Hacking Democracy: An In Depth Analysis of the ES&S Voting Systems

Presented at The Last HOPE (2008), July 18, 2008, 2 p.m. (60 minutes)

Last Fall, Ohio Secretary of State Jennifer Brunner commissioned Project EVEREST, a comprehensive security review of the electronic voting technology used in her state. The project contracted several academic teams and others to examine the election procedures, equipment, and source code used in that state, with the aim of identifying any problems that might render elections vulnerable to tampering under operational conditions. The ten-week project examined in detail the touch-screen, optical scan, and election management technology from e-voting vendors ES&S, Hart InterCivic, and Premier Election Systems (formerly Diebold). Penn led the analysis of the ES&S system source code, which is also used by voters in 42 other U.S. states besides Ohio. This talk will outline the U. Penn team's findings, which included the discovery of exploitable security vulnerabilities in almost every hardware and software component of the ES&S touch-screen and optical scan systems. Some of these flaws could allow a single malicious voter or poll worker to alter countywide election results, possibly without detection. The team will discuss their findings and will also describe more generally the process of analyzing 700,000 lines of unfamiliar source code in less than ten weeks under highly constrained conditions. The full 334 page report (which also includes analysis of the Hart and Premier systems done at Penn State and WebWise Security) can be downloaded from the Ohio Secretary of State's web site at http://www.sos.state.oh.us/sos/info/EVEREST/14-AcademicFinalEVERESTReport.pdf

Presenters:

  • Pavol Cerny
    Pavol Cerny is a PhD student at the University of Pennsylvania. His research interests include algorithmic verification of confidentiality and other security properties. He graduated from ENS Paris in 2003.
  • Adam Aviv
    Adam Aviv is a PhD student at the University of Pennsylvania. He received his undergraduate degree from Columbia University.
  • Micah Sherr
    Micah Sherr is a PhD Candidate in the Department of Computer and Information Science at the University of Pennsylvania. His academic interests include anonymity, e-voting security, and eavesdropping and wiretap systems.
  • Gaurav Shah
    Gaurav Shah is a PhD candidate in computer and information sciences at the University of Pennsylvania. His research interests include covert channels, network security, and distributed systems. His work on Keyboards and Covert Channels won Best Student Paper at Usenix Security Symposium 2006.
  • Eric Cronin
    Eric Cronin is a PhD candidate in computer and information sciences at the University of Pennsylvania. A longtime member of the hacker community, his research interests include network security, privacy, and distributed systems.
  • Sandy Clark / Mouse as Sandy Clark
    Sandy Clark (Mouse) has been taking things apart since the age of two, and still hasn't learned to put them back together. Luckily, in the University of Pennsylvania's Distributed Systems Lab, this behavior is actively encouraged. A founding member of Toool-USA, she also enjoys puzzles, toys, Mao (the card game), and infrastructure hacking. Her research explores human scale security and the unexpected ways that systems interact.
  • Matt Blaze
    Matt Blaze is an associate professor of computer and information sciences and director of the Trusted Network Eavesdropping and Countermeasures project at the University of Pennsylvania. His research interests include secure systems, cryptology and cryptographic protocols, and large-scale systems.

Links: