How Could Snowden Attack an Election?

摘要

We discuss a new type of attack on voting systems that in contrast to attacks described in the literature does not disrupt the expected behavior of the voting system itself. Instead the attack abuses the normal functionality to link the tallying of the election to disclosing sensitive information assumed to be held by the adversary. Thus the attack forces election officials to choose between two undesirable options: Not to publish the election result or to play into the adversary's hand and to publicize sensitive information. We stress that the attack is different from extortion and not restricted to electronic voting systems.