Chapter

E-Voting and Identity

Volume 5767 of the series Lecture Notes in Computer Science pp 157-171

RIES - Rijnland Internet Election System: A Cursory Study of Published Source Code

  • Rop GonggrijpAffiliated withWij vertrouwen stemcomputers niet
  • , Willem-Jan HengeveldAffiliated withWij vertrouwen stemcomputers niet
  • , Eelco HottingAffiliated withWij vertrouwen stemcomputers niet
  • , Sebastian SchmidtAffiliated withWij vertrouwen stemcomputers niet
  • , Frederik WeidemannAffiliated withWij vertrouwen stemcomputers niet

* Final gross prices may vary according to local VAT.

Get Access

Abstract

The Rijnland Internet Election System (RIES) is a system designed for voting in public elections over the internet. A rather cursory scan of the source code to RIES showed a significant lack of security-awareness among the programmers which – among other things – appears to have left RIES vulnerable to near-trivial attacks. If it had not been for independent studies finding problems, RIES would have been used in the 2008 Water Board elections, possibly handling a million votes or more. While RIES was more extensively studied to find cryptographic shortcomings, our work shows that more down–to–earth secure design practices can be at least as important, and the aspects need to be examined much sooner than right before an election.

Keywords

electronic voting internet voting RIES The Netherlands