Breaking the encryption scheme of the Moscow Internet voting system
In September 2019, voters for the election at the Parliament of the city of Moscow were allowed to use an Internet voting system. The source code of it had been made available for public testing. In this paper we show two successful attacks on the encryption scheme implemented in the voting system....
Saved in:
Main Authors: | , |
---|---|
Format: | Journal Article |
Language: | English |
Published: |
14-08-2019
|
Subjects: | |
Online Access: | Get full text |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Summary: | In September 2019, voters for the election at the Parliament of the city of
Moscow were allowed to use an Internet voting system. The source code of it had
been made available for public testing. In this paper we show two successful
attacks on the encryption scheme implemented in the voting system. Both attacks
were sent to the developers of the system, and both issues had been fixed after
that.The encryption used in this system is a variant of ElGamal over finite
fields. In the first attack we show that the used key sizes are too small. We
explain how to retrieve the private keys from the public keys in a matter of
minutes with easily available resources.When this issue had been fixed and the
new system had become available for testing, we discovered that the new
implementation was not semantically secure. We demonstrate how this newly found
security vulnerability can be used for counting the number of votes cast for a
candidate. |
---|---|
DOI: | 10.48550/arxiv.1908.05127 |