Exploiting re-voting in the Helios election system
This exposes a critical security flaw in a widely used electronic voting system, potentially undermining democratic processes.
The paper identified a vulnerability in the Helios election system where an adversary can cause a ballot other than a voter's last to be tallied, allowing undue influence on election outcomes.
Election systems must ensure that representatives are chosen by voters. Moreover, each voter should have equal influence. Traditionally, this has been achieved by permitting voters to cast at most one ballot. More recently, this has been achieved by tallying the last ballot cast by each voter. We show this is not achieved by the Helios election system, because an adversary can cause a ballot other than a voter's last to be tallied. Moreover, we show how the adversary can choose the contents of such a ballot, thus the adversary can unduly influence the selection of representatives.