惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
V
Visual Studio Blog
小众软件
小众软件
博客园 - 【当耐特】
Last Week in AI
Last Week in AI
Jina AI
Jina AI
云风的 BLOG
云风的 BLOG
腾讯CDC
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
Y
Y Combinator Blog
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
Engineering at Meta
Engineering at Meta
量子位
美团技术团队
I
InfoQ
Martin Fowler
Martin Fowler
MyScale Blog
MyScale Blog
博客园 - 聂微东
阮一峰的网络日志
阮一峰的网络日志
Blog — PlanetScale
Blog — PlanetScale

Cryptology ePrint Archive

On the Formal Verification of Authenticated Encryption of the MQTT Protocol On the Security of Public Key Authenticated Encryption with Keyword Search with Sender-independent Search Complexity Symmetric Attribute-Based Encryption from Minimal Hardness Assumptions Quantum and Post-Quantum Blockchain: A Systematic Survey Efficient Homomorphic String Search via TFHE Comments on "Server-Aided Public Key Authenticated Searchable Encryption With Constant Ciphertext and Constant Trapdoor" Updatable Public-Key Encryption from FESTA Sequence-Level Security for Active Weighted Signature Reconfiguration Linear self-equivalence of the known families of APN functions: a unified point of view Can We Tolerate Small Side-Channel Leakages: The Role of Registers in Glitch-Stopping Circuits Signal and Ready to MINGLE: In-Band Gossip for Key Transparency Split-View Detection in E2EE Messengers Constant-Online PVSS from CCA2-Secure Threshold Encryption: A Generic Framework Unified FPGA Design of Kyber and Dilithium with Provable Fault Tolerance Quantum Circuit Implementation and Grover’s Search on the Lightweight Block Cipher KLEIN Family Current trends in AI-Aided Cryptography More from Less: Composable General Multi-Party Computation with Global Public Verifiability from a Single Enclave Only PQKryvos: Post-Quantum Secure E-Voting With Flexible Ballot Formats and Public Tally-Hiding A Blockchain-Based Pre-Verification Access Control Scheme with Vector Commitments and Bulletproofs On weak keys of POK\'{E} Distributed Simon's Algorithm with Less Per-Node Qubit Overhead and Its Application to Cryptanalysis Information-Theoretic Optimistic Verifiable Secret Sharing Modern Portfolio Theory in the Crypto-Wilderness Balanced and Adaptively Secure Asynchronous Common Coin and Byzantine Agreement With Sub-Quadratic Communication Miraidon: MinRank Identification Topology-Hiding Computation From Key Agreement in Diameter-Two Graphs On Local Invariants for Permutation Equivalence Super-intelligence Survival Guide: Verification via Proof-Carrying Output Format-Preserving Encryption Creates a Privacy Attack Surface for Re-Identification Suppressing Hidden Extension-Field Linearity in Rank-Metric Cryptography via Structural Incompatibility DDYF: Differential Dolev-Yao Fuzzing of Cryptographic Protocols Single-Trace Power Analysis of LESS Key Generation BumbleBee: Best-of-Both-Worlds MVBA with Optimal Communication, Latency and Resilience Tradeoffs Maskaglia: A New, Efficient Approach to Masked Discrete Gaussian Sampling Impact of Post-Quantum Signatures on InnoDB B+-Trees and Efficient Batch Signing VeinoCert: Binding an Object to an Owner A New Insight into Constructing Cryptographic Boolean Functions via Walsh Spectral Analysis Quantum algorithm for Discrete Gaussian Sampling A formal analysis of FLEX and FLEX2 Zero-shot deep-unfolding decoder for QC-MDPC McEliece cryptosystems Profiling-Device-Free SASCA Framework for ML-KEM Key-Independent Secret-Key Distinguisher for 7-Round AES based on the Joint Generalized Zero-Difference Property Improved Dual Attack via Quantum Rejection Sampling Verifying Consensus Protocols from LLM-assisted TLA$^+$: A Case Study of Byzantine Reliable Broadcast ThriftyMPC: Reducing the Cost of Large-Scale MPC in the Cloud Revisiting DKLs Threshold ECDSA: Enhanced OT-based VOLE and Two-Party Signing Functional Bootstrapping for a Single LWE Ciphertext with \(\tilde{O}(1)\) Polynomial Multiplications LoTRS: Practical Post-Quantum Structured Threshold Ring Signatures from Lattices Asynchronous Lagrange-Based Threshold FHE with Smaller Modulus Overhead Breaking ACDGV MinRank Gabidulin encryption schemes over matrix codes Explicit cost analysis of Toom-4 multiplication for incomplete NTT in lattice-based cryptography Security Analysis on a Blockchain-based Public-Key Authenticated Searchable Encryption Scheme Icy-DVRF: A Distributed Verifiable Random Function based on FROST signatures Frobenius-UOV: A Very Efficient Multivariate Public Key Signature Scheme Revisiting Linear Subspace Trails in Poseidon2 and Neptune A New Multiscalar Multiplication Method Resistant to Timing Attacks Device Binding for Anonymous Credentials on Legacy Phones Beyond Quadratic: Unlocking Pseudorandomness with Quartic Character Multi-leveled and ISA/IEC 62443-aware Certificate Transparency to Protect the PKI Service Supply Chain of Operational Technology rBFT: a Revamped Two-Stage BFT from Delegated Committee Delving Deep into Security Guarantees against Integral Distinguishers with Applications to PRESENT, TWINE and LBLOCK On the Communication Complexity of Sleepy Consensus Operationalising Post‑Quantum TLS: Automated Configuration Profiling and Hybrid PQC Deployment in Financial Infrastructure Enhancing Blockchain Proof of Stake with Active Weighted Signatures: The ADAPT Framework Threshold FHE with Short Decryption Shares without a Semi-trusted Server Efficient Bootstrapping in Fully Homomorphic Encryption for Matrix Arithmetic YsPIR: HE-Based Single-Server Private Information Retrieval with Low Communication Cost and High Throughput Black-box validation of Falcon key generation under numerical instability Tight Lattice-Based Signatures without Trapdoors from Search LWE Formalizing Blockchain PQC Signature Transition: How to Outpace Quantum Adversaries Early-stopping Consensus with Adaptive Bit Complexity Beyond the Anonymous Inbox: Secure Whistleblowing for All Quantum Circuit Realization and Grover Cryptanalysis of the Hybrid ARX-SPN Cipher GFSPX Anamorphic Construction For The Winternitz OTS Scheme Family Efficient SIMD Implementation of the BLS Signature Scheme Using Intel AVX-512 Constant-Round Secure Distributed Decoding and HQC Threshold Decryption Threshold PRISM Signature Schemes via Graph-Based Threshold Access Structures On MPC-friendly Softmax Optimized G+G Signature On the Investigation of Variants for Discrete Logarithm Problems in Abelian Groups: An Algebraic Structure Approach MAYA: A Short Shuffle Argument With Fast Verification Efficiently deciding and recovering CCZ and EA equivalence for arbitrary vectorial Boolean functions using the partition refinement framework More Efficient SNARKs via Quasi-Abelian Codes: Faster, Smaller, and Field-Agnostic Storing Less in-the-Head: An Area-Efficient Hardware Architecture for SDitH-v2 Pseudonymization and reporters’ protection by design in the EU whistleblower directive Efficient and Privacy-preserving Outsourced Training of Decision Tree Models Based on (Leveled) Fully Homomorphic Encryption SoK: Private LLM Inference using Approximate Homomorphic Encryption First-Order Masked Fine-ShufflingImplementation Against Side-Channel Attackswith Application to ML-KEM BitVM3: Efficient Bitcoin Bridges via Garbled Circuits Zephyr: GPU-Efficient Homomorphic Encryption for Privacy-Preserving Transformer Inference Fair Multiparty Coin Tossing from Minimal Assumptions Improved Quantum Attacks on Iterated Even-Mansour Ciphers with Classical Queries On the Statistical vs. Computational Security of the DKLs23 Multiparty ECDSA Protocol Wombat: Post-Quantum Blind Signature from Standard Group Action Assumptions and More Fully Homomorphic Encryption on the Ring of Gaussian Periods Private Function Evaluation with Linear Complexity LogVOLE: Succinct and Efficient Chosen-Input VOLE for ZK and Beyond RIC: Randomize Invalid Coefficients to Mitigate Side-Channel Assisted Chosen-Ciphertext Attacks on ML-KEM Practical and Verifiable Encrypted Vector Search for Retrieval-Augmented Generation Generic Construction of CCA-Secure PKE from Key-Insulated and Privacy-Preserving Signatures with Publicly Derived Public Key Adaptively Secure Permissive Unbounded Inner Product Functional Encryption from Lattices
On the Estonian Internet Voting System, IVXV, SoK and Suggestions
Shymaa M. Ar · 2025-03-18 · via Cryptology ePrint Archive

Paper 2025/506

On the Estonian Internet Voting System, IVXV, SoK and Suggestions

Abstract

The Estonian i-voting experience is probably the richest to analyze; a country that is considered a pioneer in digitizing both the government and private sector since 2001 followed by online internet voting (i-voting) in 2005. However, there are still some complaints submitted, critics and remarks to consider about the IVXV system. In this paper, we introduce a Systemization of Knowledge of the Estonian IVXV i-voting system and propose some added security enhancements. The presented SoK discusses applications implemented by election observers in 2023 & 2024 elections, which, to our knowledge, have never been mentioned and/or analyzed in the academia before. We also point out to unnoticed automated formal verification analysis of IVXV; the researchers discovered a privacy attack that we show extendable to a possible large scale encrypted vote copying. In addition, we identify and analyze recent fixes and improvements in the June 2024 version used in the European Parliament elections connecting them to their academic sources. Then, we discuss the current system status, pointing out to risks that have never been discussed before like voting trojan horses and automated online attacks, propose our own suggestions to some remaining vulnerabilities, discuss the newest Estonian Cyber Security committee June 2025 report, then raise the inevitable question of the approaching quantum threat.

Note: This is the final complete extended version containing all details of the earlier versions with the newest details up to May 2026 a new paper "Beyond the Happy path" was discussed and the extended version was adjusted to the IEEE Access submission on 15/5/2026; events on Nov 2025 elections and the Trojan horse threat still exists with more details The compact version (in IEEE format ) is on Researchgate https://www.researchgate.net/publication/383220628_On_the_Estonian_Internet_Voting_System_IVXV_SoK_and_Suggestions Most significant updates: the threat of adversary votes through TROJAN HORSEs embedded in non-voting applications, IVXV updates published on 30/9/2025, Estonian Cyber Security Committee report of noteworthy threats (30/9/2025), and covering Oct 2025 local elections. It will take time to merge the 2 versions into a single version based on the place of acceptance and removal of the posters details by citing them. On 20/9/2025: ----------------- An added row in Table1 since IVXV did add a finger print to the Voting application on June 2024 but in kind of technical steps to the average users and attacks are still possible (https://github.com/DrShymaa2022/E_Vote_ID_2025_posters/blob/main/EncryptedcopyattackPoster_13_9_25.pdf) On 21/8/2025: ----------------- Ukraine is NOT Estonia's closest neighbor, but still the war has put some pressure according to prime minister and a cyber security chairman statements in [7] + other writing edits in red. -------------------------------------------- On 20/7/2025: ----------------- Adding Appendix C about absent voting and possible online credential theft, with an accompanying row in Table 2, + some bench mark figures (taken from [91]) in Appendix A.5 about Verkle Tree proof generation time . On 13/7/2025: ----------------- Adding 2 summary tables of sec.s 5,6 respectively + adding AI-generated Verkle Tree proofs simulation + some changes in the final conclusion

BibTeX 

@misc{cryptoeprint:2025/506,
      author = {Shymaa M. Arafat},
      title = {On the Estonian Internet Voting System, {IVXV}, {SoK}  and Suggestions},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/506},
      year = {2025},
      url = {https://eprint.iacr.org/2025/506}
}

此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。