Cryptographic vote-stealing attacks against a partially homomorphic e-voting architecture

Nektarios Georgios Tsoutsos, Mihalis Maniatakos

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Electronic voting plays an increasingly important role in the democratic process in the US and other countries. As technology continues to advance, the security and privacy requirements of contemporary voting platforms become even more strict, and several voting protocols have been proposed. At the same time, homomorphic encryption offers powerful primitives that allow provable guarantees of security. In this paper, we analyze the security of a partially homomorphic electronic voting architecture and describe a vote-stealing attack by exploiting a length-extension vulnerability in the message authentication component of the system. Our attack scales with the public key parameters of the homomorphic encryption scheme and does not require any exhaustive search for secret keys or initialization vectors.

Original languageEnglish (US)
Title of host publicationProceedings of the 34th IEEE International Conference on Computer Design, ICCD 2016
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages157-160
Number of pages4
ISBN (Electronic)9781509051427
DOIs
StatePublished - Nov 22 2016
Event34th IEEE International Conference on Computer Design, ICCD 2016 - Scottsdale, United States
Duration: Oct 2 2016Oct 5 2016

Other

Other34th IEEE International Conference on Computer Design, ICCD 2016
CountryUnited States
CityScottsdale
Period10/2/1610/5/16

Fingerprint

Cryptography
Authentication

ASJC Scopus subject areas

  • Hardware and Architecture

Cite this

Tsoutsos, N. G., & Maniatakos, M. (2016). Cryptographic vote-stealing attacks against a partially homomorphic e-voting architecture. In Proceedings of the 34th IEEE International Conference on Computer Design, ICCD 2016 (pp. 157-160). [7753275] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ICCD.2016.7753275

Cryptographic vote-stealing attacks against a partially homomorphic e-voting architecture. / Tsoutsos, Nektarios Georgios; Maniatakos, Mihalis.

Proceedings of the 34th IEEE International Conference on Computer Design, ICCD 2016. Institute of Electrical and Electronics Engineers Inc., 2016. p. 157-160 7753275.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Tsoutsos, NG & Maniatakos, M 2016, Cryptographic vote-stealing attacks against a partially homomorphic e-voting architecture. in Proceedings of the 34th IEEE International Conference on Computer Design, ICCD 2016., 7753275, Institute of Electrical and Electronics Engineers Inc., pp. 157-160, 34th IEEE International Conference on Computer Design, ICCD 2016, Scottsdale, United States, 10/2/16. https://doi.org/10.1109/ICCD.2016.7753275
Tsoutsos NG, Maniatakos M. Cryptographic vote-stealing attacks against a partially homomorphic e-voting architecture. In Proceedings of the 34th IEEE International Conference on Computer Design, ICCD 2016. Institute of Electrical and Electronics Engineers Inc. 2016. p. 157-160. 7753275 https://doi.org/10.1109/ICCD.2016.7753275
Tsoutsos, Nektarios Georgios ; Maniatakos, Mihalis. / Cryptographic vote-stealing attacks against a partially homomorphic e-voting architecture. Proceedings of the 34th IEEE International Conference on Computer Design, ICCD 2016. Institute of Electrical and Electronics Engineers Inc., 2016. pp. 157-160
@inproceedings{3d5abe6a75f5440cb7572e38fdb974a4,
title = "Cryptographic vote-stealing attacks against a partially homomorphic e-voting architecture",
abstract = "Electronic voting plays an increasingly important role in the democratic process in the US and other countries. As technology continues to advance, the security and privacy requirements of contemporary voting platforms become even more strict, and several voting protocols have been proposed. At the same time, homomorphic encryption offers powerful primitives that allow provable guarantees of security. In this paper, we analyze the security of a partially homomorphic electronic voting architecture and describe a vote-stealing attack by exploiting a length-extension vulnerability in the message authentication component of the system. Our attack scales with the public key parameters of the homomorphic encryption scheme and does not require any exhaustive search for secret keys or initialization vectors.",
author = "Tsoutsos, {Nektarios Georgios} and Mihalis Maniatakos",
year = "2016",
month = "11",
day = "22",
doi = "10.1109/ICCD.2016.7753275",
language = "English (US)",
pages = "157--160",
booktitle = "Proceedings of the 34th IEEE International Conference on Computer Design, ICCD 2016",
publisher = "Institute of Electrical and Electronics Engineers Inc.",

}

TY - GEN

T1 - Cryptographic vote-stealing attacks against a partially homomorphic e-voting architecture

AU - Tsoutsos, Nektarios Georgios

AU - Maniatakos, Mihalis

PY - 2016/11/22

Y1 - 2016/11/22

N2 - Electronic voting plays an increasingly important role in the democratic process in the US and other countries. As technology continues to advance, the security and privacy requirements of contemporary voting platforms become even more strict, and several voting protocols have been proposed. At the same time, homomorphic encryption offers powerful primitives that allow provable guarantees of security. In this paper, we analyze the security of a partially homomorphic electronic voting architecture and describe a vote-stealing attack by exploiting a length-extension vulnerability in the message authentication component of the system. Our attack scales with the public key parameters of the homomorphic encryption scheme and does not require any exhaustive search for secret keys or initialization vectors.

AB - Electronic voting plays an increasingly important role in the democratic process in the US and other countries. As technology continues to advance, the security and privacy requirements of contemporary voting platforms become even more strict, and several voting protocols have been proposed. At the same time, homomorphic encryption offers powerful primitives that allow provable guarantees of security. In this paper, we analyze the security of a partially homomorphic electronic voting architecture and describe a vote-stealing attack by exploiting a length-extension vulnerability in the message authentication component of the system. Our attack scales with the public key parameters of the homomorphic encryption scheme and does not require any exhaustive search for secret keys or initialization vectors.

UR - http://www.scopus.com/inward/record.url?scp=85006757140&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85006757140&partnerID=8YFLogxK

U2 - 10.1109/ICCD.2016.7753275

DO - 10.1109/ICCD.2016.7753275

M3 - Conference contribution

SP - 157

EP - 160

BT - Proceedings of the 34th IEEE International Conference on Computer Design, ICCD 2016

PB - Institute of Electrical and Electronics Engineers Inc.

ER -