Paper 2012/116

Clash Attacks on the Verifiability of E-Voting Systems

Ralf Kuesters, Tomasz Truderung, and Andreas Vogt


Verifiability is a central property of modern e-voting systems. Intuitively, verifiability means that voters can check that their votes were actually counted and that the published result of the election is correct, even if the voting machine/authorities are (partially) untrusted. In this paper, we raise awareness of a simple attack, which we call a clash attack, on the verifiability of e-voting systems. The main idea behind this attack is that voting machines manage to provide different voters with the same receipt. As a result, the voting authorities can safely replace ballots by new ballots, and by this, manipulate the election without being detected. This attack does not seem to have attracted much attention in the literature. Even though the attack is quite simple, we show that, under reasonable trust assumptions, it applies to several e-voting systems that have been designed to provide verifiability. In particular, we show that it applies to the prominent ThreeBallot and VAV voting systems as well as to two e-voting systems that have been deployed in real elections: the Wombat Voting system and a variant of the Helios voting system. We discuss countermeasures for each of these systems and for (various variants of) Helios provide a formal analysis based on a rigorous definition of verifiability. More precisely, our analysis of Helios is with respect to the more general and in the area of e-voting often overlooked notion of accountability.

Note: Added publication information as well as some explanation in Section 6.2.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Minor revision. Proceedings of 33rd IEEE Symposium on Security and Privacy (S&P 2012)
votingaccountabilityverifiabilityprotocol analysis
Contact author(s)
kuesters @ uni-trier de
2015-02-02: last of 2 revisions
2012-03-04: received
See all versions
Short URL
Creative Commons Attribution


      author = {Ralf Kuesters and Tomasz Truderung and Andreas Vogt},
      title = {Clash Attacks on the Verifiability of E-Voting Systems},
      howpublished = {Cryptology ePrint Archive, Paper 2012/116},
      year = {2012},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.