Skip to main content
SpringerLink
Log in

Ethical Issues in E-Voting Security Analysis

  • Conference paper
Financial Cryptography and Data Security (FC 2011)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7126))

Included in the following conference series:

Abstract

Research about weaknesses in deployed electronic voting systems raises a variety of pressing ethical concerns. In addition to ethical issues common to vulnerability research, such as the potential harms and beneifts of vulnerability disclosure, electronic voting researchers face questions that flow from the unique and important role voting plays in modern democratic societies. Should researchers worry that their own work (not unlike the flaws they study) could sway an election outcome? When elected officials authorize a security review, how should researchers address the conflicted interests of these incumbent politicians, who may have powerful incentives to downplay problems, and might in principle be in a position to exploit knowledge about vulnerabilities when they stand for re-election? How should researchers address the risk that identifying specific flaws will lead to a false sense of security, after those particular problems have been resolved? This paper makes an early effort to address these and other questions with reference to experience from previous e-voting security reviews. We hope our provisional analysis will help practicing researchers anticipate and address ethical issues in future studies.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Appel, A.W.: How I Bought Used Voting Machines on the Internet (February 7, 2007), http://www.cs.princeton.edu/~appel/avc/

  2. Appel, A., Ginsburg, M., Hursti, H., Kernighan, B.W., Richards, C.D., Tan, G., Venetis, P.: The New Jersey Voting-Machine Lawsuit and the AVC Advantage DRE Voting Machine. In: Proc. Electronic Voting Technology Workshop/Workshop on Trustworthy Elections (EVT/WOTE) (2009)

    Google Scholar 

  3. Aviv, A., Cerný, P., Clark, S., Cronin, E., Shah, G., Sherr, M., Blaze, M.: Security Evaluation of ES&S Voting Machines and Election Management System. In: Proc. USENIX/ACCURATE Electronic Voting Technology Workshop (EVT) (2008)

    Google Scholar 

  4. Brunner, J., et al.: Ohio Secretary of State’s Evaluation & Validation of Election-Related Equipment, Standards & Testing (EVEREST) (December 2007)

    Google Scholar 

  5. Butler, K., Enck, W., Hursti, H., McLaughlin, S., Traynor, P., McDaniel, P.: Systemic Issues in the Hart InterCivic and Premier Voting Systems: Reflections on Project EVEREST. In: Proc. USENIX/ACCURATE Electronic Voting Technology Workshop (EVT) (2008)

    Google Scholar 

  6. Carney, E.N.: Voting Without a Net in South Carolina. National Journal (June 21, 2010), http://www.nationaljournal.com/njonline/rg_20100621_7815.php

  7. Checkoway, S., Feldman, A.J., Kantor, B., Alex Halderman, J., Felten, E.W., Shacham, H.: Can DREs Provide Long-Lasting Security? The Case of Return-Oriented Programming and the AVC Advantage. In: Jefferson, D., Hall, J.L., Moran, T. (eds.) Proc. USENIX/ ACCURATE Electronic Voting Technology Workshop (EVT) (August 2009)

    Google Scholar 

  8. Claburn, T.: Google Seeks Redefinition of Responsible Disclosure. InformationWeek (July 2010), http://www.informationweek.com/news/smb/security/showArticle.jhtml?articleID=226100117

  9. Epstein, J., et al.: D.C’s Web Voting Test, the Hackers Were the Good Guys. Washington Post (October 2010), http://voices.washingtonpost.com/local-opinions/2010/10/in_dcs_web_voting_test_the_hac.html

  10. Fail, B.: HAVA’s Unintended Consequences: A Lesson for Next Time. Yale Law Journal 116 (2006), http://www.yalelawjournal.org/pdf/116-2/Fail.pdf

  11. Feldman, A.J., Alex Halderman, J., Felten, E.W.: Security Analysis of the Diebold AccuVote-TS Voting Machine. In: Proc. USENIX/ACCURATE Electronic Voting Technology Workshop (EVT), Boston, MA (August 2007)

    Google Scholar 

  12. Gonggrijp, R., Hengeveld, W.-J.: Studying the Nedap/Groenendaal ES3B Voting Computer: A Computer Security Perspective. In: Proc. USENIX/ACCURATE Electronic Voting Technology Workshop (EVT) (2007)

    Google Scholar 

  13. Alex Halderman, J., Feldman, A.J.: Pac-Man on the Sequoia AVC-Edge DRE Voting Machine (August 2010), http://www.cse.umich.edu/~jhalderm/pacman/

  14. Harris, B.: System Integrity Flaw Discovered At Diebold Elections System. Scoop (Februaary 10, 2003), http://www.scoop.co.nz/stories/HL0302/S00052.htm

  15. Kohno, T., Stubblefield, A., Rubin, A.D., Wallach, D.S.: Analysis of an Electronic Voting System. In: Proc. IEEE Symposium on Security and Privacy, Oakland, CA, pp. 27–40 (May 2004)

    Google Scholar 

  16. Mercuri, R.: Trust the Vote? Not in DC! OpEdNews (November 8, 2010), http://www.opednews.com/articles/Trust-the-vote-Not-in-DC-by-Rebecca-Mercuri-101108-990.html

  17. Paul, R.: E-vothing Bendor Blocks Security Audit with Legal Threats. ars technica (2008), http://arstechnica.com/tech-policy/news/2008/03/e-voting-blocks-e-voting-security-audit-with-legal-threat.ars

  18. Proebstel, E., Riddle, S., Hsu, F., Cummins, J., Oakley, F., Stanionis, T., Bishop, M.: An Analysis of the Hart Intercivic DAU eSlate. In: Proc. USENIX/ACCURATE Electronic Voting Technology Workshop (EVT) (2007)

    Google Scholar 

  19. Vic Rawl for U.S. Senate. Statement of Judge Vic Rawl (June 14, 2010), http://www.vicrawl.com/vicrawl/post/1023-statement-of-judge-vic-rawl

  20. Tyre, J.: 2010 Pioneer Award Winner Hari Prasad Defends India’s Democracy. EFF Deeplinks Blog (November 1, 2010), https://www.eff.org/deeplinks/2010/11/2010-pioneer-award-winner-hari-prasad-defends

  21. Wagner, D.A., et al.: California Secretary of State’s Top-to-Bottom Review (TTBR) of Electronic Voting Systems (July 2007)

    Google Scholar 

  22. Wolchok, S., Wustrow, E., Alex Halderman, J., Prasad, H.K., Kankipati, A., Sakhamuri, S.K., Yagati, V., Gonggrijp, R.: Security Analysis of India’s Electronic Voting Machines. In: Proc. 17th ACM Conference on Computer and Communications Security (CCS), Chicago, IL (Oct ober 2010)

    Google Scholar 

  23. Wustrow, E., Wolchok, S., Isabel, D., Alex Halderman, J.: Security Analysis of the Washington, D.C. Internet Voting System (2010) (in preparation)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Information Society Project, Yale Law School, USA

    David G. Robinson

  2. The University of Michigan, USA

    J. Alex Halderman

Authors
  1. David G. Robinson
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. J. Alex Halderman
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Microsoft Research Cambridge, Roger Needham Building, 7 J J Thomson Avenue, CB3 0FB, Cambridge, UK

    George Danezis

  2. Department of Computer Science, Stevens Institute of Technology, Castle Point on Hudson, 07030, Hoboken, NJ, USA

    Sven Dietrich

  3. Central Research Laboratories, NEC Corporation, 1753 Shimonumabe Nakahara, 211-8666, Kawasaki, Japan

    Kazue Sako

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Robinson, D.G., Halderman, J.A. (2012). Ethical Issues in E-Voting Security Analysis. In: Danezis, G., Dietrich, S., Sako, K. (eds) Financial Cryptography and Data Security. FC 2011. Lecture Notes in Computer Science, vol 7126. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29889-9_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-29889-9_10

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-29888-2

  • Online ISBN: 978-3-642-29889-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation