Kleptographic Attacks on E-Voting Schemes

  • Marcin Gogolewski
  • Marek Klonowski
  • Przemysław Kubiak
  • Mirosław Kutyłowski
  • Anna Lauks
  • Filip Zagórski
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3995)

Abstract

We analyze electronic voting schemes and show that in many cases it is quite easy to implement a kleptographic channel, which is a profound danger for electronic voting systems. We show serious problems with Neff’s scheme. We present also attacks on Chaum’s visual voting scheme and some related schemes, which work at least when implementation is not careful enough.

Keywords

kleptography electronic voting receipt voting coercion election integrity verifiable pseudo-randomness 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Boneh, D., Durfee, G., Frankel, Y.: An attack on RSA given a small fraction of the private key bits. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 25–34. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  2. 2.
    Chaum, D.: Secret-ballot receipts: True voter-verifiable elections. IEEE Security and Privacy Magazine 2(1), 38–47 (2004)CrossRefGoogle Scholar
  3. 3.
    Chaum, D., Ryan, P.Y.A., Schneider, S.: A Practical Voter-Verifiable Election Scheme. In: di Vimercati, S.d.C., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 118–139. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  4. 4.
    Davida, G.I.: Chosen signature cryptanalysis of the RSA public key cryptosystem. Technical Report TR-CS-82-2, Dept of EECS, University of Wisconsin, Milwaukee, (1982) Available from, http://www.uwm.edu/~davida/papers/chosen/
  5. 5.
    Haber, S., Stornetta, W.S.: How to time-stamp a digital document. Journal of Cryptology 3(2), 99–111 (1991)CrossRefMATHGoogle Scholar
  6. 6.
    Karlof, C., Sastry, N., Wagner, D.: Cryptographic voting protocols: A systems perspective. In: USENIX Security Symposium, pp. 33–50 (2005)Google Scholar
  7. 7.
    Klonowski, M., Kutyłowski, M., Lauks, A., Zagórski, F.: A Practical Voting Scheme with Receipts. In: Zhou, J., López, J., Deng, R.H., Bao, F. (eds.) ISC 2005. LNCS, vol. 3650, pp. 490–497. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  8. 8.
    Knuth, D.E.: The Art of Computer Programming: Seminumerical Algorithms, 3rd edn., vol. 2. Addison-Wesley, Reading (1998)MATHGoogle Scholar
  9. 9.
    Koldehofe, B.: Simple gossiping with balls and bins. Stud. Inform. Univ. 3(1), 43–60 (2004)Google Scholar
  10. 10.
    Mercuri, R.: Government: a better ballot box? IEEE Spectr. 39(10), 46–50 (2002)CrossRefGoogle Scholar
  11. 11.
    Miller, V.S.: Use of Elliptic Curves in Cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986)Google Scholar
  12. 12.
    Andrew Neff, C.: Detecting malicious poll site voting clients (September 2003) [cited 10 January 2006] Available from, http://www.votehere.com/vhti/documentation
  13. 13.
    Andrew Neff, C.: Practical high certainty intent verification for encrypted votes (October 2004) [cited 10 January 2006] Available from, http://www.votehere.com/vhti/documentation
  14. 14.
    Andrew Neff, C.: Verifiable mixing (shuffling) of ElGamal pairs. (April 2004) [cited 03 March 2006] Available from, http://www.votehere.com/vhti/documentation
  15. 15.
    Rivest, R.L.: Voting resource page. [cited 10 January 2006] Available from, http://theory.lcs.mit.edu/~rivest/voting/index.html
  16. 16.
    Ryan, P.: Socio-technical trade-offs in cryptographic voting schemes. In: Workshop on Electronic Voting and e-Government in the UK. Slides, 27th–28th February (2006) Available from, http://www.nesc.ac.uk/action/esi/contribution.cfm?Title=639
  17. 17.
    Ryan, P.Y.A., Peacock, T.: Prêt à voter: a systems perspective. Technical Report 929, University of Newcastle upon Tyne, School of Computing Science (September 2005) Available from, http://www.cs.ncl.ac.uk/research/pubs/trs/papers/929.pdf
  18. 18.
    Vanstone, S.A., Mullin, R.C., Agnew, G.B.: Elliptic curve encryption systems. US patent 6141420 (October 2000) Available from, http://patft.uspto.gov/netacgi/nph-Parser?patentnumber=6,141,420
  19. 19.
    Clint Curtis affidavit. [cited 10 January 2006] Available from, http://www.buzzflash.com/alerts/04/12/images/CC_Affidavit_120604.pdf
  20. 20.
    The e-voting machine fraud. [cited 10 January 2006] Available from, http://www.linkcrusader.com/vote_machines.htm
  21. 21.
    The e-voting project web page. [cited 10 January 2006] Available from, http://e-voting.im.pwr.wroc.pl.
  22. 22.
    Young, A., Yung, M.: The Dark Side of “Black-Box” Cryptography, or: Should We Trust Capstone? In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 89–103. Springer, Heidelberg (1996)Google Scholar
  23. 23.
    Young, A., Yung, M.: Kleptography: Using cryptography against cryptography. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 62–74. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  24. 24.
    Young, A., Yung, M.: Bandwidth-optimal kleptographic attacks. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 235–250. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  25. 25.
    Young, A., Yung, M.: Malicious cryptography: Kleptographic aspects. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 7–18. Springer, Heidelberg (2005)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Marcin Gogolewski
    • 1
  • Marek Klonowski
    • 2
  • Przemysław Kubiak
    • 2
  • Mirosław Kutyłowski
    • 2
  • Anna Lauks
    • 2
  • Filip Zagórski
    • 2
  1. 1.Faculty of Mathematics and Computer ScienceAdam Mickiewicz UniversityPoland
  2. 2.Institute of Mathematics and Computer ScienceWrocław University of TechnologyPoland

Personalised recommendations