Abstract
It is widely recognised that the security of even the best-designed technical systems can be undermined by socio-technical weaknesses that stem from implementation flaws, environmental factors that violate (often implicit) assumptions and human fallibility. This is especially true of cryptographic voting systems, which typically have a large user base and are used infrequently.
In the spirit of the this observation, Karlof et al [11] have performed an analysis of the Chaum [5] and Neff [18] schemes from the “systems perspective”. By stepping outside the purely technical, protocol specifications, they identify a number of potential vulnerabilities of these schemes. In this paper, we perform a similar analysis of the Prêt à Voter [6].
Firstly, we examine the extent to which the vulnerabilities identified in [11] apply to Prêt à Voter. We then describe some further vulnerabilities and threats not identified in [11]. Some of these, such as chain-voting attacks, do not apply to the Chaum or Neff schemes, but are a potential threat in Prêt à Voter, or indeed any crypto system with pre-printed ballot forms. Where appropriate, we propose enhancements and counter-measures.
Our analysis shows that Prêt à Voter is remarkably robust against a large class of socio-technical vulnerabilities, including those described in [11].
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Votehere, http://www.votehere.net/default.php
The trouble with technology. The Economist, September 16 (2004)
Bannet, J., Price, W., Rudys, A., Singer, J., Wallach, D.: Hack-a-vote: Security issues with electronic voting systems. IEEE Security and Privacy 2(1) (January/February 2004)
Bryans, J., Ryan, P.Y.A.: A dependability analysis of the chaum voting scheme. Technical Report CS-TR-809, University of Newcastle upon Tyne (2003)
Chaum, D.: Secret-ballot receipts: True voter-verifiable elections. IEEE Security and Privacy 2(1), 38–47 (2004)
Chaum, D., Ryan, P.Y.A., Schneider, S.: A practical, voter-verifiable election scheme. In: di Vimercati, S.d.C., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 118–139. Springer, Heidelberg (2005)
Fujioka, A., Okamoto, T., Ohta, K.: A practical secret voting scheme for large scale elections. In: Workshop on the Theory and Application of Cryptographic Techniques: Advances in Cryptology, pp. 244–251. ACM, New York (1992)
Gerck, E.: Instant lottery cards too, re: reading pins in ‘secure’ mailers without opening them (2005), http://www.mail-archive.com/cryptography
Gogolewski, M., Klonowski, M., Kubiak, P., Kutylowski, M., Lauks, A., Zagorski, F.: Kleptographic attacks on e-election schemes with receipts. In: Müller, G. (ed.) ETRICS 2006. LNCS, vol. 3995, pp. 494–508. Springer, Heidelberg (2006)
Jones, D.W.: A brief illustrated history of voting (2003), http://www.cs.uiowa.edo/~jones/voting/pictures
Karlof, C., Sastry, N., Wagner, D.: Cryptographic voting protocols: A systems perspective. In: USENIX Security Symposium (2005)
Kohno, T., Stubblefield, A., Rubin, A.D., Wallach, D.S.: Analysis of an electronic voting system. In: Symposium on Security and Privacy. IEEE, Los Alamitos (2004)
Kremer, S., Ryan, M.: Analysis of an electronic voting protocol in the applied pi-calculus. In: Sagiv, M. (ed.) ESOP 2005. LNCS, vol. 3444, pp. 186–200. Springer, Heidelberg (2005)
Lauer, T.W.: The risk of e-voting. Electronic Journal of e-Government 2(3) (December 2004)
Mercuri, R.: A better ballot box? IEEE Spectrum Online (October 2002)
Naor, M., Shamir, A.: Visual cryptography. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 1–12. Springer, Heidelberg (1994)
Neff, A.: A verifiable secret shuffle and its application to e-voting. In: Conference on Computer and Communications Security, pp. 116–125. ACM, New York (2001)
Neff, A.: Practical high certainty intent verification for encrypted votes (2004), http://www.votehere.net/documentation/vhti
Neff, A.: Verifiable mixing (shuffling) of el-gamal pairs (2004), http://www.votehere.net/documentation/vhti
Randell, B., Ryan, P.Y.A.: Voting technologies and trust. IEEE Security & Privacy (2005) (to appear)
Ryan, P.Y.A.: Towards a dependability case for the chaum voting scheme. In: DIMACS Workshop on Electronic Voting – Theory and Practice (2004)
Ryan, P.Y.A.: Putting the human back in voting protocols. In: Christianson, B. (ed.) Security Protocols 2006. LNCS, vol. 5087, pp. 20–25. Springer, Heidelberg (2009)
Ryan, P.Y.A., Peacock, T.: Prêt à voter: a systems perspective. Technical Report CS-TR-929, University of Newcastle upon Tyne (2005)
Ryan, P.Y.A., Schneider, S.A.: Prêt à voter with re-encryption mixes. Technical Report CS-TR-956, University of Newcastle upon Tyne (2006)
Young, A., Yung, M.: The dark side of “Black-box” cryptography, or: Should we trust capstone? In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 89–103. Springer, Heidelberg (1996)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Ryan, P.Y.A., Peacock, T. (2010). A Threat Analysis of Prêt à Voter. In: Chaum, D., et al. Towards Trustworthy Elections. Lecture Notes in Computer Science, vol 6000. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-12980-3_12
Download citation
DOI: https://doi.org/10.1007/978-3-642-12980-3_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-12979-7
Online ISBN: 978-3-642-12980-3
eBook Packages: Computer ScienceComputer Science (R0)