Katalog Plus
Bibliothek der Frankfurt UAS
Bald neuer Katalog: sichern Sie sich schon vorab Ihre persönlichen Merklisten im Nutzerkonto: Anleitung.
Dieses Ergebnis aus BASE kann Gästen nicht angezeigt werden.  Login für vollen Zugriff.

How Efficient Are Replay Attacks against Vote Privacy? A Formal Quantitative Analysis

Title: How Efficient Are Replay Attacks against Vote Privacy? A Formal Quantitative Analysis
Authors: MESTEL, David; MUELLER, Johannes; Reisert, Pascal
Contributors: Interdisciplinary Centre for Security, Reliability and Trust (SnT) > APSIA - Applied Security and Information Assurance
Source: Journal of Computer Security (2023)
Publisher Information: IOS Press
Publication Year: 2023
Collection: University of Luxembourg: ORBilu - Open Repository and Bibliography
Subject Terms: Engineering; computing & technology; Computer science; Ingénierie; informatique & technologie; Sciences informatiques
Description: peer reviewed ; Replay attacks are among the most well-known attacks against vote privacy. Many e-voting systems have been proven vulnerable to replay attacks, including systems like Helios that are used in real practical elections. Despite their popularity, it is commonly believed that replay attacks are inefficient but the actual threat that they pose to vote privacy has never been studied formally. Therefore, in this paper, we precisely analyze for the first time how efficient replay attacks really are. We study this question from commonly used and complementary perspectives on vote privacy, showing as an independent contribution that a simple extension of a popular game-based privacy definition corresponds to a strong entropy-based notion. Our results demonstrate that replay attacks can be devastating for a voter's privacy even when an adversary's resources are very limited. We illustrate our formal findings by applying them to a number of real-world elections, showing that a modest number of replays can result in significant privacy loss. Overall, our work reveals that, contrary to a common belief, replay attacks can be very efficient and must therefore be considered a serious threat.
Document Type: article in journal/newspaper
Language: English
ISSN: 0926-227X
Relation: FNR14698166 - Future-proofing Privacy In Secure Electronic Voting, 2020 (01/01/2021-31/12/2023) - Johannes Mueller; urn:issn:0926-227X; https://orbilu.uni.lu/handle/10993/55570; info:hdl:10993/55570
DOI: 10.3233/JCS-230047
Availability: https://orbilu.uni.lu/handle/10993/55570; https://orbilu.uni.lu/bitstream/10993/55570/1/main-tr.pdf; https://doi.org/10.3233/JCS-230047
Rights: open access ; http://purl.org/coar/access_right/c_abf2 ; info:eu-repo/semantics/openAccess
Accession Number: edsbas.E7F74D3B
Database: BASE