CRCS Lunch Seminar

Date: Monday, January 24, 2011

Time: 11:30am – 1:-00pm

Place: Maxwell Dworkin 119

Speaker: Alex Halderman, Univ. of Michigan

Title: : Security Problems in India’s Electronic Voting System

Abstract: : India uses paperless electronic voting machines (EVMs) for its state and national elections. These machines use a simple embedded system architecture that makes them considerably different from the complex electronic voting systems found in the U.S. and Europe (where almost all prior research has focused). Despite growing suspicions of fraud, Indian authorities have never permitted a serious, independent review of the machines’ security.

Hyderabad-based engineer Hari Prasad spent a year trying to convince election officials to complete such a review, but they insisted that the government-made machines were “perfect,” “infallible,” and “tamperproof.” Then, in February 2010, an anonymous source gave him access to one of the machines for study. E-voting researchers J. Alex Halderman from the University of Michigan and Rop Gonggrijp from the Netherlands join him in India for the study. The team discovered that, far from being tamper-proof, the machines suffer from serious weaknesses that could be exploited to alter national election results.

Months of hot debate about these findings have produced a growing consensus that India’s electronic voting machines should be scrapped, as well as nascent efforts to create a better system. There have also been more disturbing developments: Prasad was arrested and jailed in August by authorities demanding to know the identity of the anonymous source. He has since been released on bail, and received the Electronic Frontier Foundation’s Pioneer Award for his work.

In this talk, Halderman will describe the design and motivations behind India’s electronic voting system, the technical problems, and the implications of the machines’ security weaknesses for voting technology in India and beyond. He’ll also discuss some of the formidable practical challenges that India and many other democracies face in conducting elections. Designing voting systems that provide transparency and security under these constraints presents many open problems.

Paper and website:

Security Analysis of India’s Electronic Voting Machines.

By Scott Wolchok, Eric Wustrow, J. Alex Halderman, Hari K. Prasad, Arun Kankipati, Sai Krishna Sakhamuri, Vasavya Yagati, and Rop Gonggrijp.

In Proc. 17th ACM Conference on Computer and Communications Security (CCS), October 2010.

http://www.indiaevm.org/

Bio: J. Alex Halderman is an assistant professor of electrical engineering and computer science at the University of Michigan, where his research spans computer security and tech-centric public policy. He is best known for his work developing the “cold boot attack” against disk encryption systems, for exposing the Sony DRM rootkit and other harmful side effects of DRM, and for finding security flaws in many different electronic voting systems. Recently, Halderman and his students participated in a public trial of an Internet voting system fielded by the city of Washington, D.C.; within 36 hours, they were able to take control of the servers and change every vote.

Homepage: http://www.cse.umich.edu/~jhalderm/