RIES - Rijnland Internet Election System: A Cursory Study of Published Source Code

  • Rop Gonggrijp
  • Willem-Jan Hengeveld
  • Eelco Hotting
  • Sebastian Schmidt
  • Frederik Weidemann
Conference paper

DOI: 10.1007/978-3-642-04135-8_10

Part of the Lecture Notes in Computer Science book series (LNCS, volume 5767)
Cite this paper as:
Gonggrijp R., Hengeveld WJ., Hotting E., Schmidt S., Weidemann F. (2009) RIES - Rijnland Internet Election System: A Cursory Study of Published Source Code. In: Ryan P.Y.A., Schoenmakers B. (eds) E-Voting and Identity. Vote-ID 2009. Lecture Notes in Computer Science, vol 5767. Springer, Berlin, Heidelberg

Abstract

The Rijnland Internet Election System (RIES) is a system designed for voting in public elections over the internet. A rather cursory scan of the source code to RIES showed a significant lack of security-awareness among the programmers which – among other things – appears to have left RIES vulnerable to near-trivial attacks. If it had not been for independent studies finding problems, RIES would have been used in the 2008 Water Board elections, possibly handling a million votes or more. While RIES was more extensively studied to find cryptographic shortcomings, our work shows that more down–to–earth secure design practices can be at least as important, and the aspects need to be examined much sooner than right before an election.

Keywords

electronic voting internet voting RIES The Netherlands 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Rop Gonggrijp
    • 1
  • Willem-Jan Hengeveld
    • 1
  • Eelco Hotting
    • 1
  • Sebastian Schmidt
    • 1
  • Frederik Weidemann
    • 1
  1. 1.Wij vertrouwen stemcomputers nietAmsterdamThe Netherlands

Personalised recommendations