County contains fewer than 19,000 01/04, Hinds County, Mississippi:
Machines stayed down all day
![Page 6: Security flaws in existing voting systems by Slavik Krassovsky](https://reader036.vdocument.in/reader036/viewer/2022082817/56649daa5503460f94a97c6a/html5/thumbnails/6.jpg)
Diebold
Analyzed by researches: Hardcoded DES key No Smart card authentication Unsecure smart card deactivation Hardcoded PIN Etc...
![Page 7: Security flaws in existing voting systems by Slavik Krassovsky](https://reader036.vdocument.in/reader036/viewer/2022082817/56649daa5503460f94a97c6a/html5/thumbnails/7.jpg)
Attacks
Attacks on the machine
Undetectable rigging
Touch ScreenVoter
Smart Card Reader
Network
HardDrive
![Page 8: Security flaws in existing voting systems by Slavik Krassovsky](https://reader036.vdocument.in/reader036/viewer/2022082817/56649daa5503460f94a97c6a/html5/thumbnails/8.jpg)
Other problems
No way to verify that their votes were recorded correctly
No way to publicly count the votes No meaningful recounts are possible
![Page 9: Security flaws in existing voting systems by Slavik Krassovsky](https://reader036.vdocument.in/reader036/viewer/2022082817/56649daa5503460f94a97c6a/html5/thumbnails/9.jpg)
Conclusion
Some problems can be solved by strict certification
But some problems are inherent
It’s best to look for alternatives