Hardware-based attacks to compromise the cryptographic security of an election system

Abstract

We present our experiences in implementing hardware-based attacks to subvert the results of an election system. The election system was outlined by the Cyber Security Awareness Week (CSAW) Embedded Security Challenge (ESC) competition in 2015, held at the New York University (NYU). The system had multiple layers of security and primarily used homomorphic encryption. The competition presented a challenge to hack the election system such that a preferred candidate wins the election. We cryptanalyzed the given election system to evaluate the effectiveness of various theoretical and practical attacks, and used a custom designed embedded system to demonstrate our attacks. The embedded system was implemented on a Nexys 4 DDR Artix-7 FPGA board. Our work, which earned the first place in the competition, demonstrates that low-cost hardware-based attacks can indeed lead to catastrophic consequences.