Recently, Muş, Kiraz, Cenk and Sertkaya proposed an improvement over the present Estonian Internet voting vote verification scheme [6]. This paper points to the weaknesses and questionable design choices of the new scheme. We show that the scheme does not fix the vote privacy issue it claims to. It also introduces a way for a malicious voting application to manipulate the vote without being detected by the verification mechanism, hence breaking the cast-as-intended property. As a solution, we propose modifying the protocol of Muş et al. slightly and argue for improvement of the security guarantees. However, there is inherent drop in usability in the protocol as proposed by Muş et al., and this issue will also remain in our improved protocol.
CITATION STYLE
Kubjas, I., Pikma, T., & Willemson, J. (2017). Estonian voting verification mechanism revisited again. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 10615 LNCS, pp. 306–317). Springer Verlag. https://doi.org/10.1007/978-3-319-68687-5_19
Mendeley helps you to discover research relevant for your work.