July 20, 2019

Dutch E-Voting System Has Problems Similar to Diebold's

A team of Dutch researchers, led by Rop Gonggrijp and Willem-Jan Hengeveld, managed to acquire and analyze a Nedap/Groenendaal e-voting machine used widely in the Netherlands and Germany. They report problems strikingly similar to the ones Ari Feldman, Alex Halderman and I found in the Diebold AccuVote-TS.

The N/G machines all seem to be opened by the same key, which is easily bought on the Internet – just like the Diebold machines.

The N/G machines can be put in maintenance mode by entering the secret password “GEHEIM” (which means “SECRET” in Dutch) – just as the Diebold machines used the secret PIN “1111” to enter supervisor mode.

The N/G machines are subject to software tampering, allowing a criminal to inject code that transfers votes undetectably from one candidate to another – just like the Diebold machines.

There are some differences. The N/G machines appear to be better designed (from a security standpoint), requiring an attacker to work harder to tamper with vote records. As an example, the electrical connection between the N/G machine and its external memory card is cleverly constructed to prevent the voting machine from undetectably modifying data on the card. This means that the strategy used by our Diebold virus, which allows votes to be recorded correctly but modifies them a few seconds later, would not work. Instead, a vote-stealing program has to block votes from being recorded, and then fill in the missing votes later, with “improvements”. This doesn’t raise the barrier to vote-stealing much, but at least the machine’s designers considered the problem and did something constructive.

The Dutch paper has an interesting section on electromagnetic emanations from voting machines. Like other computers, voting machines emit radio waves that can be picked up at a distance by somebody with the right equipment. It is well known that eavesdroppers can often exploit such emanations to “see” the display screen of a computer at a distance. Applied to voting machines, such an attack might allow a criminal to learn what the voter is seeing on the screen – and hence how he is voting – from across the room, or possibly from outside the polling place. The Dutch researchers’ work on this topic is preliminary, suggesting a likely security problem but not yet establishing it for certain. Other e-voting machines are likely to have similar problems.

What is most striking here is that different e-voting machines from different companies seem to have such similar problems. Some of the technical challenges in designing an e-voting machine are very difficult or even infeasible to address; and it’s not surprising to see those problems unsolved in every machine. But to see the same simple, easily avoided weaknesses, such as the use of identical widely-available keys and weak passwords/PINs, popping up again, has to teach a deeper lesson.

Comments

  1. (Small typo, “might allow a criminal to what the voter “, missing word)

    Heh, in Japanese, “NG” means “no good” so this was quite amusing.

    Please keep up your good work. You are an amazing source of important information.

  2. El sistema de voto electrónico holandés también es inseguro…

    Un equipo de investigación holandés han analizado las máquinas de voto-e usadas en Holanda y Alemania y han comprobado que tienen los mismos problemas de seguridad que los encontrados en las de Diebold: la llave para su apertura es la misma y se pue…

  3. The ability to see the screen output–briefly scanning through the document–seems to depend on the screen being a CRT, right?

    Seems that it won’t work with a digital cable (shielded) and an LCD, right?

  4. enigma_foundry,

    It’s supposed to work with LCDs and shielded cables too, apparently because of emanations from from other places. See the Kuhn/Anderson paper I linked to from “well known”.

  5. Henryk Plötz says:

    enigma_foundry,

    also see Markus Kuhn’s newer paper “Electromagnetic Eavesdropping Risks of Flat-Panel Displays” at http://www.cl.cam.ac.uk/~mgk25/pet2004-fpd.pdf

  6. The work on the tempest issue is not preliminary, but “finished” – they even showed a modified tomtom with a ready-to-use application to sniff the voting. See http://www.bright.nl/bom-onder-verkiezingen for some images.

  7. Let me point out that there is in fact a confirmed radio emanation security problem in our paper. The LCD being used is character-based, and the driver chip has multiple sources of character bitmaps. Now it seems that these have different access latencies, as we observed that the refresh rate depends on the set of characters that are being displayed. The display refresh now generates a distinctive radio signal that is easily receivable using a commodity hand held radio scanner tuned to the right frequency. It’s possible to actually hear the difference between different refresh rates by ear, without doing any signal analysis at all.

    Conveniently, the conservative party in the Netherlands, the “Christen Democratisch Apèl” is the only party with a special character in its name, and is the only one to get a different refresh rate. So it’s possible to find out who votes conservative with some off the shelf radio. That is a practical attack on the confidentiality of the vote.

    In this case, we were of course lucky to find a certain quirk in the electronics that made analysis trivial. In the general case, extraction of information from an LCD is more difficult. It works a little different than with CRTs. There, it’s easily possibe to reconstruct the actual screen contents, as the screen is refreshed pixel by pixel.

    LCDs drive a complete line at a time, though. If you assume all the driver lines, which act as antennas, to be of the same shape and length, you get a composite signal of a strength proportional to the total energy sent to the pixels in this line. lSo it’s probably impossible to reconstruct the screen contents from a radio analysis. However, the total energy of all lines still is a good fingerprint of the screen contents, and we think it is possible to correlate a measurement with a set of known signals, one for each candidate. We only have to tell apart a fixed set of different messages in the display, after all.

  8. Designing a system to be resistant to all forms of eavesdropping is a difficult exercise, but designing a system to be at least avoid outputting a repetitive signal based upon display content should be standard practice.

    While it’s nice to see the Dutch have put some thought into catching post-election vote alteration, it seems that any proper election system should be protected against surreptitious code alteration by at least the following:

    -1- It must be possible to read out all of the code the device is going to execute, and all the parameters it is going to use, before the election. The device should not be running any code during this readout operation (else the code that was running could output the “right” code for the inspectors even though it had been altered)

    -2- It must be possible for anyone at any time during the election to confirm that code is running from the medium that was verified correct in -1- (perhaps by having a window so people can see the serialized seals affixed to the memory device)

    -3- It must be possible to read out the above after the election as well.

    -4- There must be no way for the code to change any time between steps -1- and -3-.

    I would suggest that the simplest way to provide those assurances would be to have the voting machine run ALL code from a removable memory device which has a hardware write-protect facility. If representatives from both parties read out the device before and after the election, and if the software is publicly available, then there will be no way for a virus to sneak into the system.

    Of course, since nobody really seems to care about election security, it’s easier to just throw a bunch of junk together and call it a voting machine.

  9. //Now it seems that these have different access latencies, as we observed that the refresh rate depends on the set of characters that are being displayed.//

    That seems odd. While I would not be terribly surprised by a difference in access time between RAM and ROM, I would expect that a typical character LCD would design its clocking around the worst-case latency (i.e. always wait the same amount of time for data to be ready, whether or not it’s ready early). I wonder what sort of character LCD doesn’t do that?

    LCD data could be obscured, I would think, by using a pseudorandom bit generator for the shift clock, and outputting random junk on the data output during non-shift cycles. If one could recover the clock and data signals, one could recover the contents of the display, but since the signals would be aperiodic such recovery would be difficult, especially in the presence of many other nonperiodic signals.

  10. It seems odd, yes, but that’s what we observed. The display controller is a Hitachi HD44780, maybe you can find one and play with it to see for yourself.

    The idea of obscuring data emanations is intereresting, but I think most people dont’ have the resources to build their own display controller. It’s probably cheaper to just use proper shielding.

  11. Henryk Plötz says:

    supercat,

    yes, the idea of booting a voting computer off some external memory that can be verified is not new. Some have proposed CD-Rs, for example. That still doesn’t solve the problem that the average voter (and any expert, for that matter) can not see electrons. You can not see if the computer is really executing the code that you put in there, or some other code from some hidden location.

    Think of smartcards, if you will. The active component is small enough to be hidden under a capacitor (or embedded in the PCB) and has enough processing power and storage to drive the whole voting computer.

    Until someone has a really good and different idea, I believe it is impossible to do Direct Recording Electronic right.

  12. says:

    Hi,
    I’m doing some research on Spam ,so ,I left my email here .Thanks for you help.

  13. I’m well familiar with the HD44780 controllers. Probably the most popular line of controllers for text LCDs (though many displays use clones of it). Unless the maker of the particular display module failed to include proper bypass caps, though, I can’t think of any reason that a frequency analysis of the display drive waveforms would reveal anything. The device uses an RC oscillator for its timing, and should be clocking out data at a constant oscillator-derived rate. If a display module lacks a bypass cap, I could see how extra current required for a RAM access could slightly glitch the oscillator, but that would be a function of poor board design rather than a fault of the HD44780.

    Even if proper board layout would fix the frequency-dependency problem, I can see that it would leave the problem of signature consistency (e.g. any time the display is outputting a particular combination of text, it will output the same RF signature). That should be easy to fix, though. Since the HD44780 has an oscillator pin, it should be possible to drive that pin with something like a PSOC generating a pseudo-random pulse train. It would not be hard to arrange things so the frame rate was constant even though the drive waveform was aperiodic. The extra component required would cost under $1, though it would be necessary either to engineer a display module rather than buying one off the shelf, or else to remove a part from a display module and run a wire to another board.

  14. Henry: Nearly all DRE devices are way too complicated. Booting from CD-ROM is no good, since any device capable of doing so must have a boot ROM, and a malevolently-designed boot ROM could cause the machine to execute something other than what’s stored in the CD-ROM.

    IMHO, a good DRE should consist of a Z80 or similar microprocessor, some static RAM, and some discrete logic to interface the RAM, buttons, cartridge slot, and display. Each cartridge would consist of nothing but one or two 27C256 chips with physically-securable switches on the programming pins. All chips would be gull-winged DIPs, inserted into rectangular holes (so there would be visibly nothing underneath them). When it was necessary to secure the cartridge during an election, an opaque metal clamp would surround the EPROM, with a small window to allow the seals on the device to be seen.

    From time to time, a random set of machines could be x-rayed. Since there would be nothing under the chips, an X-ray should have no trouble confirming that they are at least superficially what they claim to be. All of the devices named should be sufficiently simple that any substitution of chips (with relabeled packages) would be obvious.

  15. Just use a faraday cage for the emanation issue. Put the voting machine in an individual Faraday cage.

  16. Windows to see the memory chips? Bootable CD-ROMS? Xrays? The solution is so mind blowingly simple and yet nobody seems to mention it. A paper trail! After somebody votes, allow them to see their entry on the printout (that stays in the machine. When they verify the vote is recorded correctly, the paper advances so nobody can see it. This is the only option that would actually make the voter themselves trust the system. If there is an effective paper backup nobody would bother trying to hack them since there would be no point – they’d be found out (unless you pay off the judges to disallow recounts – whic is possible, even likely esp in the US/Mex)
    If every cash register made in the last 100 years can manage to print a receipt – why can’t our highest technology do it? Answer – they can but it’s in their interests that voting is NOT secure, and as long as that’s true, and people don’t call them on it – all this discussion is completely academic.

  17. Are those machines using Linux?

  18. Another idea for secure testable voting:
    Put a PIN or password on your ballot.
    Use the PIN and the ballot serial number to verify your vote online.
    If you use the wrong PIN, the system still works, but it shows your vote inaccurately. It could be random, or it could be deterministic, so you can make your ballot appear any way you want by adding a number to your PIN.
    So you can check your own vote, but nobody can prove you voted for anything, unless they know your PIN, which need only be in your head and on your secret ballot. (and in the online computer system)

  19. That requires no third party be able to be 100% sure of your pin, and that you can’t prove what your pin is (or you could sell your vote). If the pin is put into the ballot along with your vote, behind a privacy screen, this may be a nonissue.

  20. The debate starts in France too for the upcoming 2007 elections, here is an article (in french) on my blog :

    http://guerby.org/blog/index.php/2007/01/28/143-vote-electronique-et-transparence

  21. lotro gold says:

    Are those machines using Windows??