10 matches found
On the Necessity of Pre-Agreed Secrets for Thwarting Last-Minute Coercion: Vulnerabilities and Lessons from the Loki E-Voting Protocol
Coercion-resistance CR is a crucial security property in e-voting systems. It ensures that an attacker cannot compel a voter to vote in a specific way by using threats or rewards. The Loki e-voting protocol, proposed by Giustolisi \emphet al. at IEEE S&P 2024, introduces a novel design that...
Enhanced Anonymous Credentials for E-Voting Systems
A simple and practical method for achieving everlasting privacy in e-voting systems, without relying on advanced cryptographic techniques, is to use anonymous voter credentials. The simplicity of this approach may, however, create some challenges, when combined with other security features, such ...
Malicious Package
Overview e-voting-libraries-ui-kit is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
Malicious code in e-voting-libraries-ui-kit (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b61daa9fe3e3708d3d8fb85252df936d46de90bf87b463f270618bf8769aba02 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-6412 Malicious code in e-voting-libraries-ui-kit (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b61daa9fe3e3708d3d8fb85252df936d46de90bf87b463f270618bf8769aba02 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Security Vulnerability of Switzerland’s E-Voting System
Online voting is insecure, period. This doesnt stop organizations and governments from using it. And for low-stakes elections, its probably fine. Switzerland--not low stakes--uses online voting for national elections. Andrew Appel explains why its a bad idea: Last year, I published a 5-part serie...
CVE-2023-38916
SQL Injection vulnerability in eVotingSystem-PHP v.1.0 allows a remote attacker to execute arbitrary code and obtain sensitive information via the user input fields...
Analyzing the Swiss E-Voting System
Andrew Appel has a long analysis of the Swiss online voting system. Its a really good analysis of both the system and the official analyses...
Researchers Flag e-Voting Security Flaws
A group of election security experts said after a deep dive into Australia’s electronic voting systems that they have “serious problems” with the accuracy, integrity and privacy with elections run by the Australian Capital Territory ACT Electoral Commission. The team of four cybersecurity...
Microsoft Research Proposes E-Voting Attack Mitigation
Microsoft Research has proposed a mitigation for a known potential attack against verifiable electronic voting machines that could help prevent insiders from being able to alter votes after the fact. The countermeasure to the “trash attack” involves adding a cryptographic hash to the receipts tha...