Attacking and fixing Helios: An analysis of ballot secrecy
Identifieur interne : 001726 ( Main/Exploration ); précédent : 001725; suivant : 001727Attacking and fixing Helios: An analysis of ballot secrecy
Auteurs : Véronique Cortier [France] ; Ben Smyth [France]Source :
- Journal of computer security [ 0926-227X ] ; 2013.
Descripteurs français
- Pascal (Inist)
- Wicri :
English descriptors
- KwdEn :
Abstract
Helios 2.0 is an open-source web-based end-to-end verifiable electronic voting system, suitable for use in low-coercion environments. In this article, we analyse ballot secrecy in Helios and discover a vulnerability which allows an adversary to compromise the privacy of voters. The vulnerability exploits the absence of ballot independence in Helios and works by replaying a voter's ballot or a variant of it, the replayed ballot magnifies the voter's contribution to the election outcome and this magnification can be used to violated privacy. We demonstrate the practicality of the attack by violating a voter's privacy in a mock election using the software implementation of Helios. Moreover, the feasibility of an attack is considered in the context of French legislative elections and, based upon our findings, we believe it constitutes a real threat to ballot secrecy. We present a fix and show that our solution satisfies a formal definition of ballot secrecy using the applied pi calculus. Furthermore, we present similar vulnerabilities in other electronic voting protocols - namely, the schemes by Lee et al., Sako and Kilian and Schoenmakers- which do not assure ballot independence. Finally, we argue that independence and privacy properties are unrelated, and non-malleability is stronger than independence.
Affiliations:
Links toward previous steps (curation, corpus...)
- to stream PascalFrancis, to step Corpus: 000086
- to stream PascalFrancis, to step Curation: 000921
- to stream PascalFrancis, to step Checkpoint: 000073
- to stream Main, to step Merge: 001744
- to stream Main, to step Curation: 001726
Le document en format XML
<record><TEI><teiHeader><fileDesc><titleStmt><title xml:lang="en" level="a">Attacking and fixing Helios: An analysis of ballot secrecy</title><author><name sortKey="Cortier, Veronique" sort="Cortier, Veronique" uniqKey="Cortier V" first="Véronique" last="Cortier">Véronique Cortier</name><affiliation wicri:level="1"><inist:fA14 i1="01"><s1>CNRS, Loria, UMR 7503</s1><s2>Vandœuvre</s2><s3>FRA</s3><sZ>1 aut.</sZ></inist:fA14><country>France</country><wicri:noRegion>Vandœuvre</wicri:noRegion><wicri:noRegion>UMR 7503</wicri:noRegion><wicri:noRegion>Vandœuvre</wicri:noRegion></affiliation></author><author><name sortKey="Smyth, Ben" sort="Smyth, Ben" uniqKey="Smyth B" first="Ben" last="Smyth">Ben Smyth</name><affiliation wicri:level="3"><inist:fA14 i1="02"><s1>INRIA Paris-Rocquencourt</s1><s2>Paris</s2><s3>FRA</s3><sZ>2 aut.</sZ></inist:fA14><country>France</country><placeName><region type="region">Île-de-France</region><region type="old region">Île-de-France</region><settlement type="city">Paris</settlement></placeName></affiliation></author></titleStmt><publicationStmt><idno type="wicri:source">INIST</idno><idno type="inist">13-0145410</idno><date when="2013">2013</date><idno type="stanalyst">PASCAL 13-0145410 INIST</idno><idno type="RBID">Pascal:13-0145410</idno><idno type="wicri:Area/PascalFrancis/Corpus">000086</idno><idno type="wicri:Area/PascalFrancis/Curation">000921</idno><idno type="wicri:Area/PascalFrancis/Checkpoint">000073</idno><idno type="wicri:explorRef" wicri:stream="PascalFrancis" wicri:step="Checkpoint">000073</idno><idno type="wicri:doubleKey">0926-227X:2013:Cortier V:attacking:and:fixing</idno><idno type="wicri:Area/Main/Merge">001744</idno><idno type="wicri:Area/Main/Curation">001726</idno><idno type="wicri:Area/Main/Exploration">001726</idno></publicationStmt><sourceDesc><biblStruct><analytic><title xml:lang="en" level="a">Attacking and fixing Helios: An analysis of ballot secrecy</title><author><name sortKey="Cortier, Veronique" sort="Cortier, Veronique" uniqKey="Cortier V" first="Véronique" last="Cortier">Véronique Cortier</name><affiliation wicri:level="1"><inist:fA14 i1="01"><s1>CNRS, Loria, UMR 7503</s1><s2>Vandœuvre</s2><s3>FRA</s3><sZ>1 aut.</sZ></inist:fA14><country>France</country><wicri:noRegion>Vandœuvre</wicri:noRegion><wicri:noRegion>UMR 7503</wicri:noRegion><wicri:noRegion>Vandœuvre</wicri:noRegion></affiliation></author><author><name sortKey="Smyth, Ben" sort="Smyth, Ben" uniqKey="Smyth B" first="Ben" last="Smyth">Ben Smyth</name><affiliation wicri:level="3"><inist:fA14 i1="02"><s1>INRIA Paris-Rocquencourt</s1><s2>Paris</s2><s3>FRA</s3><sZ>2 aut.</sZ></inist:fA14><country>France</country><placeName><region type="region">Île-de-France</region><region type="old region">Île-de-France</region><settlement type="city">Paris</settlement></placeName></affiliation></author></analytic><series><title level="j" type="main">Journal of computer security</title><title level="j" type="abbreviated">J. comput. secur.</title><idno type="ISSN">0926-227X</idno><imprint><date when="2013">2013</date></imprint></series></biblStruct></sourceDesc><seriesStmt><title level="j" type="main">Journal of computer security</title><title level="j" type="abbreviated">J. comput. secur.</title><idno type="ISSN">0926-227X</idno></seriesStmt></fileDesc><profileDesc><textClass><keywords scheme="KwdEn" xml:lang="en"><term>Computer security</term><term>Concurrency</term><term>Confidentiality</term><term>Electronic government</term><term>Electronic vote</term><term>Feasibility</term><term>Formal specification</term><term>Internet</term><term>Legislation</term><term>Magnification</term><term>Open source software</term><term>Private life</term><term>Transmission protocol</term><term>Vulnerability</term><term>World wide web</term><term>pi calculus</term></keywords><keywords scheme="Pascal" xml:lang="fr"><term>Sécurité informatique</term><term>Vote électronique</term><term>Logiciel libre</term><term>Internet</term><term>Administration électronique</term><term>Vie privée</term><term>Faisabilité</term><term>Spécification formelle</term><term>Simultanéité informatique</term><term>Protocole transmission</term><term>Confidentialité</term><term>Réseau web</term><term>Vulnérabilité</term><term>Grossissement</term><term>Législation</term><term>pi calcul</term><term>.</term></keywords><keywords scheme="Wicri" type="topic" xml:lang="fr"><term>Vote électronique</term><term>Administration électronique</term><term>Confidentialité</term><term>Législation</term></keywords></textClass></profileDesc></teiHeader><front><div type="abstract" xml:lang="en">Helios 2.0 is an open-source web-based end-to-end verifiable electronic voting system, suitable for use in low-coercion environments. In this article, we analyse ballot secrecy in Helios and discover a vulnerability which allows an adversary to compromise the privacy of voters. The vulnerability exploits the absence of ballot independence in Helios and works by replaying a voter's ballot or a variant of it, the replayed ballot magnifies the voter's contribution to the election outcome and this magnification can be used to violated privacy. We demonstrate the practicality of the attack by violating a voter's privacy in a mock election using the software implementation of Helios. Moreover, the feasibility of an attack is considered in the context of French legislative elections and, based upon our findings, we believe it constitutes a real threat to ballot secrecy. We present a fix and show that our solution satisfies a formal definition of ballot secrecy using the applied pi calculus. Furthermore, we present similar vulnerabilities in other electronic voting protocols - namely, the schemes by Lee et al., Sako and Kilian and Schoenmakers- which do not assure ballot independence. Finally, we argue that independence and privacy properties are unrelated, and non-malleability is stronger than independence.</div></front></TEI><affiliations><list><country><li>France</li></country><region><li>Île-de-France</li></region><settlement><li>Paris</li></settlement></list><tree><country name="France"><noRegion><name sortKey="Cortier, Veronique" sort="Cortier, Veronique" uniqKey="Cortier V" first="Véronique" last="Cortier">Véronique Cortier</name></noRegion><name sortKey="Smyth, Ben" sort="Smyth, Ben" uniqKey="Smyth B" first="Ben" last="Smyth">Ben Smyth</name></country></tree></affiliations></record>Pour manipuler ce document sous Unix (Dilib)
EXPLOR_STEP=$WICRI_ROOT/Wicri/Lorraine/explor/InforLorV4/Data/Main/Exploration
HfdSelect -h $EXPLOR_STEP/biblio.hfd -nk 001726 | SxmlIndent | more
Ou
HfdSelect -h $EXPLOR_AREA/Data/Main/Exploration/biblio.hfd -nk 001726 | SxmlIndent | more
Pour mettre un lien sur cette page dans le réseau Wicri
{{Explor lien
|wiki= Wicri/Lorraine
|area= InforLorV4
|flux= Main
|étape= Exploration
|type= RBID
|clé= Pascal:13-0145410
|texte= Attacking and fixing Helios: An analysis of ballot secrecy
}}
| This area was generated with Dilib version V0.6.33. |  |