DARPA to Bring its Smart Ballot Boxes to DEF CON for Hacking

  /     /     /  
Publicated : 23/11/2024   Category : security


DARPA to Bring its Smart Ballot Boxes to DEF CON for Hacking


The agency this week will share the source code and hardware specifications for the secure voting system prototypes.



US Defense Advanced Research Projects Agency (DARPA) researchers will set up three new smart electronic ballot-box prototypes at DEF CONs famed Voting Village next week in Las Vegas, but they wont be challenging hackers at the convention to crack them: Theyll be helping them do so.
We are providing the source code specifications, tests, and actually even providing participants at DEF CON with an easy way of actually putting their own malicious software into [the devices], explains Daniel Zimmerman, principal researcher with Galois, a DARPA contractor working on the project. Were not daring them but actually helping them break this.
DARPAs smart ballot box is the Defense Department agencys prototype, featuring a secure, open source hardware platform that could be used not only in voting platforms, but also in military systems. Its part of a broader DARPA project called
System Security Integrated Through Hardware and Firmware (SSITH)
, which is developing hardware security architectures and tools that are better protected from hardware vulnerabilities exploited in software. DARPA ultimately hopes to build secure chip-level processors that thwart hardware hacks as well as software-borne attacks.
Zimmerman, whose team is developing methods and tools to measure the security of the processors, says the smart ballot box prototypes at DEF CON are a way for DARPA to get a broader evaluation of just how secure the processors really are. This goes beyond yes, its secure, or no, its not, he explains. The project is aimed at getting as comprehensive a security analysis of the technology as possible, meaning a wider range of people being able to hammer on these systems to try to find flaws, Zimmerman adds.
The DEF CON demonstrations are the start of a two-year public evaluation of the processors, he says. The team will release the source code and hardware specifications this week. The source code will be out, the hardware specs will be out there, he says, and by the end of the year, a low-cost version of [the ballot box prototype] you can buy and hack at home.
The smart ballot box, which is about the size of a two-drawer filing cabinet with a letter-sized printer lid on top, runs on a small embedded RISC 5 processor with a FreeRTOS-based custom software app. Theres a separate touch screen where voters mark their votes, and a connected printer spits out the ballots. The touch screen and printer arent part of the hacking experiment: just the ballot box.
The smart ballot box reads the barcoded ballots to determine whether they are valid for the election. It allows voters to confirm their votes and either cast or ditch (aka spoil) them. Were not doing an end-to-end verifiability crypto system this year, notes Zimmerman, but instead, a more visible verification process so participants can see the operation. DARPA instead is employing basic cryptography for the system to accept ballots.
He says hackers at DEF CON could, for example, try to compromise the ballot box to accept duplicate ballots or spoiled ballots. Or they could fool the box into reading a different result than the actual one on the ballot. We will have a reporting system that takes the output from the ballot box and uses it to compute the election results so they then can be compared with pieces of paper in the ballot box, he says.
But the DARPA smart ballot box is not anything close to a real prototype product or system. Its all about providing an interesting system to hack and find holes. This was never intended to be a viable product; were trying to be very clear about that, he says. And each of three ballot boxes will be based on a different SSITH processor that DARPA has built.
Election systems are in the hot seat now, so putting out prototypes for that area is likely to attract more researchers than a less familiar military system might, he notes.
It Took a Village
DEF CONs wildly popular Voting Village first debuted in 2017, a year after the 2016 US presidential election was rocked by Russias online meddling campaign, raising concerns over how a nation-state or other threat actor could disrupt or tamper with election systems and voting machines. The Voting Village has served as a hands-on workshop, of sorts, for hackers or burgeoning hackers to take a crack at decommissioned voting systems, equipment, and simulated election websites. In the very first year, participants
found two zero-day flaws
within the first 90 minutes the event began.
There were 30 pieces of voting equipment in the room, including Sequoia AVC Edge, ES&S iVotronic, Diebold TSX, WinVote, and Diebold Expresspoll 4000 voting machines. In 2018, there was even more voting machine equipment - and successful hacks - as well as a replica database that housed the real, publicly available state of
Ohio voter registration roll
. One attendee was able to break through two layers of firewalls in front of the server but ultimately couldnt pull the data.
DARPAs open source hardware, not surprisingly, is expected to be the hot feature of the Village this year. While the SSITH processors are unlikely to see the light of day in todays commercial - and mostly proprietary - voting machines and election equipment in the foreseeable future, the project has security experts calling for more open voting system architectures.
As far as open source hardware, I think it probably has a long way to go before we see it in elections or other computing environments, notes Zimmerman.
Carsten Schuermann, an
election security expert
 who famously hacked a WinVote voting machine at the very first DEF CON Voting Village, says open source is key to ensuring transparency of voting systems. He says he isnt sold that open source systems necessarily mean better security, but they would provide election and government officials with better insight into how secure the voting and election equipment they buy and use really are.
I believe voting machine vendors usually are trying to do their best [with security] within the budget they have, and they also do the minimum thing to satisfy the requirements the government gave them, says Schuermann, who is an associate professor at the IT University of Copenhagen.
Like other experts, he worries about public confidence in election systems and their outcomes, especially in the wake of the 2016 US election. If vendors are keeping experts in the dark on their security, it can cause mistrust among the electorate, according to Schuermann.
Microsoft, meantime, has built an open-source election system software development tool called
ElectionGuard
, which employs vote verification via encryption methods so voters can confirm their votes were counted and election officials can verify results. The vendor demonstrated a prototype voting system last month and already has inked partnerships with voting system vendors such as Smartmatic and Clear Ballot. It also said Dominion Voting Systems is exploring using ElectionGuard in its products. 
ElectionGuard is not scheduled or expected to be part of the DEF CON Voting Village as of this posting. The full Voting Village schedule has not yet been released.
Related Content:
DEF CON Rocks the Vote with Live Machine Hacking
Voting System Hacks Prompt Push for Paper-Based Voting
The ABCs of Hacking a Voting Machine
4 Practical Measures to Improve Election Security Now
The State of IT Operations and Cybersecurity Operations
 
 
Black Hat USA returns to Las Vegas with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions, and service providers in the Business Hall. Click for information on the 
conference
 and 
to register.
 
 
 
 

Last News

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
DARPA to Bring its Smart Ballot Boxes to DEF CON for Hacking