RIES - Rijnland Internet Election System: A Cursory Study of Published Source Code
暂无分享,去创建一个
The Rijnland Internet Election System (RIES) is a system designed for voting in public elections over the internet. A rather cursory scan of the source code to RIES showed a significant lack of security-awareness among the programmers which --- among other things --- appears to have left RIES vulnerable to near-trivial attacks. If it had not been for independent studies finding problems, RIES would have been used in the 2008 Water Board elections, possibly handling a million votes or more. While RIES was more extensively studied to find cryptographic shortcomings, our work shows that more down---to---earth secure design practices can be at least as important, and the aspects need to be examined much sooner than right before an election.
[1] E.M.G.M. Hubbers,et al. Stemmen via internet geen probleem , 2004 .
[2] Melanie Volkamer,et al. Compliance of RIES to the Proposed e-Voting Protection Profile , 2007, VOTE-ID.
[3] Wolter Pieters,et al. RIES - Internet Voting in Action , 2005, COMPSAC.
[4] van Hca Henk Tilborg,et al. Description and analysis of the RIES internet voting system , 2008 .
[5] Rop Gonggrijp,et al. Studying the Nedap/Groenendaal ES3B Voting Computer: A Computer Security Perspective , 2007, EVT.