Cryptology ePrint Archive: Report 2009/422

Attacks on {RFID}-Based Electronic Voting Systems

Yossef Oren and Avishai Wool

Abstract: Many secure systems, such as contactless credit cards and secure entrance systems, are built with contactless smart-card RFID technologies. In many cases these systems are claimed to be secure based on the assumption that readers and tags need to be in close proximity (about 5cm) in order to communicate. However, it is known that this proximity assumption is false: Relay attacks are a class of hardware-based attacks which compromise the safety of such systems by dramatically extending the interrogation range of the contactless system. Interestingly, the proposed Israeli e-voting scheme is based on contactless smartcards.

In this work we show how the proposed system can be completely compromised using low-cost relay attacks. Our attacks allow an adversary to read out all votes already cast into the ballot box, supress the votes of one or several voters, rewrite votes at will and even completely disqualify all votes in a single voting station. Our attacks are easy to mount, very difficult to detect, and compromise both the confidentiality and the integrity of the election system.

Category / Keywords: e-voting; RFID; relay attacks

Date: received 31 Aug 2009, last revised 21 Sep 2009

Contact author: evoting-iacr-eprint at oy ne ro

Available format(s): PDF | BibTeX Citation

Note: Updated with comments from Yoram Oren, one of the designers of the election scheme

Version: 20090921:073211 (All versions of this report)

Short URL: ia.cr/2009/422

Discussion forum: Show discussion | Start new discussion