MIT researchers identify security vulnerabilities in voting app

By February 13, 2020 No Comments

Lately, there was a rising hobby in the use of web and cellular generation to extend get right of entry to to the vote casting procedure. On the similar time, laptop safety mavens warning that paper ballots are the one safe method of vote casting.

Now, MIT researchers are elevating every other fear: They are saying they’ve exposed safety vulnerabilities in a cellular vote casting utility that was once used all over the 2018 midterm elections in West Virginia. Their safety research of the appliance, known as Voatz, pinpoints plenty of weaknesses, together with the chance for hackers to vary, prevent, or disclose how a person consumer has voted. Moreover, the researchers discovered that Voatz’s use of a third-party dealer for voter identity and verification poses doable privateness problems for customers.

The findings are described in a brand new technical paper via Michael Specter, a graduate scholar in MIT’s Division of Electric Engineering and Laptop Science (EECS) and a member of MIT’s Web Coverage Analysis Initiative, and James Koppel, additionally a graduate scholar in EECS. The analysis was once carried out underneath the steering of Daniel Weitzner, a main analysis scientist at MIT’s Laptop Science and Synthetic Intelligence Lab (CSAIL) and founding director of the Web Coverage Analysis Initiative.

After uncovering those safety vulnerabilities, the researchers disclosed their findings to the Division of Place of origin Safety’s Cybersecurity and Infrastructure Company (CISA). The researchers, at the side of the Boston College/MIT Era Legislation Medical institution, labored in shut coordination with election safety officers inside of CISA to be sure that impacted elections officers and the seller have been acutely aware of the findings prior to the analysis was once made public. This integrated getting ready written summaries of the findings with proof-of-concept code, and direct discussions with affected elections officers on calls organized via CISA.

Along with its use within the 2018 West Virginia elections, the app was once deployed in elections in Denver, Oregon, and Utah, in addition to on the 2016 Massachusetts Democratic Conference and the 2016 Utah Republican Conference. Voatz was once now not used all over the 2020 Iowa caucuses.

The findings underscore the will for transparency within the design of vote casting techniques, consistent with the researchers.

“All of us be interested in expanding get right of entry to to the poll, however so as to take care of accept as true with in our elections machine, we will have to guarantee that vote casting techniques meet the prime technical and operation safety requirements prior to they’re put within the box,” says Weitzner. “We can not experiment on our democracy.”     

“The consensus of safety mavens is that operating a safe election over the web isn’t conceivable these days,” provides Koppel. “The reasoning is that weaknesses anyplace in a big chain may give an adversary undue affect over an election, and these days’s instrument is shaky sufficient that the life of unknown exploitable flaws is simply too nice a possibility to take.”

Breaking down the consequences

The researchers have been first of all impressed to accomplish a safety research of Voatz in response to Specter’s analysis with Ronald Rivest, Institute Professor at MIT; Neha Narula, director of the MIT Virtual Foreign money Initiative; and Sunoo Park SM ’15, PhD ’18 , exploring the feasibility of the use of blockchain techniques in elections. In keeping with the researchers, Voatz claims to make use of a permissioned blockchain to verify safety, however has now not launched any supply code or public documentation for the way their machine operates.

Specter, who co-teaches an MIT Unbiased Actions Duration route based via Koppel this is inquisitive about opposite engineering instrument, broached the theory of opposite engineering Voatz’s utility, so that you could higher know how its machine labored. To be sure that they didn’t intrude with any ongoing elections or disclose consumer information, Specter and Koppel reverse-engineered the appliance after which created a type of Voatz’s server.


They discovered that an adversary with far off get right of entry to to the instrument can adjust or find a consumer’s vote, and that the server, if hacked, may simply trade the ones votes. “It does now not seem that the app’s protocol makes an attempt to make sure [genuine votes] with the back-end blockchain,” Specter explains.

“Most likely maximum alarmingly, we discovered {that a} passive community adversary, like your web carrier supplier, or somebody within reach you if you happen to’re on unencrypted Wi-Fi, may discover which manner you voted in some configurations of the election. Worse, extra competitive attackers may doubtlessly discover which manner you’re going to vote after which prevent the relationship in response to that on my own.”

Along with detecting vulnerabilities with Voatz’s vote casting procedure, Specter and Koppel discovered that the app poses privateness problems for customers. Because the app makes use of an exterior dealer for voter ID verification, a 3rd get together may doubtlessly get right of entry to a voter’s picture, motive force’s license knowledge, or different sorts of identity, if that dealer’s platform isn’t additionally safe.      

“Regardless that Voatz’s privateness coverage does discuss sending some data to 3rd events, so far as we will inform the truth that any 0.33 get together is getting the voter’s motive force’s license and selfie isn’t explicitly discussed,” Specter notes.

Requires greater openness

Specter and Koppel say that their findings level to the will for openness in terms of election management, so as to make certain the integrity of the election procedure. These days, they word, the election procedure in states that use paper ballots is designed to be clear, and electorate and political get together representatives are given alternatives to look at the vote casting procedure.

Against this, Koppel notes, “Voatz’s app and infrastructure have been totally closed-source; we have been most effective in a position to get get right of entry to to the app itself.     

“I feel this kind of research is very essential. Presently, there’s a force to make vote casting extra obtainable, via the use of web and mobile-based vote casting techniques. The issue this is that from time to time the ones techniques aren’t made via individuals who have experience in holding vote casting techniques safe, and so they’re deployed prior to they are able to get correct evaluate,” says Matthew Inexperienced, an affiliate professor on the Johns Hopkins Data Safety Institute. When it comes to Voatz, he provides, “It looks as if there have been many just right intentions right here, however the end result lacks key options that will give protection to a voter and give protection to the integrity of elections.”

Going ahead, the researchers warning that instrument builders will have to end up their techniques are as safe as paper ballots.

“The largest factor is transparency,” says Specter. “If in case you have a part of the election this is opaque, that isn’t viewable, that isn’t public, that has some form of proprietary element, that a part of the machine is inherently suspect and must be put underneath numerous scrutiny.”