Skip to main content
SpringerLink
Log in

Technical and Socio-Technical Attacks on the Danish Party Endorsement System

  • Conference paper
  • First Online:
Electronic Voting (E-Vote-ID 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11759))

Included in the following conference series:

  • 951 Accesses

Abstract

In this paper we analyze the security of the online Danish party endorsement system (DVE) and present two attacks: one technical, which we discovered during our study of the system in 2016 and which compromises the integrity of the endorsements stored in the DVE-database and another socio-technical, which allows parties to circumvent mechanisms to protect voters against abuse. To understand these attacks, we introduce the legal and technical frameworks of the DVE-system, analyze its problems, and describe a sequence of events that has led to endorsing three new parties that stood in the 2019 Danish Parliament election.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 49.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 64.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    See European Parliament election law §11, Sect. 1.

  2. 2.

    Neither the authors nor their affiliations were involved in this project, neither during procurement, nor development, nor quality assurance.

  3. 3.

    See https://www.nemid.nu.

  4. 4.

    See https://cpr.dk/.

  5. 5.

    See https://www.e-boks.com/danmark/da.

  6. 6.

    See https://www.ft.dk/samling/20131/lovforslag/l124/index.htm.

  7. 7.

    See Vælgererklæringsbekendtgørelsen, https://www.retsinformation.dk/Forms/R07-10.aspx?id=176933.

  8. 8.

    See Recommendation CM/Rec(2017)5[1] of the Committee of Ministers to member States on standards for e-voting (Adopted by the Committee of Ministers on 14 June 2017 at the 1289th meeting of the Ministers’ Deputies).

  9. 9.

    See https://www.kali.org/.

  10. 10.

    See https://www.wireshark.org/.

  11. 11.

    See https://www.mozilla.org/en-US/firefox/new/.

  12. 12.

    See https://nyeborgerlige.dk/.

  13. 13.

    See http://www.nationalpartiet.dk/.

  14. 14.

    See https://www.klausriskaerpedersen.dk/.

  15. 15.

    See https://stramkurs.dk/.

References

  1. Benaloh, J., Rivest, R.L., Ryan, P.Y.A., Stark, P.B., Teague, V., Vora, P.L.: End-to-end verifiability. CoRR, abs/1504.03778 (2015)

    Google Scholar 

  2. Clouser, M., Krimmer, R., Nore, H., Schürmann, C., Wolf, P.: The use of open source technology in elections. Resources on electoral processes. International IDEA, Stockholm (2014). ISBN 978-91-87729-68-3

    Google Scholar 

  3. Esteve, J.B., et al.: Certification of ICTs in Elections. International Institute for Democracy and Electoral Assistance (IDEA), Stockholm (2015)

    Google Scholar 

  4. Rivest, R.L., Wack, J.P.: On the notion of ‘software independence’ in voting systems, July 2006. http://vote.nist.gov/SI-in-voting.pdf

Download references

Acknowledgements

We would like to thank Christine Boeskov and Søren Stauning from ØIM for their comments on earlier versions of this paper.

Author information

Authors and Affiliations

  1. Center for Information Security and Trust, IT University of Copenhagen, Copenhagen, Denmark

    Carsten Schürmann & Alessandro Bruni

Authors
  1. Carsten Schürmann
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Alessandro Bruni
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Carsten Schürmann .

Editor information

Editors and Affiliations

  1. Department of Innovation and Governance, Tallinn University of Technology, Tallinn, Estonia

    Robert Krimmer

  2. Karlsruhe Institute of Technology, Karlsruhe, Baden-Württemberg, Germany

    Melanie Volkamer

  3. Equipe Cassis, Bat A, LORIA, Vandoeuvre-lès-Nancy, France

    Veronique Cortier

  4. Karlsruhe Institute of Technology (KIT), Karlsruhe, Baden-Württemberg, Germany

    Bernhard Beckert

  5. University of Stuttgart, Stuttgart, Baden-Württemberg, Germany

    Ralf Küsters

  6. Zentrum für Demokratie Aarau ZDA, Aarau, Switzerland

    Uwe Serdült

  7. Tallinn University of Technology, Tallinn, Estonia

    David Duenas-Cid

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Schürmann, C., Bruni, A. (2019). Technical and Socio-Technical Attacks on the Danish Party Endorsement System. In: Krimmer, R., et al. Electronic Voting. E-Vote-ID 2019. Lecture Notes in Computer Science(), vol 11759. Springer, Cham. https://doi.org/10.1007/978-3-030-30625-0_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-30625-0_13

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-30624-3

  • Online ISBN: 978-3-030-30625-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation