Title :
RFID-based electronic voting: What could possibly go wrong?
Author :
Oren, Yossef ; Wool, Avishai
Author_Institution :
Comput. & Network Security Lab., Tel-Aviv Univ., Ramat Aviv, Israel
Abstract :
When Israel´s Ministry of Internal Affairs decided to move to electronic voting, it chose to replace the traditional paper ballot with secure contactless smartcards. The system was designed around HF RFID technology to make voting stations easier to use and less prone to mechanical faults. However, in doing so the system was exposed to a powerful class of hardware-based attacks called relay attacks, which can extend the interrogation range of HF RFID tags far beyond the nominal range of 5 centimetres. We show how a low-budget adversary armed with a relay device can read out all votes already cast into the ballot box, suppress the votes of one or several voters, rewrite votes at will and even completely disqualify all votes in a single voting station. Our attacks are easy to mount, very difficult to detect, and compromise both the confidentiality and the integrity of the election system.
Keywords :
government data processing; radiofrequency identification; security of data; smart cards; HF RFID technology; RFID based electronic voting; hardware based attack; relay attack; secure contactless smartcard; Costs; Electronic voting; IEC standards; ISO standards; Law; Nominations and elections; Power system relaying; Radiofrequency identification; Relays;
Conference_Titel :
RFID, 2010 IEEE International Conference on
Conference_Location :
Orlando, FL
Print_ISBN :
978-1-4244-5742-7
DOI :
10.1109/RFID.2010.5467269
