It appears you have not yet registered with our community. To register please click here...

 
Go Back [M] > Madshrimps > WebNews
Russia's election blockchain hacked Russia's election blockchain hacked
FAQ Members List Calendar Search Today's Posts Mark Forums Read


Russia's election blockchain hacked
Reply
 
Thread Tools
Old 23rd August 2019, 08:47   #1
[M] Reviewer
 
Stefan Mileschin's Avatar
 
Join Date: May 2010
Location: Romania
Posts: 153,575
Stefan Mileschin Freshly Registered
Default Russia's election blockchain hacked

It is not as if you didn't know who would be elected

A French security researcher has found a critical vulnerability in the blockchain-based voting system which Russian officials plan to use next month for the 2019 Moscow City Duma election.

Pierrick Gaudry, an academic at Lorraine University and a researcher for INRIA, the French research institute for digital sciences, found that he could compute the voting system's private keys based on its public keys. These private keys are used together with the public keys to encrypt user votes cast in the election.

Gaudry blamed the issue on Russian officials using a variant of the ElGamal encryption scheme that used encryption key sizes that were too small to be secure. This meant that modern computers could break the encryption scheme within minutes.

What an attacker can do with these encryption keys is currently unknown, since the voting system's protocols weren't yet available in English, so Gaudry couldn't investigate further.

"Without having read the protocol, it is hard to tell precisely the consequences, because, although we believe that this weak encryption scheme is used to encrypt the ballots, it is unclear how easy it is for an attacker to have the correspondence between the ballots and the voters", the French researcher said.

"In the worst case scenario, the votes of all the voters using this system would be revealed to anyone as soon as they cast their vote."

The Moscow Department of Information Technology promised to fix the reported issue. "We absolutely agree that 256x3 private key length is not secure enough", a spokesperson said in an online response. "This implementation was used only in a trial period. In a few days, the key's length will be changed to 1024."

However, a public key of a length of 1024 bits may not be enough, according to Gaudry, who believes officials should use one of at least 2048 bits instead.

https://fudzilla.com/news/49259-russ...ckchain-hacked
Stefan Mileschin is offline   Reply With Quote
Reply


Similar Threads
Thread Thread Starter Forum Replies Last Post
Russia hacked the Olympics and tried to pin it on North Korea Stefan Mileschin WebNews 0 27th February 2018 20:41
Twitter missed its Russia election interference deadline Stefan Mileschin WebNews 0 11th January 2018 18:44
DHS finally reveals the states Russia hacked during the elections Stefan Mileschin WebNews 0 27th September 2017 06:29
Facebook shows Congress how Russia gamed the 2016 election Stefan Mileschin WebNews 0 23rd September 2017 21:14
Facebook hands Russia-backed ads to election investigators Stefan Mileschin WebNews 0 22nd September 2017 06:21
Blockchain hacked by bank robber Stefan Mileschin WebNews 0 21st July 2017 07:21
French candidate hacked just before presidential election Stefan Mileschin WebNews 0 9th May 2017 06:28
Germany confronts Russia over election hacking Stefan Mileschin WebNews 0 9th May 2017 06:28
US is ready to hack Russia if it interferes with the election Stefan Mileschin WebNews 0 7th November 2016 06:45
Russia might have hacked the White House Stefan Mileschin WebNews 0 8th April 2015 06:47

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


All times are GMT +1. The time now is 15:32.


Powered by vBulletin® - Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
SEO by vBSEO