Security Theater Seminar, Sun 25/Nov/2012 at 14:00 : Brazilian e-Voting

[Yossi Oren]

Sunday, 25 November 2012, at 14:00

                    Room 146, Labs Building

Software Vulnerabilities in the Brazilian Voting Machine

Abstract: This report presents a security analysis of the Brazilian voting machine software based on the the experience of the authors while participating at the 2nd Public Security Tests of the Electronic Voting System organized by the Superior Electoral Court (SEC). During the event, vulnerabilities in the software were detected and explored to allow recovery of the ballots in the order they were cast. We present scenarios where these vulnerabilities allow electoral fraud and suggestions to restore the security of the affected mechanisms. Additionally, other flaws in the software and its development process are discussed. In particular, this report details the main design and/or implementation problems detected on the security mechanisms of the voting machine software.

Speaker Bio: Diego de Freitas Aranha is an assistant professor in the Department of Computer Science of the University of Brasília.  His research interests are: Efficient algorithms and software implementations for Elliptic Curve Cryptography and Pairing-Based Cryptography.

Recorded at the 2012 Usenix Electronic Voting Technology Workshop/Workshop on Trustworthy Elections (EVT/WOTE '12), Bellevue WA USA, August 8, 2012 https://www.usenix.org/conference/evtwote12/title-tbd

For more information about the Security Theater, please visit: http://www.eng.tau.ac.il/~consel/SecurityTheater