Vulnerability analysis in the Wombat voting system

Background

Wombat voting is an academic project whose main objective is to explore the feasibility of end-to-end verifiable voting. To this end, a strong emphasis was put on simplicity of design and compatibility with more traditional, paper based, voting systems. The main features of Wombat voting are:

• Simple design. Compatible with traditional paper-based voting.
• Voter privacy. No one but the voter knows who he/she voted for.
• End-to-end verifiability. Any voter can verify their vote is recorded as cast, and anyone can verify recorded votes are correctly tallied.

The project was, for the most part, developed by IDC undergraduate students, aided by students from Tel Aviv University. The mixnet system used by Wombat is called Verificatum and was developed by Douglas Wikstrom from KTH Stockholm. The Wombat voting system was already deployed in two real-world elections. The first was an election for student council members at IDC Herzliya and the second was an election for the head of the Meretz party.

The Goal

The Method

1. We will set up an adversarial game between a red team and a blue team. The blue team will act as defenders: they will run a mock election using the Wombat system.
2. The red team will act as attackers. Their purpose is to "hack" the election. Points will be awarded according to the type of vulnerabilities found, their feasibility and the cost of the attacks
3. Two mock elections will be run, so that each student can be a red-team member in one and a blue-team member in the other. (alternatively, students that are not participating in the course can be used instead of the blue team).

Vulnerability types

1. Attacks on the integrity of the election. This type of attack is considered successful if the red team manages to change election results without auditors (blue team) discovering the error. Partial points will be awarded for attacks that succeed with non-negligible probability (but may occasionally be detected)
2. Attacks on the privacy of the election. This type of attack is considered successful if the red team manages to learn information about honest votes beyond the published results of the election. Full points for votes that are completely revealed while the attack is undetected by the blue team; partial points if only partial information is learned about votes (e.g., that a set of voters voted a certain way, but not what each specific voter did). A privacy breach that is detected will also get partial points.
3. Coercion Attacks. In this type of attack, the red team picks an honest voter and gives her a set of instructions to follow. The honest voter will privately flip a coin to decide whether to follow the instructions or not. The attack is successful if the red team can correctly guess what the honest voter did with probability significantly greater than half.
4. System Confidence Attacks. In this type of attack, the red team is trying to destroy confidence in the system. A confidence attack is successful if it went unnoticed by the blue team during the election itself, and there is a large gap between the paper and electronic counts.

Attacker Capabilities

1. Malicious voter only: The attack only requires the cooperation of a malicious voter (or a small number of voters)
2. Malicious poll worker: The attack requires the cooperation of a malicious poll worker (and possibly some voters)
3. Malicious programmer: The attack requires the cooperation of a system programmer (or all of them)
4. Everyone is malicious: The attack assumes an honest majority of voters but everyone else is compromised (in this case the only relevant attack is on integrity; privacy, coercion and system confidence are lost causes).

The red team will be given the full source code to the system. In addition, they will be given "corruption cards": these can be secretly handed to blue-team members to turn them into red team members (this will allow the red team to test attacks that require corrupting officials and/or voters).

Expected Project Output

Each red team will first study the system. They will write up all their findings in a short paper, along with an analysis of the attacks' feasibility and success probability. They will choose one of the attacks and attempt to execute it during the mock election.

Required Tools and Skills:

The Wombat system is complex and contains multiple moving parts. However, to attack the system you only need to recognize its weakest point. Thus, while all of the skills below would be helpful to the red team members, a successful project should be possible even with a subset of these skills.

1. Understanding the cryptographic protocol. Wombat's uniqueness stems from the underlying cryptographic protocol used to ensure the integrity and privacy of the election. A basic understanding of the principles is essential, and a deeper understanding would be helpful.
2. Knowledge of Java language: the system is written in Java, and much of the work will be reading the source and looking for loopholes.
3. Knowledge of Python and Django: the voter registration database is an application written in Python (using Django) and run on a web server.
4. Low-level PC design: For some attacks it may be helpful to know low-level details about the PC platform (both hardware and software).

Acquired Tools and Skills

By participating in this exercise, you will:

1. Gain hands-on experience in security evaluation in a real-world setting
2. Learn about the state-of-the-art in cryptographic voting protocols
3. Develop a "hacker" mindset
4. Earn everlasting fame and glory

(or at least some subset of the above)