marco

Voting is the process through which a democratic society determines its government. Therefore, voting systems are as important as other well-known critical systems, such as air traffic control systems or nuclear plant monitors. Unfortunately, voting systems have a history of failures that seems to indicate that their quality is not up to the task. Because of the alarming frequency and impact of these malfunctions, in recent years a number of vulnerability analysis exercises have been carried out against voting systems to determine if their confidentiality, integrity, and availability can be compromised. We have participated in two such large-scale projects, sponsored by the Secretaries of State of California and Ohio, in which the electronic voting machines used in those two states were tested. In our testing, we identified major flaws and implemented a number of attacks, which allowed us to take complete control of the examined voting systems. As a result of these evaluations, the Secretaries of State recommended changes to improve the security of the voting process. In this paper, we describe the methodology that we used in testing the two real-world electronic voting systems we evaluated, the findings of our analysis, our system-wide attacks, and the lessons we learned.