An attack against the Helios election system that exploits re-voting
نویسندگان
چکیده
Election systems must ensure that representatives are chosen by voters. Moreover, each voter should have equal influence. Traditionally, this has been achieved by permitting voters to cast at most one ballot. More recently, this has been achieved by counting the last ballot cast by each voter. We show that the Helios election system fails to achieve this, because an adversary can cause a ballot other than a voter’s last to be counted. Moreover, we show how the adversary can choose the contents of such ballots, thus the adversary can unduly influence the selection of representatives.
منابع مشابه
Practical Attacks on Cryptographically End-to-end Verifiable Internet Voting Systems
Cryptographic end-to-end verifiable voting technologies concern themselves with the provision of a more trustworthy, transparent, and robust elections. To provide voting systems with more transparency and accountability throughout the process while preserving privacy which allows voters to express their true intent. Helios Voting is one of these systems—an online platform where anyone can easil...
متن کاملExploiting the Client Vulnerabilities in Internet E-voting Systems: Hacking Helios 2.0 as an Example
Helios is a web-based open-audit voting system designed using state of the art web technologies and advanced cryptographic techniques to provide integrity of ballots and voter secrecy in an insecure Internet environment. In this paper, we demonstrate a simple attack against Helios 2.0 that takes advantage of the fact that every candidate in Helios can provide a URL referring to his/her candidac...
متن کاملElecting a University President using Open-Audit Voting: Analysis of real-world use of Helios (extended abstract)
In March 2009, the Université catholique de Louvain elected its President using a custom deployment of the Helios web-based openaudit voting system. Out of 25,000 potential voters, 5000 registered, and almost 4000 voted in each round of the election. The precision of the voting system turned out to be crucial: in the first round, the leader came short of winning the election by only 2 votes. In...
متن کاملReplay attacks that violate ballot secrecy in Helios
Helios 2.0 is a web-based end-to-end verifiable electronic voting system, suitable for use in low-coercion environments. In this paper we identify a vulnerability in Helios which allows an adversary to compromise the privacy of voters whom cast abstention votes. The vulnerability can be attributed to the absence of ballot independence and the use of homomorphic ElGamal encryption, in particular...
متن کاملAn Ant Colony Optimization Algorithm for Network Vulnerability Analysis
Intruders often combine exploits against multiple vulnerabilities in order to break into the system. Each attack scenario is a sequence of exploits launched by an intruder that leads to an undesirable state such as access to a database, service disruption, etc. The collection of possible attack scenarios in a computer network can be represented by a directed graph, called network attack gra...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2016