Fixing the Achilles Heel of E-Voting: The Bulletin Board

Hirschi, Lucca; Schmid, Lara; Basin, David

doi:10.1109/csf51468.2021.00016

Cited by 17 publications

(15 citation statements)

References 46 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…8 However, as we recall next, this claim is not correct. Hirschi, Schmid, and Basin [37] demonstrate that PBB in Belenios needs to be trusted for verifiability (and to a limited degree for privacy). Moreover, Baloglu, Bursuc, Mauw, and Pang [3] present different attacks against verifiability of Belenios if EA or PBB, but not necessarily both of them, are corrupted.…”

Section: Conceptmentioning

confidence: 99%

SoK: Secure E-Voting with Everlasting Privacy

Haines

Mosaheb

Müller

et al. 2023

PoPETs

View full text Add to dashboard Cite

Vote privacy is a fundamental right, which needs to be protected not only during an election, or for a limited time afterwards, but for the foreseeable future. Numerous electronic voting (e-voting) protocols have been proposed to address this challenge, striving for everlasting privacy. This property guarantees that even computationally unbounded adversaries cannot break privacy of past elections. The broad interest in secure e-voting with everlasting privacy has spawned a large variety of protocols over the last three decades. These protocols differ in many aspects, in particular the precise security properties they aim for, the threat scenarios they consider, and the privacy-preserving techniques they employ. Unfortunately, these differences are often opaque, making analysis and comparison cumbersome. In order to overcome this non-transparent state of affairs, we systematically analyze all e-voting protocols designed to provide everlasting privacy. First, we illustrate the relations and dependencies between all these different protocols. Next, we analyze in depth which protocols do provide secure and efficient approaches to e-voting with everlasting privacy under realistic assumptions, and which ones do not. Eventually, based on our extensive and detailed treatment, we identify which research problems in this field have already been solved, and which ones are still open. Altogether, our work offers a well - founded reference point for conducting research on secure e - voting with everlasting privacy as well as for future - proofing privacy in real - world electronic elections.

show abstract

Section: Conceptmentioning

confidence: 99%

SoK: Secure E-Voting with Everlasting Privacy

Haines

Mosaheb

Müller

et al. 2023

PoPETs

View full text Add to dashboard Cite

show abstract

“…(*) Note Helios and the Estonian system could be easily adapted to complex ballots if they adopted a mixnet instead of homomorphic tallying. from the bulletin board once they are published, and every participant's final view of the WBB is identical [18,33] . In practice this means that we need the voter to have access to the WBB via a channel independent from the Client Device.…”

Section: Cryptographic Backgroundmentioning

confidence: 99%

Towards Verifiable Remote Voting with Paper Assurance

McMurtry¹,

Boyen²,

Culnane³

et al. 2021

Preprint

View full text Add to dashboard Cite

We propose a protocol for verifiable remote voting with paper assurance. It is intended to augment existing postal voting procedures, allowing a ballot to be electronically constructed, printed on paper, then returned in the post. It allows each voter to verify that their vote has been correctly cast, recorded and tallied by the Electoral Commission. The system is not endto-end verifiable, but does allow voters to detect manipulation by an adversary who controls either the voting device, or (the postal service and electoral commission) but not both. The protocol is not receipt-free, but if the client honestly follows the protocol (including possibly remembering everything), they cannot subsequently prove how they voted. Our proposal is the first to combine plain paper assurance with cryptographic verification in a (passively) receipt-free manner.

show abstract

“…Guaranteeing privacy in the face of such active adversaries is a common standard which (most) modern e-voting systems aim to provide. However, it turned out that numerous e-voting systems fall short of this goal in their respective threat scenarios, including seminal systems like Helios (see [7,10,18]), Civitas (see [24,27]), or Prêt à Voter (see [10]).…”

Section: Introductionmentioning

confidence: 99%

“…One of the most prominent classes of attacks against privacy-if not the most prominent one-are replay attacks (see, e.g., [7,13,18,19,24]) to which many e-voting systems have been proven vulnerable (e.g., [1,8,16,34,36,37]). Roughly speaking, a replay attack works as follows.…”

Section: Introductionmentioning

confidence: 99%

How Efficient are Replay Attacks against Vote Privacy? A Formal Quantitative Analysis

Mestel

Müller

Reisert

2022

2022 IEEE 35th Computer Security Foundations Symposium (CSF)

View full text Add to dashboard Cite

Replay attacks are among the most well-known attacks against vote privacy. Many e-voting systems have been proven vulnerable to replay attacks, including systems like Helios that are used in real practical elections.Despite their popularity, it is commonly believed that replay attacks are inefficient but the actual threat that they pose to vote privacy has never been studied formally. Therefore, in this paper, we precisely analyze for the first time how efficient replay attacks really are.We study this question from commonly used and complementary perspectives on vote privacy, showing as an independent contribution that a simple extension of a popular game-based privacy definition corresponds to a strong entropy-based notion.Our results demonstrate that replay attacks can be devastating for a voter's privacy even when an adversary's resources are very limited. We illustrate our formal findings by applying them to a number of real-world elections, showing that a modest number of replays can result in significant privacy loss. Overall, our work reveals that, contrary to a common belief, replay attacks can be very efficient and must therefore be considered a serious threat.

show abstract

Fixing the Achilles Heel of E-Voting: The Bulletin Board

Cited by 17 publications

References 46 publications

SoK: Secure E-Voting with Everlasting Privacy

SoK: Secure E-Voting with Everlasting Privacy

Towards Verifiable Remote Voting with Paper Assurance

How Efficient are Replay Attacks against Vote Privacy? A Formal Quantitative Analysis

Contact Info

Product

Resources

About