Attacking the Verification Code Mechanism in the Norwegian Internet Voting System

  • Reto E. Koenig
  • Philipp Locher
  • Rolf Haenni
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7985)


The security of the Norwegian Internet voting system depends strongly on the implemented verification code mechanism, which allows voters to verify if their vote has been cast and recorded as intended. For this to work properly, a secure and independent auxiliary channel for transmitting the verification codes to the voters is required. The Norwegian system assumes that SMS satisfies the necessary requirements for such a channel. This paper demonstrates that this is no longer the case today. If voters use smartphones or tablet computers for receiving SMS messages, a number of new attack scenarios appear. We show how an adversary may exploit these scenarios in systems providing vote updating and point out the consequences for the vote integrity in the Norwegian system. We also give a list of possible counter-measures and system enhancements to prevent and detect such attacks.


Mobile Device Tablet Computer Attack Scenario Postal Mail Electronic Vote 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Ansper, A., Heiberg, S., Lipmaa, H., Øverland, T.A., van Laenen, F.: Security and trust for the Norwegian e-voting pilot project E-Valg 2011. In: Jøsang, A., Maseng, T., Knapskog, S.J. (eds.) NordSec 2009. LNCS, vol. 5838, pp. 207–222. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  2. 2.
    Benzmüller, R.: MalwareReport: Half-yearly report (January-June 2012). Tech. rep., G Data SecurityLabs (2012)Google Scholar
  3. 3.
    Chaum, D., Carback, R., Clark, J., Essex, A., Popoveniuc, S., Rivest, R.L., Ryan, P.Y.A., Shen, E., Sherman, A.T., Vora, P.L.: Scantegrity II: End-to-end verifiability by voters of optical scan elections through confirmation codes. IEEE Transactions on Information Forensics and Security 4(4), 611–627 (2009)CrossRefGoogle Scholar
  4. 4.
    Chevallier, M., Warynski, M., Sandoz, A.: Success factors of Geneva’s e-voting system. Electronic Journal of e-Government 4(2), 71–78 (2006)Google Scholar
  5. 5.
    Cortier, V., Wiedling, C.: A formal analysis of the Norwegian E-voting protocol. In: Degano, P., Guttman, J.D. (eds.) POST 2012. LNCS, vol. 7215, pp. 109–128. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  6. 6.
    Gebhardt Stenerud, I.S., Bull, C.: When reality comes knocking–Norwegian experiences with verifiable electronic voting. In: 5th International Workshop on Electronic Voting, EVOTE 2012, Bregenz, Austria, pp. 21–33 (2012)Google Scholar
  7. 7.
    Gjøsteen, K.: Analysis of an internet voting protocol. IACR Cryptology ePrint Archive 2010/380 (2010)Google Scholar
  8. 8.
    Haenni, R., Koenig, R.E.: Voting over the Internet on an insecure platform. In: Design, Development, and Use of Secure Electronic Voting Systems. IGI Global (accepted, 2013)Google Scholar
  9. 9.
    Heiberg, S., Lipmaa, H., van Laenen, F.: On e-vote integrity in the case of malicious voter computers. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 373–388. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  10. 10.
    Helbach, J., Schwenk, J.: Secure internet voting with code sheets. In: Alkassar, A., Volkamer, M. (eds.) VOTE-ID 2007. LNCS, vol. 4896, pp. 166–177. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  11. 11.
    Helbach, J., Schwenk, J., Schäge, S.: Code voting with linkable group signatures. In: Krimmer, R., Grimm, R. (eds.) 3rd International Workshop on Electronic Voting, EVOTE 2008. Lecture Notes in Informatics, vol. P-131, pp. 209–222. Gesellschaft für Informatik E.V., Bregenz (2008)Google Scholar
  12. 12.
    Hubacher, I.: Management Demo: Intercepting SMS. Bachelor thesis, Bern University of Applied Sciences, Biel, Switzerland (2011)Google Scholar
  13. 13.
    Joaquim, R., Ribeiro, C., Ferreira, P.: Improving remote voting security with codeVoting. In: Chaum, D., Jakobsson, M., Rivest, R.L., Ryan, P.Y.A., Benaloh, J., Kutylowski, M., Adida, B. (eds.) Towards Trustworthy Elections. LNCS, vol. 6000, pp. 310–329. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  14. 14.
    Kalige, E., Burkey, D.: A case study of Eurograbber: How 36 million euros was stolen via malware. Tech. rep., Versafe & Check Point Software Technologie (2012)Google Scholar
  15. 15.
    Klaus, S., Brei, D.: Sicherheit von E-Banking auf Smart-Platforms. Bachelor thesis, Bern University of Applied Sciences, Biel, Switzerland (2013)Google Scholar
  16. 16.
    Lipmaa, H.: Two simple code-verification voting protocols. IACR Cryptology ePrint Archive 2011/317 (2011)Google Scholar
  17. 17.
    Meyer, U., Wetzel, S.: On the impact of GSM encryption and man-in-the-middle attacks on the security of interoperating GSM/UMTS networks. In: 15th IEEE International Symposium on Personal, Indoor and Mobile Radio Communications, PIMRC 2004, Barcelona, Spain, vol. 4, pp. 2876–2883 (2004)Google Scholar
  18. 18.
    Øberg, M.W.: Improving the Norwegian Internet Voting Protocol. Master’s thesis, Norwegian University of Science and Technology (2011)Google Scholar
  19. 19.
    Oppliger, R., Schwenk, J., Helbach, J.: Protecting code voting against vote selling. In: 4. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft für Informatik e.V., Sicherheit 2008, Saarbrücken, Germany, pp. 193–204 (2008)Google Scholar
  20. 20.
    Perez, D., Pico, J.: A practical attack against GPRS/EDGE/UMTS/HSPA mobile data communications. White paper, Taddong S.L. (2011)Google Scholar
  21. 21.
    Ryan, P.Y.A.: Prêt à voter with confirmation codes. In: Shacham, H., Teague, V. (eds.) Electronic Voting Technology Workshop/Workshop on Trustworthy Elections, EVT/WOTE 2011, San Francisco, USA (2011)Google Scholar
  22. 22.
    Ryan, P.Y.A., Teague, V.: Pretty good democracy. In: Christianson, B., Malcolm, J.A., Matyáš, V., Roe, M. (eds.) Security Protocols 2009. LNCS, vol. 7028, pp. 111–130. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  23. 23.
    Schläpfer, M., Volkamer, M.: The secure platform problem: Taxonomy and analysis of existing proposals to address this problem. In: 6th International Conference on Theory and Practice of Electronic Governance, ICEGOV 2012, Albany, USA (2012)Google Scholar
  24. 24.
    Song, Y., Zhou, K., Chen, X.: Fake BTS attacks of GSM system on software radio platform. Journal of Networks 7(2), 275–281 (2012)CrossRefGoogle Scholar
  25. 25.
    Spycher, O., Volkamer, M., Koenig, R.: Transparency and technical measures to establish trust in Norwegian Internet voting. In: Kiayias, A., Lipmaa, H. (eds.) VoteID 2011. LNCS, vol. 7187, pp. 19–35. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  26. 26.
    van den Broek, F.: Catching and Understanding GSM-Signals. Master’s thesis, Radboud University Nijmegen (2010)Google Scholar
  27. 27.
    von Bergen, P.: Analyse du code source de l’application d’e-voting de Genève. Project report, Bern University of Applied Sciences, Biel, Switzerland (2013)Google Scholar
  28. 28.
    Weigold, T., Hiltgen, A.: Secure confirmation of sensitive transaction data in modern Internet banking services. In: World Congress on Internet Security, WorldCIS 2011, London, U.K., pp. 125–132 (2011)Google Scholar
  29. 29.
    Weigold, T., Kramp, T., Hermann, R., Höring, F., Buhler, P., Baentsch, M.: The Zurich Trusted Information Channel – An efficient defence against man-in-the-middle and malicious software attacks. In: Lipp, P., Sadeghi, A.-R., Koch, K.-M. (eds.) Trust 2008. LNCS, vol. 4968, pp. 75–91. Springer, Heidelberg (2008)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Reto E. Koenig
    • 1
  • Philipp Locher
    • 1
  • Rolf Haenni
    • 1
  1. 1.Bern University of Applied SciencesBielSwitzerland

Personalised recommendations