Firmware Manipulations on an Optical Scan Voting Terminal
Total Page:16
File Type:pdf, Size:1020Kb
Taking Total Control of Voting Systems: Firmware Manipulations on an Optical Scan Voting Terminal Seda Davtyan Sotiris Kentros Aggelos Kiayias Laurent Michel Nicolas Nicolaou Alexander Russell Andrew See Narasimha Shashidhar Alexander A. Shvartsman Voting Technology Research Center and Computer Science and Engineering Department University of Connecticut, Storrs, CT 06269, USA fseda,skentros,aggelos,ldm,nicolas,acr,andysee,karpoor,[email protected] ABSTRACT chines by presenting a detailed case study focusing on the The firmware of an electronic voting machine is typically AccuVote Optical Scan Terminal (AV-OS) that is widely treated as a \trusted" component of the system. Conse- used in the US elections. Our investigation demonstrates quently, it is misconstrued to be vulnerable only to an insider the possibility of an array of firmware manipulation attacks attack by someone with an in-depth knowledge of the sys- against the AV-OS that are characterized by their low cost tem and access to the source code. This case study focuses (<$300) and the fact that they were developed without on the Diebold/Premier AccuVote Optical Scan voting ter- any access to hardware specifications or the source code of minal (AV-OS) that is widely used in the USA elections. We any software running in this system. By virtue of being a present three low level manipulations of the above voting ter- firmware modification, our attacks are totally immune to minal's firmware resulting in divergence from its prescribed cryptographic integrity checks or any other type of auditing operation: (i) the first bestows the terminal with a powerful procedure (aside from an auditing procedure that inspects memory card dumping functionality, (ii) the second enables the firmware itself, which is a type of audit whose impor- the terminal to leak the ballot details through its serial port tance is strongly underscored by our work). thus violating voter privacy during the election, (iii) the fi- Our results include three firmware manipulations applied nal third firmware manipulation is a proof of concept attack to the AV-OS. Our first manipulation equips the voting ter- that swaps the votes of two candidates thus permanently minal with a powerful memory card dumping functionality. destroying the election outcome in an undetectable fashion. The second firmware manipulation leaks the ballot contents This demonstrates the extent to which the firmware of the through the serial line when a voter scans his/her ballot. AV-OS can be modified with no insider knowledge or access Finally, we present a proof of concept malicious attack to to the source code. illustrate the dangers of trusting un-audited firmware. The Our results underscore the importance of verifying the third firmware alteration is capable of swapping two elec- integrity of the firmware of electronic voting terminals ac- tion counters thus permanently destroying the outcome of companied by sound auditing procedures to maintain the any election that relies solely on the machine counts. candor of the electoral process. We also note that this work We note that this work is performed solely with the pur- is performed solely with the purpose of security analysis of pose of security analysis of AV-OS and to assist in the audits AV-OS, and the first and the second firmware manipulations of elections conducted using AV-OS systems. The various we describe serve a dual purpose in assisting the techno- firmware manipulations find a dual purpose in the auditing logical audits of actual voting procedures conducted using process and the basic techniques developed herein are useful AV-OS systems. tools that can expedite the auditing procedures for voting terminals. Optical Scan Security Vulnerabilities: There are two 1. INTRODUCTION major types of electronic voting equipment: Direct record- Frequently, the firmware component of a proprietary com- ing electronic (DRE) machines and optical-scan (OS) ma- puting system is misconstrued to be vulnerable only to a chines. An important benefit of the optical scan technology technical insider attack by someone with extensive resources, is that it naturally yields a voter-verified paper audit trail an in-depth knowledge of the targeted system, and access to (VVPAT)|the actual \bubble sheet" ballots marked by the source code and/or hardware specifications. In this work, voters that enables hand-counted audits and recounts. De- we challenge this assumption in the domain of e-voting ma- spite the paper trail benefit of OS terminals, three major issues serve as the motivation of this paper: First, OS ma- chines, such as the AV-OS terminal, have a loadable soft- ware component containing information about the election Permission to make digital or hard copies of all or part of this work for and candidates. Such software presents opportunities for at- personal or classroom use is granted without fee provided that copies are tacks [5,2,8] and should be audited. Second, OS machines not made or distributed for profit or commercial advantage and that copies may occasionally make errors when reading ballot sheets, as bear this notice and the full citation on the first page. To copy otherwise, to indicated by hand-counted audits [10,9]. Such audits are republish, to post on servers or to redistribute to lists, requires prior specific performed randomly in some states and may be triggered permission and/or a fee. SAC’09 March 8-12, 2009, Honolulu, Hawaii, U.S.A. by a tightly contested race. Unfortunately, such audits are Copyright 2009 ACM 978-1-60558-166-8/09/03 ...$5.00. time consuming and may themselves be error prone [10, 11]. ground. The proof of concept attacks illustrate the dangers The third issue concerns the firmware, the software compo- of trusting un-audited firmware and show the importance of nent that implements the basic functionality and typically verifying the integrity of the firmware of EVMs accompa- resides in the internal memory of the terminal. Generally, nied by sound auditing procedures to maintain the candor the firmware of voting machines is trusted implicitly. In of the electoral process. some cases the firmware source code is inspected by inde- pendent experts [8,6] to ensure that it behaves as expected, 2. THE AV-OS ELECTION SYSTEM however, to the best of our knowledge, the actual firmware The AV-OS election system is comprised of two compo- binary code is currently not audited. nents [3]: the AccuVote Optical Scan voting terminal (AV- In [5], the authors describe a general architecture that OS) and Global Election Management System (GEMS). characterizes special purpose trusted computing devices such The AV-OS terminal is a computing device responsible as the AV-OS voting terminal. Recall that a system like the for accepting ballots and tabulating the results of the elec- AV-OS is composed of both software and hardware compo- tion. The functionality of the terminal is determined by nents. From the security viewpoint, the key features are the the firmware loaded into a single Erasable Programmable components that are accessible or easily replaceable from Read Only Memory (EPROM) residing inside the terminal. outside the system, namely, the software components. The The AV-OS voting terminal described in this paper contains main theme in [5] (as well as in most previous research) cen- the firmware version 1.96.6. The major hardware compo- tered around the vulnerabilities and security issues of the nents include an 8MHz microcontroler which emulates an AV-OS voting terminal that relate to the machine's propri- Intel 80186 processor, 128K RAM chips, an optical scan- etary language, called AccuBasic, used for reporting election ner, a dot-matrix printer, LCD display, serial communica- results. For the most part, previous work assumes that the tion port, built-in modem and a removable 40 pin EPSON firmware of the AV-OS terminal is a trusted component of memory card. An analysis and discussion of the contents of the system, a point from which we depart in the present the memory card is presented in this paper. work. GEMS is the ballot design and central tabulation system. Contributions: We present three manipulations of | in It is installed on and operated from a conventional PC. essence attacks on | the AV-OS firmware. First we imple- GEMS consists of several databases that include the data ment a new diagnostic memory card dumping function of and ballot layout corresponding to the precincts participat- the terminal; in particular, we develop a firmware manipu- ing in the election, and the bytecode that determines how lation that expedites the memory card dumping functional- the tabulated results are printed. This data is transferred ity of the AV-OS terminal; our modified firmware exhibits a via the serial communication port to the memory card kept sixfold speedup of the total dumping time. This firmware in the AV-OS terminal. manipulation was performed to assist in the auditing of the contents of memory cards but can also be instrumental in 2.1 AV-OS Software Components launching an attack against the voting terminal since the The behavior of each AV-OS terminal is determined by memory card stores all the sensitive information regarding the firmware and the memory card contents. the election and expedient access to this information can be essential to an attacker. The second manipulation tar- Firmware. The main software component of the AV-OS is gets vote privacy: our modified firmware \leaks" through its firmware, executable code kept in a 128K 32 pin EPROM the serial port the actual contents of a voters' ballot. The chip (M27C1001) and responsible for all the functions pro- dual purpose of this firmware manipulation is assisting in vided by the machine. The EPROM is electronically pro- the hand-counted audits of the election outcomes.