Attack Once, Compromise All? On the Scalability of Attacks

Abstract

Electronic voting schemes are often criticized for being insecure, on the grounds that a successful attack would allow an adversary to manipulate all votes at once. It is argued that attacks therefore have a higher impact at lower adversary costs compared to paper-based schemes, where attacks are cumbersome. In this paper, we propose a framework to quantify how prone different protocols are to attacks that scale well. For this purpose, we introduce the notion of scalability of attacks. We give the adversary access to an oracle which can break common cryptographic building blocks and assumptions and analyze how many inputs of a (multiparty computation) protocol they can learn or manipulate for each oracle access. The more inputs are affected, the more susceptible the protocol is to attacks that scale well. We compare several pairs of protocols solving the same problem in different ways in three examples and analyze the scalability of attacks on each protocol. We find that some protocols have a fatal breakdown, i.e. all inputs are affected with only one access to the oracle, while other protocols scale linearly or have a threshold, where the number of affected inputs increases drastically from one access to the other. Our framework provides strong arguments in favoring one voting scheme over another. It enables voting authorities to compare schemes that appear equally secure at first glance, and to consider the scalability of attacks when deciding on a scheme