An Authentication and Ballot Layout Attack Against an Optical Scan Voting Terminal

Aggelos Kiayias, Laurent Michel, Alexander Russell, Narasimha Shashidhar, Andrew See, Alexander A. Shvartsman

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract / Description of output

Recently, two e-voting technologies have been introduced and used extensively in election procedures: direct recording electronic (DRE) systems and optical scanners. The latter are typically deemed safer as many recent security reports have discovered substantial vulnerabilities in a variety of DRE systems. In this paper we present an attack against the Diebold Accuvote optical scan voting terminal (AV-OS). Previously known attacks direct to the AV-OS required physical access to the memory card and use of difficult to find hardware (card reader/writer).

Our attack bypasses these issues by using the serial port of the AV-OS terminal and reverse engineering the communication protocol, in essence, using the terminal itself as a reader/writer. Our analysis is based solely on reverse-engineering. We demonstrate how an attacker can exploit the serious security vulnerability of weak (non-cryptographic) authentication properties of the terminal. The attack payload delivers a tampered ballot layout that, depending on the scenario, allows swapping of candidate votes, neutralizing votes, or even shifting votes from one candidate to another.
Original languageEnglish
Title of host publicationEVT'07 Proceedings of the USENIX Workshop on Accurate Electronic Voting Technology
Place of PublicationBerkeley, CA, USA
PublisherUSENIX Association
Number of pages1
Publication statusPublished - 2007

Publication series

PublisherUSENIX Association


Dive into the research topics of 'An Authentication and Ballot Layout Attack Against an Optical Scan Voting Terminal'. Together they form a unique fingerprint.

Cite this