Title :
Side-channels and eVoting machine security: Identifying vulnerabilities and defining requirements
Author :
Frankland, Richard ; Demirel, Denise ; Budurushi, Jurlind ; Volkamer, Melanie
Author_Institution :
CASED, Tech. Univ. Darmstadt, Darmstadt, Germany
Abstract :
Election systems making use of eVoting machines are becoming more prevalent. However, security issues do exist within current products and proposed systems. One of these issues is the occurrence of implementation-specific information leakage, otherwise known as side-channel leakage. These have serious implications for voter secrecy. An attack based on electromagnetic leakage from Nedap voting machines has demonstrated that this type of leakage is a relevant issue within eVoting. Therefore, in this paper we present an analysis showing how common components of eVoting machines may be vulnerable to side-channel attacks. As side-channel leakage is also not sufficiently addressed in the many available requirement documents for eVoting systems, we also define requirements for side-channels within the scope of eVoting machine security. Our proposal involves the application of the Common Criteria method. These requirements can be integrated into existing or future Protection Profiles and Security Targets for eVoting systems.
Keywords :
government data processing; security of data; Nedap voting machines; common criteria method; eVoting machine security; election systems; electromagnetic leakage; implementation-specific information leakage; protection profiles; requirement definition; security targets; side-channel leakage; vulnerability identification; Acoustics; Cryptography; Electromagnetics; Image reconstruction; Keyboards; Optical imaging; electronic voting; security requirements; vote secrecy;
Conference_Titel :
Requirements Engineering for Electronic Voting Systems (REVOTE), 2011 International Workshop on
Conference_Location :
Trento
Print_ISBN :
978-1-4577-0951-7
Electronic_ISBN :
978-1-4577-0953-1
DOI :
10.1109/REVOTE.2011.6045914
