K. Ly, Orlando Arias, Jacob Wurm, Khoa Hoang, Kaveh Shamsi, Yier Jin
{"title":"Voting system design pitfalls: Vulnerability analysis and exploitation of a model platform","authors":"K. Ly, Orlando Arias, Jacob Wurm, Khoa Hoang, Kaveh Shamsi, Yier Jin","doi":"10.1109/ICCD.2016.7753273","DOIUrl":null,"url":null,"abstract":"Homomorphic encryption may be seen as a substantial potential boon to voting systems. If properly used, it allows provably anonymous elections to take place. However, when poorly constructed, using weak cryptographic primitives results in highly vulnerable systems that are prone to attacks. This paper details one attack done against a model of an election system as part of a security competition, where a hardware Trojan has weakened its security. We designed a proof of concept exploit and implemented it on an FPGA, demonstrating weaknesses in the system regardless of the existence of this Trojan.","PeriodicalId":297899,"journal":{"name":"2016 IEEE 34th International Conference on Computer Design (ICCD)","volume":"5 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 IEEE 34th International Conference on Computer Design (ICCD)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCD.2016.7753273","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Homomorphic encryption may be seen as a substantial potential boon to voting systems. If properly used, it allows provably anonymous elections to take place. However, when poorly constructed, using weak cryptographic primitives results in highly vulnerable systems that are prone to attacks. This paper details one attack done against a model of an election system as part of a security competition, where a hardware Trojan has weakened its security. We designed a proof of concept exploit and implemented it on an FPGA, demonstrating weaknesses in the system regardless of the existence of this Trojan.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
