Implementation-level Analysis of the JavaScript Helios Voting Client

Backes, Michael and Hammer, Christian and Pfaff, David and Skoruppa, Malte
(2016) Implementation-level Analysis of the JavaScript Helios Voting Client.
In: Proceedings of the 31st Annual ACM Symposium on Applied Computing - SAC 2016.

[img]
Preview
 Text
skoruppa_sac2016.pdf - Published Version
Download (979kB) | Preview

Abstract

We perform the first automated security analysis of the actual JavaScript implementation of the Helios voting client, a state-of-the-art, web-based, open-audit voting system that is continuously being deployed for real-life elections. While its concept has been exhaustively analyzed by the security community, we actively analyze its actual JavaScript implementation. Automatically ascertaining the security of a large-scale JavaScript implementation comes with major technical challenges. By creating a sequence of program transformations, we overcome these challenges, thereby making the Helios JavaScript client accessible to existing static analysis techniques. We then automatically analyze the transformed client using graph slicing, reducing an approximately 7 million node graph representing the information flow of the client’s implementation to a handful of potentially harmful flows, each individually consisting of less than 40 nodes. Our interpretation of this analysis results in the exposure of two thus far undiscovered vulnerabilities affecting the live version of Helios: a serious cross-site scripting attack leading to arbitrary script execution and a browser-dependent execution path that results in ballots being sent in plaintext. These attacks can be mitigated with minor adaptations to Helios. Moreover, our program transformations result in a version of Helios with fewer external dependencies and, accordingly, a reduced attack surface.

Item Type: Conference or Workshop Item (A Paper) (Paper)
Additional Information: pub_id: 870 Bibtex: BaHaPfSk_2016:Implementation URL date: None
Uncontrolled Keywords: evoting
Divisions: Cyber Security Lab (CSL)
Michael Backes (InfSec)
Depositing User: Sebastian Weisgerber
Date Deposited: 26 Jul 2017 10:30
Last Modified: 18 Jul 2019 12:10
Primary Research Area: NRA3: Threat Detection and Defenses
URI: https://publications.cispa.saarland/id/eprint/500

Actions

Actions (login required)

View Item View Item
CISPA is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.