RIES - Rijnland Internet Election System: A Cursory Study of Published Source Code
- Cite this paper as:
- Gonggrijp R., Hengeveld WJ., Hotting E., Schmidt S., Weidemann F. (2009) RIES - Rijnland Internet Election System: A Cursory Study of Published Source Code. In: Ryan P.Y.A., Schoenmakers B. (eds) E-Voting and Identity. Vote-ID 2009. Lecture Notes in Computer Science, vol 5767. Springer, Berlin, Heidelberg
The Rijnland Internet Election System (RIES) is a system designed for voting in public elections over the internet. A rather cursory scan of the source code to RIES showed a significant lack of security-awareness among the programmers which – among other things – appears to have left RIES vulnerable to near-trivial attacks. If it had not been for independent studies finding problems, RIES would have been used in the 2008 Water Board elections, possibly handling a million votes or more. While RIES was more extensively studied to find cryptographic shortcomings, our work shows that more down–to–earth secure design practices can be at least as important, and the aspects need to be examined much sooner than right before an election.
Keywordselectronic voting internet voting RIES The Netherlands
Unable to display preview. Download preview PDF.