a security flaw in the verification code mechanism of the ... · mechanism of the norwegian...
TRANSCRIPT
![Page 1: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/1.jpg)
Introduction Attack Conclusion
A Security Flaw in the Verification CodeMechanism of the Norwegian Internet Voting
System
Reto E. Koenig, Philipp Locher, Rolf Haenni
Bern University of Applied Sciences
08.09.2013
Supported by the Swiss National Science Foundation(project No. 200021L 140650)
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 2: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/2.jpg)
Introduction Attack Conclusion
Outline
1 IntroductionProblem SpaceProperties of the Norwegian E-Voting ProtocolImplementation
2 AttackControlling the SMS-Channel: Network-LayerControlling the SMS-Channel: Application-LayerAdversarial CommunicationAdversarial InfectionCounter Meassurements
3 Conclusion
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 3: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/3.jpg)
Introduction Attack Conclusion
Outline
1 IntroductionProblem SpaceProperties of the Norwegian E-Voting ProtocolImplementation
2 AttackControlling the SMS-Channel: Network-LayerControlling the SMS-Channel: Application-LayerAdversarial CommunicationAdversarial InfectionCounter Meassurements
3 Conclusion
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 4: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/4.jpg)
Introduction Attack Conclusion
Outline
1 IntroductionProblem SpaceProperties of the Norwegian E-Voting ProtocolImplementation
2 AttackControlling the SMS-Channel: Network-LayerControlling the SMS-Channel: Application-LayerAdversarial CommunicationAdversarial InfectionCounter Meassurements
3 Conclusion
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 5: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/5.jpg)
Introduction Attack Conclusion
Problem Space
Why This Talk?
The Norwegian E-Voting System...
...allows vote updating
...uses SMS as out-of-band post channel
...allows smart-phone as trusted device
...faces a secure platform problem
...cannot provide the required vote integrity byverification-code
...can be fixed!
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 6: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/6.jpg)
Introduction Attack Conclusion
Problem Space
Why This Talk?
The Norwegian E-Voting System...
...allows vote updating
...uses SMS as out-of-band post channel
...allows smart-phone as trusted device
...faces a secure platform problem
...cannot provide the required vote integrity byverification-code
...can be fixed!
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 7: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/7.jpg)
Introduction Attack Conclusion
Problem Space
Why This Talk?
The Norwegian E-Voting System...
...allows vote updating
...uses SMS as out-of-band post channel
...allows smart-phone as trusted device
...faces a secure platform problem
...cannot provide the required vote integrity byverification-code
...can be fixed!
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 8: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/8.jpg)
Introduction Attack Conclusion
Problem Space
Why This Talk?
The Norwegian E-Voting System...
...allows vote updating
...uses SMS as out-of-band post channel
...allows smart-phone as trusted device
...faces a secure platform problem
...cannot provide the required vote integrity byverification-code
...can be fixed!
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 9: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/9.jpg)
Introduction Attack Conclusion
Problem Space
Why This Talk?
The Norwegian E-Voting System...
...allows vote updating
...uses SMS as out-of-band post channel
...allows smart-phone as trusted device
...faces a secure platform problem
...cannot provide the required vote integrity byverification-code
...can be fixed!
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 10: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/10.jpg)
Introduction Attack Conclusion
Problem Space
Why This Talk?
The Norwegian E-Voting System...
...allows vote updating
...uses SMS as out-of-band post channel
...allows smart-phone as trusted device
...faces a secure platform problem
...cannot provide the required vote integrity byverification-code
...can be fixed!
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 11: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/11.jpg)
Introduction Attack Conclusion
Problem Space
Why This Talk?
The Norwegian E-Voting System...
...allows vote updating
...uses SMS as out-of-band post channel
...allows smart-phone as trusted device
...faces a secure platform problem
...cannot provide the required vote integrity byverification-code
...can be fixed!
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 12: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/12.jpg)
Introduction Attack Conclusion
Properties
Adversary Model and Trust Assumptions
The Norwegian E-Voting System...
...assumes server side to be honest
...accepts a malicious browser (MITB)
→ cannot guarantee privacy (at the voter side)
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 13: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/13.jpg)
Introduction Attack Conclusion
Properties
Adversary Model and Trust Assumptions
The Norwegian E-Voting System...
...assumes server side to be honest
...accepts a malicious browser (MITB)
→ cannot guarantee privacy (at the voter side)
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 14: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/14.jpg)
Introduction Attack Conclusion
Properties
Adversary Model and Trust Assumptions
The Norwegian E-Voting System...
...assumes server side to be honest
...accepts a malicious browser (MITB)
→ cannot guarantee privacy (at the voter side)
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 15: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/15.jpg)
Introduction Attack Conclusion
Properties
Adversary Model and Trust Assumptions
The Norwegian E-Voting System...
...assumes server side to be honest
...accepts a malicious browser (MITB)
→ cannot guarantee privacy (at the voter side)
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 16: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/16.jpg)
Introduction Attack Conclusion
Properties
Adversary Model and Trust Assumptions
The Norwegian E-Voting System...
...creates voter-individual and candidate basedverification code (at the server side)
...sends verification codes to the voter via out-of-bandchannels
pre-channel postal mail (secure printing)post-channel SMS (cryptographic receipt-generator)
→ provides vote integrity: cast and recorded as intended
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 17: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/17.jpg)
Introduction Attack Conclusion
Properties
Adversary Model and Trust Assumptions
The Norwegian E-Voting System...
...creates voter-individual and candidate basedverification code (at the server side)
...sends verification codes to the voter via out-of-bandchannels
pre-channel postal mail (secure printing)post-channel SMS (cryptographic receipt-generator)
→ provides vote integrity: cast and recorded as intended
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 18: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/18.jpg)
Introduction Attack Conclusion
Properties
Adversary Model and Trust Assumptions
The Norwegian E-Voting System...
...creates voter-individual and candidate basedverification code (at the server side)
...sends verification codes to the voter via out-of-bandchannels
pre-channel postal mail (secure printing)post-channel SMS (cryptographic receipt-generator)
→ provides vote integrity: cast and recorded as intended
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 19: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/19.jpg)
Introduction Attack Conclusion
Properties
Adversary Model and Trust Assumptions
The Norwegian E-Voting System...
...creates voter-individual and candidate basedverification code (at the server side)
...sends verification codes to the voter via out-of-bandchannels
pre-channel postal mail (secure printing)post-channel SMS (cryptographic receipt-generator)
→ provides vote integrity: cast and recorded as intended
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 20: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/20.jpg)
Introduction Attack Conclusion
Properties
Adversary Model and Trust Assumptions
The Norwegian E-Voting System...
...creates voter-individual and candidate basedverification code (at the server side)
...sends verification codes to the voter via out-of-bandchannels
pre-channel postal mail (secure printing)post-channel SMS (cryptographic receipt-generator)
→ provides vote integrity: cast and recorded as intended
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 21: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/21.jpg)
Introduction Attack Conclusion
Properties
Adversary Model and Trust Assumptions
The Norwegian E-Voting System...
...creates voter-individual and candidate basedverification code (at the server side)
...sends verification codes to the voter via out-of-bandchannels
pre-channel postal mail (secure printing)post-channel SMS (cryptographic receipt-generator)
→ provides vote integrity: cast and recorded as intended
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 22: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/22.jpg)
Introduction Attack Conclusion
Properties
Adversary Model and Trust Assumptions
The Norwegian E-Voting System...
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 23: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/23.jpg)
Introduction Attack Conclusion
Properties
Verification Code: Recoginizing an Attack
If...
...correct receipt appears after the vote: Good
... wrong receipt appears after the vote: Bad
... no receipt appears after the vote: Bad
... receipt appears without prior vote: Bad
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 24: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/24.jpg)
Introduction Attack Conclusion
Properties
Verification Code: Recoginizing an Attack
If...
...correct receipt appears after the vote: Good
... wrong receipt appears after the vote: Bad
... no receipt appears after the vote: Bad
... receipt appears without prior vote: Bad
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 25: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/25.jpg)
Introduction Attack Conclusion
Properties
Verification Code: Recoginizing an Attack
If...
...correct receipt appears after the vote: Good
... wrong receipt appears after the vote: Bad
... no receipt appears after the vote: Bad
... receipt appears without prior vote: Bad
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 26: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/26.jpg)
Introduction Attack Conclusion
Properties
Verification Code: Recoginizing an Attack
If...
...correct receipt appears after the vote: Good
... wrong receipt appears after the vote: Bad
... no receipt appears after the vote: Bad
... receipt appears without prior vote: Bad
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 27: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/27.jpg)
Introduction Attack Conclusion
Properties
Verification Code: Recoginizing an Attack
If...
...correct receipt appears after the vote: Good
... wrong receipt appears after the vote: Bad
... no receipt appears after the vote: Bad
... receipt appears without prior vote: Bad
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 28: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/28.jpg)
Introduction Attack Conclusion
Implementation
Speciality
The Norwegian E-Voting System...
...allows vote updating!
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 29: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/29.jpg)
Introduction Attack Conclusion
Implementation
Out-of-Band Post-Channel
The Norwegian E-Voting System...
...uses SMS-channel
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 30: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/30.jpg)
Introduction Attack Conclusion
Controlling the SMS-Channel: Network-Layer
Enhanced Adversary model
Man in the...
...Browser & SMS-Channel
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 31: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/31.jpg)
Introduction Attack Conclusion
Controlling the SMS-Channel: Network-Layer
Enhanced Adversary model
Man in the...
...Browser & SMS-Channel
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 32: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/32.jpg)
Introduction Attack Conclusion
Controlling the SMS-Channel: Network-Layer
SMS-Channel: No more Out-of-Band
MIT(B + S) + Vote-Updating 7→ Compromized System
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 33: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/33.jpg)
Introduction Attack Conclusion
Controlling the SMS-Channel: Network-Layer
Fake GSM Base Transceiver Dedicated Hardware
IMSI-catcher: Demonstrated live @ Defcon 2010
Hardware: 1500$ (off-the-shelf HW)
Software: 0$ (Open Source)
Task: Proxy GSM-network ↔ GSM-phone
Range ≈ 35km
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 34: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/34.jpg)
Introduction Attack Conclusion
Controlling the SMS-Channel: Network-Layer
Fake GSM Base Transceiver Dedicated Hardware
IMSI-catcher: Demonstrated live @ Defcon 2010
Hardware: 1500$ (off-the-shelf HW)
Software: 0$ (Open Source)
Task: Proxy GSM-network ↔ GSM-phone
Range ≈ 35km
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 35: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/35.jpg)
Introduction Attack Conclusion
Controlling the SMS-Channel: Network-Layer
Fake GSM Base Transceiver Dedicated Hardware
IMSI-catcher: Demonstrated live @ Defcon 2010
Hardware: 1500$ (off-the-shelf HW)
Software: 0$ (Open Source)
Task: Proxy GSM-network ↔ GSM-phone
Range ≈ 35km
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 36: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/36.jpg)
Introduction Attack Conclusion
Controlling the SMS-Channel: Network-Layer
Fake GSM Base Transceiver Dedicated Hardware
IMSI-catcher: Demonstrated live @ Defcon 2010
Hardware: 1500$ (off-the-shelf HW)
Software: 0$ (Open Source)
Task: Proxy GSM-network ↔ GSM-phone
Range ≈ 35km
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 37: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/37.jpg)
Introduction Attack Conclusion
Controlling the SMS-Channel: Network-Layer
Fake GSM Base Transceiver Dedicated Hardware
IMSI-catcher: Demonstrated live @ Defcon 2010
Hardware: 1500$ (off-the-shelf HW)
Software: 0$ (Open Source)
Task: Proxy GSM-network ↔ GSM-phone
Range ≈ 35km
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 38: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/38.jpg)
Introduction Attack Conclusion
Controlling the SMS-Channel: Network-Layer
Malicious Browser (MITB) &Fake GSM Base Transceiver (MITS) Dedicated Hardware
Logic
MITB informs MITS to withold every second SMS:
receipt generator 7→ voter’s phone
1 Voter votes in an e-voting session (via MITB)
2 SMS: receipt generator 7→ voter’s phone
3 Malicious vote update: MITB silently performs a vote-cast inthe voter’s e-voting session (MITB votes)
4 SMS: receipt generator 9 voter’s phone (MITS blocks)
→ Silent Vote Update
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 39: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/39.jpg)
Introduction Attack Conclusion
Controlling the SMS-Channel: Network-Layer
Malicious Browser (MITB) &Fake GSM Base Transceiver (MITS) Dedicated Hardware
Logic
MITB informs MITS to withold every second SMS:
receipt generator 7→ voter’s phone
1 Voter votes in an e-voting session (via MITB)
2 SMS: receipt generator 7→ voter’s phone
3 Malicious vote update: MITB silently performs a vote-cast inthe voter’s e-voting session (MITB votes)
4 SMS: receipt generator 9 voter’s phone (MITS blocks)
→ Silent Vote Update
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 40: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/40.jpg)
Introduction Attack Conclusion
Controlling the SMS-Channel: Network-Layer
Malicious Browser (MITB) &Fake GSM Base Transceiver (MITS) Dedicated Hardware
Logic
MITB informs MITS to withold every second SMS:
receipt generator 7→ voter’s phone
1 Voter votes in an e-voting session (via MITB)
2 SMS: receipt generator 7→ voter’s phone
3 Malicious vote update: MITB silently performs a vote-cast inthe voter’s e-voting session (MITB votes)
4 SMS: receipt generator 9 voter’s phone (MITS blocks)
→ Silent Vote Update
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 41: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/41.jpg)
Introduction Attack Conclusion
Controlling the SMS-Channel: Network-Layer
Malicious Browser (MITB) &Fake GSM Base Transceiver (MITS) Dedicated Hardware
Logic
MITB informs MITS to withold every second SMS:
receipt generator 7→ voter’s phone
1 Voter votes in an e-voting session (via MITB)
2 SMS: receipt generator 7→ voter’s phone
3 Malicious vote update: MITB silently performs a vote-cast inthe voter’s e-voting session (MITB votes)
4 SMS: receipt generator 9 voter’s phone (MITS blocks)
→ Silent Vote Update
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 42: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/42.jpg)
Introduction Attack Conclusion
Controlling the SMS-Channel: Network-Layer
Malicious Browser (MITB) &Fake GSM Base Transceiver (MITS) Dedicated Hardware
Logic
MITB informs MITS to withold every second SMS:
receipt generator 7→ voter’s phone
1 Voter votes in an e-voting session (via MITB)
2 SMS: receipt generator 7→ voter’s phone
3 Malicious vote update: MITB silently performs a vote-cast inthe voter’s e-voting session (MITB votes)
4 SMS: receipt generator 9 voter’s phone (MITS blocks)
→ Silent Vote Update
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 43: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/43.jpg)
Introduction Attack Conclusion
Controlling the SMS-Channel: Network-Layer
Malicious Browser (MITB) &Fake GSM Base Transceiver (MITS) Dedicated Hardware
Logic
MITB informs MITS to withold every second SMS:
receipt generator 7→ voter’s phone
1 Voter votes in an e-voting session (via MITB)
2 SMS: receipt generator 7→ voter’s phone
3 Malicious vote update: MITB silently performs a vote-cast inthe voter’s e-voting session (MITB votes)
4 SMS: receipt generator 9 voter’s phone (MITS blocks)
→ Silent Vote Update
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 44: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/44.jpg)
Introduction Attack Conclusion
Controlling the SMS-Channel: Application-Layer
Statement
Introduction of smart-phone technology results in a newenvironment with strong impact on the security model
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 45: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/45.jpg)
Introduction Attack Conclusion
Controlling the SMS-Channel: Application-Layer
The Norwegian E-Voting System...
Introduction of Smart-Phone Technology to the Norwegian System
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 46: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/46.jpg)
Introduction Attack Conclusion
Controlling the SMS-Channel: Application-Layer
The Norwegian E-Voting System...
Introduction of Smart-Tablet Technology to the Norwegian System
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 47: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/47.jpg)
Introduction Attack Conclusion
Controlling the SMS-Channel: Application-Layer
Enhanced Adversary model
Man in the...
...Browser & SMS-App
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 48: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/48.jpg)
Introduction Attack Conclusion
Controlling the SMS-Channel: Application-Layer
Enhanced Adversary model
Man in the...
...Browser & SMS-App
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 49: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/49.jpg)
Introduction Attack Conclusion
Controlling the SMS-Channel: Application-Layer
SMS-Channel: No more Out-of-Band
MIT(B + S) + Vote-Updating 7→ Compromized System
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 50: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/50.jpg)
Introduction Attack Conclusion
Controlling the SMS-Channel: Application-Layer
Malicious Browser & SMS-App
1
Web-Buddy (MITB) & SMS-Buddy (MITS)Demonstrated live @ SIC 1 2013
Hardware: 0$ (Voter’s device)
Software: 0$ (Open Source)
Task: Proxy smart-phone ↔ voter
Range ≈ ∞
1Swiss Informatics CompetitionReto E. Koenig et al Flawed Verification Code Mechanism...
![Page 51: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/51.jpg)
Introduction Attack Conclusion
Controlling the SMS-Channel: Application-Layer
Malicious Browser & SMS-App
1
Web-Buddy (MITB) & SMS-Buddy (MITS)Demonstrated live @ SIC 1 2013
Hardware: 0$ (Voter’s device)
Software: 0$ (Open Source)
Task: Proxy smart-phone ↔ voter
Range ≈ ∞
1Swiss Informatics CompetitionReto E. Koenig et al Flawed Verification Code Mechanism...
![Page 52: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/52.jpg)
Introduction Attack Conclusion
Controlling the SMS-Channel: Application-Layer
Malicious Browser & SMS-App
1
Web-Buddy (MITB) & SMS-Buddy (MITS)Demonstrated live @ SIC 1 2013
Hardware: 0$ (Voter’s device)
Software: 0$ (Open Source)
Task: Proxy smart-phone ↔ voter
Range ≈ ∞
1Swiss Informatics CompetitionReto E. Koenig et al Flawed Verification Code Mechanism...
![Page 53: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/53.jpg)
Introduction Attack Conclusion
Controlling the SMS-Channel: Application-Layer
Malicious Browser & SMS-App
1
Web-Buddy (MITB) & SMS-Buddy (MITS)Demonstrated live @ SIC 1 2013
Hardware: 0$ (Voter’s device)
Software: 0$ (Open Source)
Task: Proxy smart-phone ↔ voter
Range ≈ ∞
1Swiss Informatics CompetitionReto E. Koenig et al Flawed Verification Code Mechanism...
![Page 54: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/54.jpg)
Introduction Attack Conclusion
Controlling the SMS-Channel: Application-Layer
Malicious Browser & SMS-App
1
Web-Buddy (MITB) & SMS-Buddy (MITS)Demonstrated live @ SIC 1 2013
Hardware: 0$ (Voter’s device)
Software: 0$ (Open Source)
Task: Proxy smart-phone ↔ voter
Range ≈ ∞
1Swiss Informatics CompetitionReto E. Koenig et al Flawed Verification Code Mechanism...
![Page 55: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/55.jpg)
Introduction Attack Conclusion
Controlling the SMS-Channel: Application-Layer
Malicious Browser & SMS-App
Logic
MITB informs MITS to withold every second SMS
from receipt generator
1 Voter votes in an e-voting session (via MITB)
2 SMS: receipt generator 7→ voter
3 Malicious vote update: MITB silently performs a vote-cast inthe voter’s e-voting session (MITB votes)
4 SMS: receipt generator 9 voter (MITS blocks)
→ Silent Vote Update
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 56: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/56.jpg)
Introduction Attack Conclusion
Controlling the SMS-Channel: Application-Layer
Malicious Browser & SMS-App
Logic
MITB informs MITS to withold every second SMS
from receipt generator
1 Voter votes in an e-voting session (via MITB)
2 SMS: receipt generator 7→ voter
3 Malicious vote update: MITB silently performs a vote-cast inthe voter’s e-voting session (MITB votes)
4 SMS: receipt generator 9 voter (MITS blocks)
→ Silent Vote Update
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 57: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/57.jpg)
Introduction Attack Conclusion
Controlling the SMS-Channel: Application-Layer
Malicious Browser & SMS-App
Logic
MITB informs MITS to withold every second SMS
from receipt generator
1 Voter votes in an e-voting session (via MITB)
2 SMS: receipt generator 7→ voter
3 Malicious vote update: MITB silently performs a vote-cast inthe voter’s e-voting session (MITB votes)
4 SMS: receipt generator 9 voter (MITS blocks)
→ Silent Vote Update
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 58: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/58.jpg)
Introduction Attack Conclusion
Controlling the SMS-Channel: Application-Layer
Malicious Browser & SMS-App
Logic
MITB informs MITS to withold every second SMS
from receipt generator
1 Voter votes in an e-voting session (via MITB)
2 SMS: receipt generator 7→ voter
3 Malicious vote update: MITB silently performs a vote-cast inthe voter’s e-voting session (MITB votes)
4 SMS: receipt generator 9 voter (MITS blocks)
→ Silent Vote Update
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 59: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/59.jpg)
Introduction Attack Conclusion
Controlling the SMS-Channel: Application-Layer
Malicious Browser & SMS-App
Logic
MITB informs MITS to withold every second SMS
from receipt generator
1 Voter votes in an e-voting session (via MITB)
2 SMS: receipt generator 7→ voter
3 Malicious vote update: MITB silently performs a vote-cast inthe voter’s e-voting session (MITB votes)
4 SMS: receipt generator 9 voter (MITS blocks)
→ Silent Vote Update
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 60: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/60.jpg)
Introduction Attack Conclusion
Controlling the SMS-Channel: Application-Layer
Malicious Browser & SMS-App
Logic
MITB informs MITS to withold every second SMS
from receipt generator
1 Voter votes in an e-voting session (via MITB)
2 SMS: receipt generator 7→ voter
3 Malicious vote update: MITB silently performs a vote-cast inthe voter’s e-voting session (MITB votes)
4 SMS: receipt generator 9 voter (MITS blocks)
→ Silent Vote Update
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 61: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/61.jpg)
Introduction Attack Conclusion
Adversarial Communication
’Silent-Channel’ communication
How They Communicate
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 62: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/62.jpg)
Introduction Attack Conclusion
Adversarial Communication
Channel: SMS-App ↔ Browser
How They Communicate
None SMS-App is programmed to block every second SMSfrom receipt generator
Implementation available
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 63: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/63.jpg)
Introduction Attack Conclusion
Adversarial Communication
Channel: SMS-App ↔ Browser
How They Communicate
None SMS-App is programmed to block every second SMSfrom receipt generator
Implementation available
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 64: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/64.jpg)
Introduction Attack Conclusion
Adversarial Communication
Channel: SMS-App ↔ Browser
How They Communicate
None SMS-App is programmed to block every second SMSfrom receipt generator
Implementation available
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 65: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/65.jpg)
Introduction Attack Conclusion
Adversarial Communication
Channel: SMS-App ↔ Browser
How They Communicate: Two Devices (Smart-phone, Tablet)
Internet-SMS-Gateway MITB only allowed to use the internet
SMS-Internet-Gateway MITS only allowed to read/write SMS
Implementation available
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 66: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/66.jpg)
Introduction Attack Conclusion
Adversarial Communication
Channel: SMS-App ↔ Browser
How They Communicate: Two Devices (Smart-phone, Tablet)
Internet-SMS-Gateway MITB only allowed to use the internet
SMS-Internet-Gateway MITS only allowed to read/write SMS
Implementation available
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 67: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/67.jpg)
Introduction Attack Conclusion
Adversarial Communication
Channel: SMS-App ↔ Browser
How They Communicate: Two Devices (Smart-phone, Tablet)
Internet-SMS-Gateway MITB only allowed to use the internet
SMS-Internet-Gateway MITS only allowed to read/write SMS
Implementation available
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 68: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/68.jpg)
Introduction Attack Conclusion
Adversarial Communication
Channel: SMS-App ↔ Browser
How They Communicate: Two Devices (Smart-phone, Tablet)
Internet-SMS-Gateway MITB only allowed to use the internet
SMS-Internet-Gateway MITS only allowed to read/write SMS
Implementation available
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 69: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/69.jpg)
Introduction Attack Conclusion
Adversarial Communication
Channel: SMS-App ↔ Browser
How They Communicate: Two Devices (Smart-phone, Tablet)
Internet-SMS-Gateway MITB only allowed to use the internet
SMS-Internet-Gateway MITS only allowed to read/write SMS
Implementation available
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 70: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/70.jpg)
Introduction Attack Conclusion
Adversarial Communication
Channel: SMS-App → Browser
How They Communicate: Two Devices (Smart-Phone, Notebook)
Ultra-Sonic MITS broadcasts via loudspeakerMITB listens via microphone
Proof of Concept available
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 71: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/71.jpg)
Introduction Attack Conclusion
Adversarial Communication
Channel: SMS-App → Browser
How They Communicate: Two Devices (Smart-Phone, Notebook)
Ultra-Sonic MITS broadcasts via loudspeakerMITB listens via microphone
Proof of Concept available
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 72: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/72.jpg)
Introduction Attack Conclusion
Adversarial Communication
Channel: SMS-App → Browser
How They Communicate: Two Devices (Smart-Phone, Notebook)
Ultra-Sonic MITS broadcasts via loudspeakerMITB listens via microphone
Proof of Concept available
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 73: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/73.jpg)
Introduction Attack Conclusion
Adversarial Communication
Channel: SMS-App ↔ Browser
How they communicate: Single device (tablet)
Inter-Process-Communication MITS & MITB on same device(Tablet)
Implementation available (SMS-Buddy, Web-Buddy)
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 74: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/74.jpg)
Introduction Attack Conclusion
Adversarial Communication
Channel: SMS-App ↔ Browser
How they communicate: Single device (tablet)
Inter-Process-Communication MITS & MITB on same device(Tablet)
Implementation available (SMS-Buddy, Web-Buddy)
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 75: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/75.jpg)
Introduction Attack Conclusion
Adversarial Communication
Channel: SMS-App ↔ Browser
How they communicate: Single device (tablet)
Inter-Process-Communication MITS & MITB on same device(Tablet)
Implementation available (SMS-Buddy, Web-Buddy)
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 76: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/76.jpg)
Introduction Attack Conclusion
Adversarial Infection
How to Infect the Smart-Phone
Assumption: The browser is already infected
Social-Engineering SMS-App is designed to guard privacy! Noadditional permissions needed!Browser keeps ’nagging’
Cloud-Based After user has logged into cloud(Google-Play-Store / Apple-App-Store / ...)Browser directly downloads SMS-App
Implementations and success-stories available (Eurograbber et al)
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 77: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/77.jpg)
Introduction Attack Conclusion
Adversarial Infection
How to Infect the Smart-Phone
Assumption: The browser is already infected
Social-Engineering SMS-App is designed to guard privacy! Noadditional permissions needed!Browser keeps ’nagging’
Cloud-Based After user has logged into cloud(Google-Play-Store / Apple-App-Store / ...)Browser directly downloads SMS-App
Implementations and success-stories available (Eurograbber et al)
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 78: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/78.jpg)
Introduction Attack Conclusion
Adversarial Infection
How to Infect the Smart-Phone
Assumption: The browser is already infected
Social-Engineering SMS-App is designed to guard privacy! Noadditional permissions needed!Browser keeps ’nagging’
Cloud-Based After user has logged into cloud(Google-Play-Store / Apple-App-Store / ...)Browser directly downloads SMS-App
Implementations and success-stories available (Eurograbber et al)
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 79: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/79.jpg)
Introduction Attack Conclusion
Adversarial Infection
How to Infect the Smart-Phone
Assumption: The browser is already infected
Social-Engineering SMS-App is designed to guard privacy! Noadditional permissions needed!Browser keeps ’nagging’
Cloud-Based After user has logged into cloud(Google-Play-Store / Apple-App-Store / ...)Browser directly downloads SMS-App
Implementations and success-stories available (Eurograbber et al)
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 80: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/80.jpg)
Introduction Attack Conclusion
Adversarial Infection
How to Infect the Smart-Phone
Assumption: The browser is already infected
Social-Engineering SMS-App is designed to guard privacy! Noadditional permissions needed!Browser keeps ’nagging’
Cloud-Based After user has logged into cloud(Google-Play-Store / Apple-App-Store / ...)Browser directly downloads SMS-App
Implementations and success-stories available (Eurograbber et al)
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 81: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/81.jpg)
Introduction Attack Conclusion
Counter Meassurements
How to Void this Attack on the Norwegian E-VotingSystem
One Vote only...
Per Voting-Session MinID used to authenticate and authorizevoter. Equal to e-banking mTAN.This is no real solution, as Web-Buddy andSMS-Buddy are designed to break e-bankingmTAN 7→ attacking MinID
! No vote updating ... no successful attack.
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 82: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/82.jpg)
Introduction Attack Conclusion
Counter Meassurements
How to Void this Attack on the Norwegian E-VotingSystem
One Vote only...
Per Voting-Session MinID used to authenticate and authorizevoter. Equal to e-banking mTAN.This is no real solution, as Web-Buddy andSMS-Buddy are designed to break e-bankingmTAN 7→ attacking MinID
! No vote updating ... no successful attack.
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 83: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/83.jpg)
Introduction Attack Conclusion
Counter Meassurements
How to Void this Attack on the Norwegian E-VotingSystem
One Vote only...
Per Voting-Session MinID used to authenticate and authorizevoter. Equal to e-banking mTAN.This is no real solution, as Web-Buddy andSMS-Buddy are designed to break e-bankingmTAN 7→ attacking MinID
! No vote updating ... no successful attack.
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 84: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/84.jpg)
Introduction Attack Conclusion
Counter Meassurements
How to Void this Attack on the Norwegian E-VotingSystem
Dedicated Hardware Device
SMS-Receiver A must, if MinID alike infrastructureshall remain.However, Fake GSM-Attack still possible.
Trusted Hardware Token Secure Display, Secure KeyboardMessages E2E encrypted (over theInternet).
Implementation available: ZTIC(IBM UBS)Cronto-Device (Steven Murdoch)
Success-Story available: E-Banking (UBS)
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 85: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/85.jpg)
Introduction Attack Conclusion
Counter Meassurements
How to Void this Attack on the Norwegian E-VotingSystem
Dedicated Hardware Device
SMS-Receiver A must, if MinID alike infrastructureshall remain.However, Fake GSM-Attack still possible.
Trusted Hardware Token Secure Display, Secure KeyboardMessages E2E encrypted (over theInternet).
Implementation available: ZTIC(IBM UBS)Cronto-Device (Steven Murdoch)
Success-Story available: E-Banking (UBS)
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 86: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/86.jpg)
Introduction Attack Conclusion
Counter Meassurements
How to Void this Attack on the Norwegian E-VotingSystem
Dedicated Hardware Device
SMS-Receiver A must, if MinID alike infrastructureshall remain.However, Fake GSM-Attack still possible.
Trusted Hardware Token Secure Display, Secure KeyboardMessages E2E encrypted (over theInternet).
Implementation available: ZTIC(IBM UBS)Cronto-Device (Steven Murdoch)
Success-Story available: E-Banking (UBS)
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 87: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/87.jpg)
Introduction Attack Conclusion
Counter Meassurements
How to Void this Attack on the Norwegian E-VotingSystem
Dedicated Hardware Device
SMS-Receiver A must, if MinID alike infrastructureshall remain.However, Fake GSM-Attack still possible.
Trusted Hardware Token Secure Display, Secure KeyboardMessages E2E encrypted (over theInternet).
Implementation available: ZTIC(IBM UBS)Cronto-Device (Steven Murdoch)
Success-Story available: E-Banking (UBS)
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 88: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/88.jpg)
Introduction Attack Conclusion
Counter Meassurements
How to Void this Attack on the Norwegian E-VotingSystem
Dedicated Hardware Device
SMS-Receiver A must, if MinID alike infrastructureshall remain.However, Fake GSM-Attack still possible.
Trusted Hardware Token Secure Display, Secure KeyboardMessages E2E encrypted (over theInternet).
Implementation available: ZTIC(IBM UBS)Cronto-Device (Steven Murdoch)
Success-Story available: E-Banking (UBS)
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 89: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/89.jpg)
Introduction Attack Conclusion
Smart-Phones Do Not Provide any Out-of-Band Channel
Stop using smart-phones astrusted device
Your system will be grounded by a script kiddie
Reto E. Koenig et al Flawed Verification Code Mechanism...
![Page 90: A Security Flaw in the Verification Code Mechanism of the ... · Mechanism of the Norwegian Internet Voting System Reto E. Koenig, Philipp Locher, Rolf Haenni Bern University of Applied](https://reader033.vdocuments.us/reader033/viewer/2022051904/5ff5305883afab302d24e9e8/html5/thumbnails/90.jpg)
Introduction Attack Conclusion
Smart-Phones Do Not Provide any Out-of-Band Channel
Stop using smart-phones astrusted device
Your system will be grounded by a script kiddie
Reto E. Koenig et al Flawed Verification Code Mechanism...