Why Internet voting is Insecure: a Case Study
Barbara Simons *
The U.S. Department of Defense had been planning to run an
Internet-based voting "experiment" called SERVE (Secure Electronic
Registration and Voting Experiment) for the 2004 presidential primaries and
general election. In order to evaluate the security of SERVE, a group of
computer scientists were asked to review the program. On Jan. 21, 2004 four
members of the review panel, including the speaker, produced a report,
available at www.servesecurityreport.org, that analyzed the security risks
of SERVE and called for SERVE to be shut down. On Feb. 3, 2004, the
Department of Defense cancelled SERVE.
In this talk I shall discuss the security problems with Internet voting in
general and SERVE in particular. If time permits, I'll also discuss some
vulnerabilities of other forms of voting such a paperless touch screen
machines.
*
Barbara Simons is a technology policy consultant. For many years she
was a at IBM Research, where she worked on compiler optimization, algorithm
analysis, and scheduling theory. Former President of the Association for
Computing Machinery (ACM), Simons co-chairs the ACM's US Public Policy
Committee (USACM). She has served on the NSF panel on Internet Voting, the President's
Export Council's Subcommittee on Encryption, and the President's Council on
the Year 2000 Conversion.