Attacks on RFID-Based Electronic Voting Systems.

Yossef Oren, Avishai Wool

Research output: Contribution to journalArticlepeer-review


Many secure systems, such as contactless credit cards and
secure entrance systems, are built with contactless smartcard RFID technologies. In many cases these systems are claimed to be secure based on
the assumption that readers and tags need to be in close proximity (about
5cm) in order to communicate. However, it is known that this proximity
assumption is false: Relay attacks are a class of hardware-based attacks
which compromise the safety of such systems by dramatically extending
the interrogation range of the contactless system. Interestingly, the proposed Israeli e-voting scheme is based on contactless smartcards. In this
work we show how the proposed system can be completely compromised
using low-cost relay attacks. Our attacks allow an adversary to read out
all votes already cast into the ballot box, supress the votes of one or several voters, rewrite votes at will and even completely disqualify all votes
in a single voting station. Our attacks are easy to mount, very difficult
to detect, and compromise both the confidentiality and the integrity of
the election system.
Original languageEnglish GB
Pages (from-to)422
Number of pages1
JournalIACR Cryptology ePrint Archive
StatePublished - 2009


Dive into the research topics of 'Attacks on RFID-Based Electronic Voting Systems.'. Together they form a unique fingerprint.

Cite this