Trust Implications of DDoS Protection in Online Elections

TL;DR

This paper explores how DDoS protection in online elections affects trust, revealing complex security risks and the tension between ensuring availability and maintaining trust in cloud-based election infrastructure.

Contribution

It analyzes real-world election deployment to identify security vulnerabilities and discusses the fundamental trust-availability trade-off in online election systems.

Findings

Identified attack scenarios including potential man-in-the-middle attacks.

Highlighted the security risks associated with cloud-based DDoS mitigation.

Showed the complex interactions between actors and infrastructure in online elections.

Abstract

Online elections make a natural target for distributed denial of service attacks. Election agencies wary of disruptions to voting may procure DDoS protection services from a cloud provider. However, current DDoS detection and mitigation methods come at the cost of significantly increased trust in the cloud provider. In this paper we examine the security implications of denial-of-service prevention in the context of the 2017 state election in Western Australia, revealing a complex interaction between actors and infrastructure extending far beyond its borders. Based on the publicly observable properties of this deployment, we outline several attack scenarios including one that could allow a nation state to acquire the credentials necessary to man-in-the-middle a foreign election in the context of an unrelated domestic law enforcement or national security operation, and we argue that a fundamental tension currently exists between trust and availability in online elections.