We discovered several pitfalls that break the security properties of VoteAgain in threat scenarios for which it was claimed secure. The most critical consequence of our findings is that there exists a voting authority in VoteAgain which needs to be trusted for all security properties. This means that VoteAgain is as (in)secure as a trivial voting system with a single and completely trusted voting authority. We argue that this problem is intrinsic to VoteAgain's design and could thus only be resolved, if possible, by fundamental modifications.
We hope that our work will ensure that VoteAgain is not employed for real elections in its current form. Further, we highlight subtle security pitfalls to avoid on the path towards more efficient, usable, and reasonably secure coercion-resistant e-voting. To this end, we conclude the paper by describing the open problems which need to be solved to make VoteAgain's approach secure.
Category / Keywords: cryptographic protocols / voting, coercion-resistance, verifiability, privacy Date: received 12 Nov 2020, last revised 9 Feb 2021 Contact author: johannes mueller at uni lu Available format(s): PDF | BibTeX Citation Version: 20210209:102535 (All versions of this report) Short URL: ia.cr/2020/1406