Running mixnet-based elections with Helios
EVT/WOTE'11 Proceedings of the 2011 conference on Electronic voting technology/workshop on trustworthy elections
Adapting helios for provable ballot privacy
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
On CCA-Secure somewhat homomorphic encryption
SAC'11 Proceedings of the 18th international conference on Selected Areas in Cryptography
Vote-independence: a powerful privacy notion for voting protocols
FPS'11 Proceedings of the 4th Canada-France MITACS conference on Foundations and Practice of Security
A formal analysis of the norwegian e-voting protocol
POST'12 Proceedings of the First international conference on Principles of Security and Trust
POST'12 Proceedings of the First international conference on Principles of Security and Trust
Improving Helios with everlasting privacy towards the public
EVT/WOTE'12 Proceedings of the 2012 international conference on Electronic Voting Technology/Workshop on Trustworthy Elections
How not to prove yourself: pitfalls of the fiat-shamir heuristic and applications to helios
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
POST'13 Proceedings of the Second international conference on Principles of Security and Trust
Formal verification of e-auction protocols
POST'13 Proceedings of the Second international conference on Principles of Security and Trust
Verifying multicast-based security protocols using the inductive method
Proceedings of the 28th Annual ACM Symposium on Applied Computing
Distributed ElGamal à la Pedersen: Application to Helios
Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society
Blinded additively homomorphic encryption schemes for self-tallying voting
Proceedings of the 6th International Conference on Security of Information and Networks
Analysis of an electronic boardroom voting system
Vote-ID'13 Proceedings of the 4th international conference on E-Voting and Identity
Attacking and fixing Helios: An analysis of ballot secrecy
Journal of Computer Security
| Hi-index | 0.00 |
Helios 2.0 is an open-source web-based end-to-end verifiable electronic voting system, suitable for use in low-coercion environments. In this paper, we analyse ballot secrecy and discover a vulnerability which allows an adversary to compromise the privacy of voters. This vulnerability has been successfully exploited to break privacy in a mock election using the current Helios implementation. Moreover, the feasibility of an attack is considered in the context of French legislative elections and, based upon our findings, we believe it constitutes a real threat to ballot secrecy in such settings. Finally, we present a fix and show that our solution satisfies a formal definition of ballot secrecy using the applied pi calculus.