Abstract
It is widely recognised that the security of even the best-designed technical systems can be undermined by socio-technical weaknesses that stem from implementation flaws, environmental factors that violate (often implicit) assumptions and human fallibility. This is especially true of cryptographic voting systems, which typically have a large user base and are used infrequently.
In the spirit of the this observation, Karlof et al [11] have performed an analysis of the Chaum [5] and Neff [18] schemes from the “systems perspective”. By stepping outside the purely technical, protocol specifications, they identify a number of potential vulnerabilities of these schemes. In this paper, we perform a similar analysis of the Prêt à Voter [6].
Firstly, we examine the extent to which the vulnerabilities identified in [11] apply to Prêt à Voter. We then describe some further vulnerabilities and threats not identified in [11]. Some of these, such as chain-voting attacks, do not apply to the Chaum or Neff schemes, but are a potential threat in Prêt à Voter, or indeed any crypto system with pre-printed ballot forms. Where appropriate, we propose enhancements and counter-measures.
Our analysis shows that Prêt à Voter is remarkably robust against a large class of socio-technical vulnerabilities, including those described in [11].
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Votehere, http://www.votehere.net/default.php
The trouble with technology. The Economist, September 16 (2004)
Bannet, J., Price, W., Rudys, A., Singer, J., Wallach, D.: Hack-a-vote: Security issues with electronic voting systems. IEEE Security and Privacy 2(1) (January/February 2004)
Bryans, J., Ryan, P.Y.A.: A dependability analysis of the chaum voting scheme. Technical Report CS-TR-809, University of Newcastle upon Tyne (2003)
Chaum, D.: Secret-ballot receipts: True voter-verifiable elections. IEEE Security and Privacy 2(1), 38–47 (2004)
Chaum, D., Ryan, P.Y.A., Schneider, S.: A practical, voter-verifiable election scheme. In: di Vimercati, S.d.C., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 118–139. Springer, Heidelberg (2005)
Fujioka, A., Okamoto, T., Ohta, K.: A practical secret voting scheme for large scale elections. In: Workshop on the Theory and Application of Cryptographic Techniques: Advances in Cryptology, pp. 244–251. ACM, New York (1992)
Gerck, E.: Instant lottery cards too, re: reading pins in ‘secure’ mailers without opening them (2005), http://www.mail-archive.com/cryptography
Gogolewski, M., Klonowski, M., Kubiak, P., Kutylowski, M., Lauks, A., Zagorski, F.: Kleptographic attacks on e-election schemes with receipts. In: Müller, G. (ed.) ETRICS 2006. LNCS, vol. 3995, pp. 494–508. Springer, Heidelberg (2006)
Jones, D.W.: A brief illustrated history of voting (2003), http://www.cs.uiowa.edo/~jones/voting/pictures
Karlof, C., Sastry, N., Wagner, D.: Cryptographic voting protocols: A systems perspective. In: USENIX Security Symposium (2005)
Kohno, T., Stubblefield, A., Rubin, A.D., Wallach, D.S.: Analysis of an electronic voting system. In: Symposium on Security and Privacy. IEEE, Los Alamitos (2004)
Kremer, S., Ryan, M.: Analysis of an electronic voting protocol in the applied pi-calculus. In: Sagiv, M. (ed.) ESOP 2005. LNCS, vol. 3444, pp. 186–200. Springer, Heidelberg (2005)
Lauer, T.W.: The risk of e-voting. Electronic Journal of e-Government 2(3) (December 2004)
Mercuri, R.: A better ballot box? IEEE Spectrum Online (October 2002)
Naor, M., Shamir, A.: Visual cryptography. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 1–12. Springer, Heidelberg (1994)
Neff, A.: A verifiable secret shuffle and its application to e-voting. In: Conference on Computer and Communications Security, pp. 116–125. ACM, New York (2001)
Neff, A.: Practical high certainty intent verification for encrypted votes (2004), http://www.votehere.net/documentation/vhti
Neff, A.: Verifiable mixing (shuffling) of el-gamal pairs (2004), http://www.votehere.net/documentation/vhti
Randell, B., Ryan, P.Y.A.: Voting technologies and trust. IEEE Security & Privacy (2005) (to appear)
Ryan, P.Y.A.: Towards a dependability case for the chaum voting scheme. In: DIMACS Workshop on Electronic Voting – Theory and Practice (2004)
Ryan, P.Y.A.: Putting the human back in voting protocols. In: Christianson, B. (ed.) Security Protocols 2006. LNCS, vol. 5087, pp. 20–25. Springer, Heidelberg (2009)
Ryan, P.Y.A., Peacock, T.: Prêt à voter: a systems perspective. Technical Report CS-TR-929, University of Newcastle upon Tyne (2005)
Ryan, P.Y.A., Schneider, S.A.: Prêt à voter with re-encryption mixes. Technical Report CS-TR-956, University of Newcastle upon Tyne (2006)
Young, A., Yung, M.: The dark side of “Black-box” cryptography, or: Should we trust capstone? In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 89–103. Springer, Heidelberg (1996)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Ryan, P.Y.A., Peacock, T. (2010). A Threat Analysis of Prêt à Voter. In: Chaum, D., et al. Towards Trustworthy Elections. Lecture Notes in Computer Science, vol 6000. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-12980-3_12
Download citation
DOI: https://doi.org/10.1007/978-3-642-12980-3_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-12979-7
Online ISBN: 978-3-642-12980-3
eBook Packages: Computer ScienceComputer Science (R0)