Election Verifiability Revisited: Automated Security Proofs and Attacks on Helios and Belenios

BALOGLU, Sevdenur; BURSUC, Sergiu; MAUW, Sjouke; PANG, Jun

doi:10.1109/CSF51468.2021.00019

Download

Paper published in a book (Scientific congresses, symposiums and conference proceedings)

Election Verifiability Revisited: Automated Security Proofs and Attacks on Helios and Belenios

BALOGLU, Sevdenur; BURSUC, Sergiu; MAUW, Sjouke et al.

2021 • In IEEE 34th Computer Security Foundations Symposium, Dubrovnik 21-25 June 2021

Peer reviewed

Permalink
https://hdl.handle.net/10993/45565

DOI
10.1109/CSF51468.2021.00019

Files (1)Send to Details Statistics Bibliography Similar publications

Files

Full Text

main.pdf

Publisher postprint (370.89 kB)

Download

All documents in ORBilu are protected by a user license.

Send to

RIS BibTex APA Chicago Permalink X Linkedin

Details

Keywords :

foundations / applications; electronic voting; formal verification

Abstract :

[en] Election verifiability aims to ensure that the outcome produced by electronic voting systems correctly reflects the intentions of eligible voters, even in the presence of an adversary that may corrupt various parts of the voting infrastructure. Protecting such systems from manipulation is challenging because of their distributed nature involving voters, election authorities, voting servers and voting platforms. An adversary corrupting any of these can make changes that, individually, would go unnoticed, yet in the end will affect the outcome of the election. It is, therefore, important to rigorously evaluate whether the measures prescribed by election verifiability achieve their goals. We propose a formal framework that allows such an evaluation in a systematic and automated way. We demonstrate its application to the verification of various scenarios in Helios and Belenios, two prominent internet voting systems, for which we capture features and corruption models previously outside the scope of formal verification. Relying on the Tamarin protocol prover for automation, we derive new security proofs and attacks on deployed versions of these protocols, illustrating trade-offs between usability and security.

Disciplines :

Computer science

Author, co-author :

BALOGLU, Sevdenur ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > PI Mauw

BURSUC, Sergiu ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > PI Mauw

MAUW, Sjouke ; University of Luxembourg > Faculty of Science, Technology and Medicine (FSTM) > Department of Computer Science (DCS)

PANG, Jun ; University of Luxembourg > Faculty of Science, Technology and Medicine (FSTM) > Department of Computer Science (DCS)

External co-authors :

Language :

English

Title :

Election Verifiability Revisited: Automated Security Proofs and Attacks on Helios and Belenios

Publication date :

June 2021

Event name :

IEEE 34th Computer Security Foundations Symposium (CSF)

Event date :

from 21-06-2021 to 25-06-2021

Main work title :

IEEE 34th Computer Security Foundations Symposium, Dubrovnik 21-25 June 2021

Publisher :

IEEE Computer Society, Los Alamitos, CA, United States

ISBN/EAN :

978-1-7281-7607-9

Peer reviewed :

Peer reviewed

Focus Area :

Security, Reliability and Trust

Additional URL :

https://www.computer.org/csdl/proceedings-article/csf/2021/760700a281/1tzsouCwfh6

Name of the research project :

R-AGR-3433-11

Available on ORBilu :

since 17 January 2021

Statistics

Number of views

310 (27 by Unilu)

Number of downloads

244 (16 by Unilu)

More statistics

Scopus citations^®

Scopus citations^®
without self-citations

Bibliography

J. Benaloh, "Simple verifiable elections, " in 2006 USENIX/ACCURATE Electronic Voting Technology Workshop, EVT'06, Vancouver, BC, Canada, August 1, 2006, D. S. Wallach and R. L. Rivest, Eds. USENIX Association, 2006. [Online]. Available: https://www. usenix. org/conference/evt-06/simple-verifiable-elections
J. D. C. Benaloh, "Verifiable secret-ballot elections, " Ph. D. dissertation, Yale University, New Haven, CT, USA, 1987, aAI8809191.
B. Adida and C. A. Neff, "Ballot casting assurance, " in USENIX/ACCURATE Electronic Voting Technology Workshop, EVT'06, 2006. [Online]. Available: https://www. usenix. org/conference/evt-06/ ballot-casting-assurance
D. Chaum, P. Y. A. Ryan, and S. A. Schneider, "A practical voter-verifiable election scheme, " in Computer Security-ESORICS 2005, 10th European Symposium on Research in Computer Security, Milan, Italy, September 12-14, 2005, Proceedings, 2005, pp. 118-139. [Online]. Available: https://doi. org/10. 1007/11555827-8
V. Cortier, D. Galindo, R. Küsters, J. Müller, and T. Truderung, "SoK: Verifiability notions for e-voting protocols, " in Proceedings of the 37th IEEE Symposium on Security and Privacy, San Jose, CA, USA, May 22-26, 2016. IEEE Computer Society, 2016, pp. 779-798. [Online]. Available: https://doi. org/10. 1109/SP. 2016. 52
R. Küsters, T. Truderung, and A. Vogt, "Clash attacks on the verifiability of e-voting systems, " in Proceedings of the 33rd IEEE Symposium on Security and Privacy, 21-23 May 2012, San Francisco, California, USA. IEEE Computer Society, 2012, pp. 395-409. [Online]. Available: https://doi. org/10. 1109/SP. 2012. 32
O. Pereira and D. S. Wallach, "Clash attacks and the STAR-Vote system, " in Electronic Voting-Second International Joint Conference, E-Vote-ID 2017, Bregenz, Austria, October 24-27, 2017, Proceedings, ser. Lecture Notes in Computer Science, R. Krimmer, M. Volkamer, N. B. Binder, N. Kersting, O. Pereira, and C. Schürmann, Eds., vol. 10615. Springer, 2017, pp. 228-247. [Online]. Available: https://doi. org/10. 1007/978-3-319-68687-5-14
D. Springall, T. Finkenauer, Z. Durumeric, J. Kitcat, H. Hursti, M. MacAlpine, and J. A. Halderman, "Security analysis of the Estonian Internet voting system, " in Proceedings of the 21st ACM SIGSAC Conference on Computer and Communications Security, Scottsdale, AZ, USA, November 3-7, 2014, G. Ahn, M. Yung, and N. Li, Eds. ACM, 2014, pp. 703-715. [Online]. Available: http://doi. acm. org/10. 1145/2660267. 2660315
J. A. Halderman and V. Teague, "The New South Wales iVote system: Security failures and verification flaws in a live online election, " in E-Voting and Identity-5th International Conference, VoteID 2015, Bern, Switzerland, September 2-4, 2015, Proceedings, ser. Lecture Notes in Computer Science, R. Haenni, R. E. Koenig, and D. Wikström, Eds., vol. 9269. Springer, 2015, pp. 35-53. [Online]. Available: https://doi. org/10. 1007/978-3-319-22270-7-3
C. Culnane, A. Essex, S. J. Lewis, O. Pereira, and V. Teague, "Knights and knaves run elections: Internet voting and undetectable electoral fraud, " IEEE Secur. Priv., vol. 17, no. 4, pp. 62-70, 2019. [Online]. Available: https://doi. org/10. 1109/MSEC. 2019. 2915398
R. Küsters, T. Truderung, and A. Vogt, "Accountability: definition and relationship to verifiability, " in Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS 2010, Chicago, Illinois, USA, October 4-8, 2010. ACM, 2010, pp. 526-535. [Online]. Available: https://doi. org/10. 1145/1866307. 1866366
A. Kiayias, T. Zacharias, and B. Zhang, "End-to-end verifiable elections in the standard model, " in Advances in Cryptology-EUROCRYPT 2015-34th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Sofia, Bulgaria, April 26-30, 2015, Proceedings, Part II, ser. Lecture Notes in Computer Science, E. Oswald and M. Fischlin, Eds., vol. 9057. Springer, 2015, pp. 468-498. [Online]. Available: https://doi. org/10. 1007/978-3-662-46803-6-16
S. Kremer, M. Ryan, and B. Smyth, "Election verifiability in electronic voting protocols, " in 15th European Symposium on Research in Computer Security, Athens, Greece, September 20-22, 2010, ser. Lecture Notes in Computer Science, vol. 6345. Springer, 2010, pp. 389-404. [Online]. Available: https://doi. org/10. 1007/978-3-642-15497-3-24
V. Cortier, F. Eigner, S. Kremer, M. Maffei, and C. Wiedling, "Type-based verification of electronic voting protocols, " in 4th International Conference on Principles of Security and Trust, London, UK, April 11-18, 2015, ser. Lecture Notes in Computer Science, vol. 9036. Springer, 2015, pp. 303-323. [Online]. Available: https://doi. org/10. 1007/978-3-662-46666-7-16
M. Barbosa, G. Barthe, K. Bhargavan, B. Blanchet, C. Cremers, K. Liao, and B. Parno, "SoK: Computer-Aided Cryptography, " in 42nd IEEE Symposium on Security and Privacy, 2021, to appear.
K. Cohn-Gordon, C. J. F. Cremers, B. Dowling, L. Garratt, and D. Stebila, "A formal security analysis of the signal messaging protocol, " in 2017 IEEE European Symposium on Security and Privacy, EuroS&P 2017, Paris, France, April 26-28, 2017. IEEE, 2017, pp. 451-466. [Online]. Available: https://doi. org/10. 1109/EuroSP. 2017. 27
N. Kobeissi, K. Bhargavan, and B. Blanchet, "Automated verification for secure messaging protocols and their implementations: A symbolic and computational approach, " in 2017 IEEE European Symposium on Security and Privacy, EuroS&P 2017, Paris, France, April 26-28, 2017. IEEE, 2017, pp. 435-450. [Online]. Available: https://doi. org/10. 1109/EuroSP. 2017. 38
B. Blanchet, "Modeling and verifying security protocols with the applied pi calculus and ProVerif, " Foundations and Trends in Privacy and Security, vol. 1, no. 1-2, pp. 1-135, 2016.
D. A. Basin, C. Cremers, J. Dreier, and R. Sasse, "Symbolically analyzing security protocols using Tamarin, " ACM SIGLOG News, vol. 4, no. 4, pp. 19-30, 2017. [Online]. Available: https://dl. acm. org/ citation. cfm?id=3157835
M. Abadi and P. Rogaway, "Reconciling two views of cryptography (the computational soundness of formal encryption), " J. Cryptology, vol. 20, no. 3, p. 395, 2007. [Online]. Available: https://doi. org/10. 1007/s00145-007-0203-0
V. Cortier, A. Filipiak, and J. Lallemand, "BeleniosVS: Secrecy and verifiability against a corrupted voting device, " in 32nd IEEE Computer Security Foundations Symposium, Hoboken, NJ, USA, June 25-28, 2019, 2019, pp. 367-381. [Online]. Available: https://doi. org/10. 1109/CSF. 2019. 00032
B. Adida, "Helios: Web-based open-audit voting, " in 17th USENIX Security Symposium, July 28-August 1, 2008, San Jose, CA, USA, 2008, pp. 335-348. [Online]. Available: http://www. usenix. org/events/ sec08/tech/full_papers/adida/adida. pdf
B. Adida, O. De Marneffe, O. Pereira, and J.-J. Quisquater, "Electing a university president using open-audit voting: Analysis of real-world use of Helios, " in 2009 Electronic Voting Technology Workshop / Workshop on Trustworthy Elections. Usenix, 2009.
"Helios-Verifiable online elections, " https://heliosvoting. org/. [Online]. Available: https://heliosvoting. org/
"Belenios-Verifiable online voting system, " https://belenios. org/. [Online]. Available: https://belenios. org/
V. Cortier, P. Gaudry, and S. Glondu, "Belenios: A simple private and verifiable electronic voting system, " in Foundations of Security, Protocols, and Equational Reasoning-Essays Dedicated to Catherine A. Meadows, ser. Lecture Notes in Computer Science, vol. 11565. Springer, 2019, pp. 214-238. [Online]. Available: https://doi. org/10. 1007/978-3-030-19052-1-14
V. Cortier, C. C. Drgan, F. Dupressoir, and B. Warinschi, "Machinechecked proofs for electronic voting: Privacy and verifiability for Belenios, " in 31st IEEE Computer Security Foundations Symposium, Oxford, United Kingdom, July 9-12, 2018. IEEE Computer Society, 2018, pp. 298-312. [Online]. Available: https://doi. org/10. 1109/CSF. 2018. 00029
G. Barthe, B. Grégoire, S. Heraud, and S. Z. Béguelin, "Computeraided security proofs for the working cryptographer, " in Advances in Cryptology-CRYPTO 2011-31st Annual Cryptology Conference, Santa Barbara, CA, USA, August 14-18, 2011. Proceedings, ser. Lecture Notes in Computer Science, P. Rogaway, Ed., vol. 6841. Springer, 2011, pp. 71-90. [Online]. Available: https://doi. org/10. 1007/ 978-3-642-22792-9-5
S. Delaune, S. Kremer, and M. Ryan, "Coercion-resistance and receipt-freeness in electronic voting, " in 19th IEEE Computer Security Foundations Workshop, (CSFW-19 2006), 5-7 July 2006, Venice, Italy. IEEE Computer Society, 2006, pp. 28-42. [Online]. Available: https://doi. org/10. 1109/CSFW. 2006. 8
L. Hirschi, L. Schmid, and D. A. Basin, "Fixing the achilles heel of e-voting: The bulletin board, " IACR Cryptol. ePrint Arch., vol. 2020, p. 109, 2020. [Online]. Available: https://eprint. iacr. org/2020/109
K. Sako and J. Kilian, "Receipt-free mix-type voting scheme-A practical solution to the implementation of a voting booth, " in Advances in Cryptology-EUROCRYPT '95, International Conference on the Theory and Application of Cryptographic Techniques, Saint-Malo, France, May 21-25, 1995, Proceeding, ser. Lecture Notes in Computer Science, vol. 921. Springer, 1995, pp. 393-403. [Online]. Available: https://doi. org/10. 1007/3-540-49264-X-32
C. A. Neff, "A verifiable secret shuffle and its application to e-voting, " in CCS 2001, ACM Conference on Computer and Communications Security, 2001, pp. 116-125. [Online]. Available: http://doi. acm. org/10. 1145/501983. 502000
M. Jakobsson, A. Juels, and R. L. Rivest, "Making mix nets robust for electronic voting by randomized partial checking, " in Proceedings of the 11th USENIX Security Symposium, San Francisco, CA, USA, August 5-9, 2002, 2002, pp. 339-353. [Online]. Available: http://www. usenix. org/publications/library/proceedings/sec02/jakobsson. html
M. Hirt and K. Sako, "Efficient receipt-free voting based on homomorphic encryption, " in Advances in Cryptology-EUROCRYPT 2000. Springer, 2000, pp. 539-556.
T. P. Pedersen, "A threshold cryptosystem without a trusted party (extended abstract), " in Advances in Cryptology-EUROCRYPT '91, 1991, pp. 522-526. [Online]. Available: https://doi. org/10. 1007/ 3-540-46416-6-47
V. Cortier, D. Galindo, S. Glondu, and M. Izabachène, "Distributed ElGamal à la Pedersen: Application to Helios, " in ACM Workshop on Privacy in the Electronic Society, WPES 2013, Berlin, Germany, November 4, 2013. ACM, 2013, pp. 131-142. [Online]. Available: http://doi. acm. org/10. 1145/2517840. 2517852
P. Y. A. Ryan, P. B. Rønne, and V. Iovino, "Selene: Voting with transparent verifiability and coercion-mitigation, " in Financial Cryptography and Data Security-FC 2016 International Workshops, BITCOIN, VOTING, and WAHC, Christ Church, Barbados, February 26, 2016, Revised Selected Papers, ser. Lecture Notes in Computer Science, vol. 9604. Springer, 2016, pp. 176-192. [Online]. Available: https://doi. org/10. 1007/978-3-662-53357-4-12
K. Gjøsteen, "The Norwegian Internet voting protocol, " in E-Voting and Identity-VoteID 2011, ser. Lecture Notes in Computer Science, vol. 7187. Springer, 2011, pp. 1-18. [Online]. Available: https://doi. org/10. 1007/978-3-642-32747-6-1
A. Juels, D. Catalano, and M. Jakobsson, "Coercion-resistant electronic elections, " in Proceedings of the 2005 ACM Workshop on Privacy in the Electronic Society, WPES 2005, Alexandria, VA, USA, November 7, 2005, 2005, pp. 61-70. [Online]. Available: http://doi. acm. org/10. 1145/1102199. 1102213
M. R. Clarkson, S. Chong, and A. C. Myers, "Civitas: Toward a secure voting system, " in 2008 IEEE Symposium on Security and Privacy (S&P 2008), 18-21 May 2008, Oakland, California, USA, 2008, pp. 354-368. [Online]. Available: https://doi. org/10. 1109/SP. 2008. 32
T. Moran and M. Naor, "Receipt-free universally-verifiable voting with everlasting privacy, " in Advances in Cryptology-CRYPTO 2006, 26th Annual International Cryptology Conference, Santa Barbara, California, USA, August 20-24, 2006, Proceedings, ser. Lecture Notes in Computer Science, C. Dwork, Ed., vol. 4117. Springer, 2006, pp. 373-392. [Online]. Available: https://doi. org/10. 1007/11818175-22
E. Cuvelier, O. Pereira, and T. Peters, "Election verifiability or ballot privacy: Do we need to choose?" in Computer Security-ESORICS 2013-18th European Symposium on Research in Computer Security, Egham, UK, September 9-13, 2013. Proceedings, ser. Lecture Notes in Computer Science, vol. 8134. Springer, 2013, pp. 481-498. [Online]. Available: https://doi. org/10. 1007/978-3-642-40203-6-27
S. Meier, B. Schmidt, C. Cremers, and D. A. Basin, "The Tamarin prover for the symbolic analysis of security protocols, " in 25th International Conference on Computer Aided Verification, Saint Petersburg, Russia, July 13-19, 2013, ser. Lecture Notes in Computer Science, vol. 8044. Springer, 2013, pp. 696-701. [Online]. Available: https://doi. org/10. 1007/978-3-642-39799-8-48
B. Schmidt, S. Meier, C. J. F. Cremers, and D. A. Basin, "Automated analysis of Diffie-Hellman protocols and advanced security properties, " in 25th IEEE Computer Security Foundations Symposium, (CSF'12). IEEE Computer Society, 2012, pp. 78-94.
D. A. Basin, S. Radomirovic, and L. Schmid, "Dispute resolution in voting, " in 33rd IEEE Computer Security Foundations Symposium, CSF 2020, Boston, MA, USA, June 22-26, 2020. IEEE, 2020, pp. 1-16. [Online]. Available: https://doi. org/10. 1109/CSF49147. 2020. 00009
S. Baloglu, S. Bursuc, S. Mauw, and J. Pang, "Election verifiability revisited: Automated security proofs and attacks on helios and belenios, " Cryptology ePrint Archive, Report 2020/982, 2020, https://eprint. iacr. org/2020/982.
Additional material: Tamarin codes for verification, https://github. com/ sbaloglu/tamarin-codes.