Technical and Socio-Technical Attacks on the Danish Party Endorsement System

Carsten Schürmann; Alessandro Bruni

Technical and Socio-Technical Attacks on the Danish Party Endorsement System

Research output: Conference Article in Proceeding or Book/Report chapter › Article in proceedings › Research › peer-review

Abstract

In this paper we analyze the security of the online Danish party endorsement system (DVE) and present two attacks: one technical, which we discovered during our study of the system in 2016 and which compromises the integrity of the endorsements stored in the DVE-database and another socio-technical, which allows parties to circumvent mechanisms to protect voters against abuse. To understand these attacks, we introduce the legal and technical frameworks of the DVE-system, analyze its problems, and describe a sequence of events that has led to endorsing three new parties that stood in the 2019 Danish Parliament election.

Original language	English
Title of host publication	Electronic Voting
Number of pages	15
Volume	LLNCS11759
Publisher	Springer
Publication date	24 Sept 2019
Pages	200-215
ISBN (Print)	978-3-030-30625-0
Publication status	Published - 24 Sept 2019

Keywords

DVE system
Security analysis
Technical attacks
Socio-technical attacks
Danish election integrity

Cite this

@inproceedings{b06347745bb14384b95e5a4c85038c97,

title = "Technical and Socio-Technical Attacks on the Danish Party Endorsement System",

abstract = "In this paper we analyze the security of the online Danish party endorsement system (DVE) and present two attacks: one technical, which we discovered during our study of the system in 2016 and which compromises the integrity of the endorsements stored in the DVE-database and another socio-technical, which allows parties to circumvent mechanisms to protect voters against abuse. To understand these attacks, we introduce the legal and technical frameworks of the DVE-system, analyze its problems, and describe a sequence of events that has led to endorsing three new parties that stood in the 2019 Danish Parliament election.",

keywords = "DVE system, Security analysis, Technical attacks, Socio-technical attacks, Danish election integrity, DVE system, Security analysis, Technical attacks, Socio-technical attacks, Danish election integrity",

author = "Carsten Sch{\"u}rmann and Alessandro Bruni",

note = "275-23: Godkendt af DS uden OA fil, da publikation er fra 2019 og ikke l{\ae}ngere t{\ae}ller med i OA opg{\o}relse",

year = "2019",

month = sep,

day = "24",

language = "English",

isbn = "978-3-030-30625-0",

volume = "LLNCS11759",

pages = "200--215",

booktitle = "Electronic Voting",

publisher = "Springer",

address = "Germany",

}

TY - GEN

T1 - Technical and Socio-Technical Attacks on the Danish Party Endorsement System

AU - Schürmann, Carsten

AU - Bruni, Alessandro

N1 - 275-23: Godkendt af DS uden OA fil, da publikation er fra 2019 og ikke længere tæller med i OA opgørelse

PY - 2019/9/24

Y1 - 2019/9/24

N2 - In this paper we analyze the security of the online Danish party endorsement system (DVE) and present two attacks: one technical, which we discovered during our study of the system in 2016 and which compromises the integrity of the endorsements stored in the DVE-database and another socio-technical, which allows parties to circumvent mechanisms to protect voters against abuse. To understand these attacks, we introduce the legal and technical frameworks of the DVE-system, analyze its problems, and describe a sequence of events that has led to endorsing three new parties that stood in the 2019 Danish Parliament election.

AB - In this paper we analyze the security of the online Danish party endorsement system (DVE) and present two attacks: one technical, which we discovered during our study of the system in 2016 and which compromises the integrity of the endorsements stored in the DVE-database and another socio-technical, which allows parties to circumvent mechanisms to protect voters against abuse. To understand these attacks, we introduce the legal and technical frameworks of the DVE-system, analyze its problems, and describe a sequence of events that has led to endorsing three new parties that stood in the 2019 Danish Parliament election.

KW - DVE system

KW - Security analysis

KW - Technical attacks

KW - Socio-technical attacks

KW - Danish election integrity

KW - DVE system

KW - Security analysis

KW - Technical attacks

KW - Socio-technical attacks

KW - Danish election integrity

M3 - Article in proceedings

SN - 978-3-030-30625-0

VL - LLNCS11759

SP - 200

EP - 215

BT - Electronic Voting

PB - Springer

ER -

Technical and Socio-Technical Attacks on the Danish Party Endorsement System

Abstract

Keywords

Fingerprint

Cite this