Reference : How Efficient are Replay Attacks against Vote Privacy? A Formal Quantitative Analysis
Scientific congresses, symposiums and conference proceedings : Paper published in a book
Engineering, computing & technology : Computer science
Security, Reliability and Trust
http://hdl.handle.net/10993/51209
How Efficient are Replay Attacks against Vote Privacy? A Formal Quantitative Analysis
English
Mestel, David mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > APSIA >]
Mueller, Johannes mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > APSIA >]
Reisert, Pascal mailto [University of Stuttgart]
2022
35th IEEE Computer Security Foundations Symposium
Yes
IEEE CSF 2022
from 07-08-2022 to 10-10-2022
[en] Replay attacks are among the most well-known attacks against vote privacy. Many e-voting systems have been proven vulnerable to replay attacks, including systems like Helios that are used in real practical elections.

Despite their popularity, it is commonly believed that replay attacks are inefficient but the actual threat that they pose to vote privacy has never been studied formally. Therefore, in this paper, we precisely analyze for the first time how efficient replay attacks really are.

We study this question from commonly used and complementary perspectives on vote privacy, showing as an independent contribution that a simple extension of a popular game-based privacy definition corresponds to a strong entropy-based notion.

Our results demonstrate that replay attacks can be devastating for a voter's privacy even when an adversary's resources are very limited. We illustrate our formal findings by applying them to a number of real-world elections, showing that a modest number of replays can result in significant privacy loss. Overall, our work reveals that, contrary to a common belief, replay attacks can be very efficient and must therefore be considered a serious threat.
http://hdl.handle.net/10993/51209
FnR ; FNR14698166 > Johannes Mueller > FP2 > Future-proofing Privacy In Secure Electronic Voting > 01/01/2021 > 31/12/2023 > 2020

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
main.pdfPublisher postprint412.22 kBView/Open

Additional material(s):

File Commentary Size Access
Open access
priv_calc_ktv.cpp2.56 kBView/Open
Open access
strong_priv.cpp3.03 kBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.