A new web electoral system employed in the newest New South Wales state election contains a major vulnerability that might permit a man-in-the middle assaulter to scan and manipulate votes, per researchers.
In a Sunday journal post, University of Melbourne analysis fellow genus Vanessa Teague, and University of Michigan prof J. Alex Halderman made public their preliminary analysis of the iVote system, that illustrated the vulnerabilities within the on-line electoral system that are gift for nearly per week which has collected over sixty six,000 votes.
A Man-in-the-Middle that Changes Votes
The iVote ballot web site, cvs.ivote.nsw.gov.au, is served over secure HTTPS, however the location enclosed extra JavaScript from a less secure external server, ivote.piwikpro.com, that could be a service accustomed track website guests.
The ivote.piwikpro.com server was found to own terribly poor security per the SSLLabs SSL Server check, creating it at risk of several SSL attacks together with the recently discovered FREAK attack.
FREAK may well be exploited to leverage a man-in-the-middle attack that manipulates the voter’s affiliation and inject malicious JavaScript into the iVote website, dynamic however the location operates while not triggering any browser warnings to intercepts and manipulate votes. Those vulnerable area unit voters employing a browser that hasn’t been patched for FREAK, and connecting to a malicious network like a malware-infected wireless local area network access purpose
In a proof of thought victimisation associate degree iVote observe server, the researchers were able to prove that a might permit associate degree assaulter to vary a vote. however they might conjointly steal the voter’s PIN and receipt range, that is employed to verify a vote.
No Reliable thanks to Verify on-line Votes
iVote’s verification method permits voters to dial a signaling and enter their iVote ID, PIN, and receipt range to listen to a pc scan back their ballot picks. And given the vulnerabilities, this technique doesn’t facilitate prove the validity of ballots.
The assaulter might direct the citizen to a faux verification sign that will scan back the citizen’s supposed decisions or they might delay the vote submission so the voter navigates away before progressing to see their receipt number. And since the verification signaling is about to clean up once polls shut, associate degree attack centered on unpunctual votes would be abundant more durable to find.
Electoral Commission Addresses Some Concerns; Others stay Unresolved
Teague and Halderman reportable the vulnerability to sure thing Australia on weekday, March 20, and daily later the NSW Electoral Commission updated iVote to disable the code from piwikpro.com. however the vulnerability was existent for nearly per week before it had been addressed , going away thousands of votes receptive potential manipulation.
Also, the most entryway, http://www.ivote.nsw.gov.au/, still runs plain communications protocol, that means associate degree assaulter target voters before they reach the secure server victimisation associate degree ssl_strip attack, which might might permit associate degree assaulter to trick the citizen into thinking they’re on a secure website.
Secure on-line ballot Remains a particularly tough Proposition generally
“The vulnerability to the FREAK attack illustrates all over again why web ballot is tough to try to to firmly,” Teague and Halderman wrote, noting that FREAK, that was simply weeks before the election, given associate degree unforeseen vulnerability into a system that had been in development for years. “We will bet that there area unit one or additional major HTTPS vulnerabilities waiting to be discovered (and maybe already acknowledged to stylish attackers). Verification could be a important safeguard against such unknown issues, however at the best it detects issues instead of preventing them.”
The researchers suggest NSW and different locales experimenting with on-line ballot like Estonia and Washington, D.C. to shelve on-line ballot plans till pc security catches up.
“Securing web ballot needs resolution a number of the toughest issues in pc security, and even the littlest mistakes will undermine the integrity of the election result,” the researchers wrote. “That’s why most specialists agree that web ballot can’t be adequately secured with current technology.”
Researchers Find Critical Security Flaws in New South Wales Online Voting System
