Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Attacking ballot secrecy in Helios #8

Closed
Cyrille37 opened this Issue · 6 comments

4 participants

@Cyrille37

discover a vulnerability which allows an adversary to compromise voters' privacy. This vulnerability has been successfully exploited to break privacy in a small election using the current Helios implementation. Moreover, the feasibility of an attack is considered in the context of French legislative elections and, based upon our findings, we believe it constitutes a threat to ballot secrecy in real-world elections. Finally, a fix is proposed.

http://www.di.ens.fr/CryptoSeminaire.html#Attacking_ballot_secrecy_in_Heli

@benadida
Owner

This is an interesting attack which we definitely plan to address. That said, in practical Helios elections to date, it is unlikely to have an impact: either the number of voters must be small or one must be willing to give up many votes in order to compromise the privacy of one voter. Importantly, one has to target an election to attack during the election process. Past elections cannot be compromised.

@Cyrille37

A solution seems to do a check that there is no duplicate vote (cyphers are probabilistics).

@betelgeuse

@benadida What's the status here? It doesn't look very assuring that an attack is open for a couple years.

@benadida
Owner

@betelgeuse thanks for pinging on this.

I haven't prioritized a fix because I don't believe the practical impact of this attack is very big. You would need to give up a lot of votes to violate a voter's privacy. I documented this here:

http://documentation.heliosvoting.org/attacks-and-defenses

In an ideal world, I would have time to address every issue no matter how low probability of impact. But since time is limited, I can't address the ones that seem more theoretical than practical.

@benadida
Owner

I am now tracking, for Helios v4, the detection of duplicate vote components in #35. So I'm closing this issue.

@benadida benadida closed this
@emmacfennell emmacfennell referenced this issue from a commit
emmacfennell Lipstick 3
Let’s throw some YSL Rouge Volupte #8 on this thing
487ee4e
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.