Showing only posts tagged protocols. Show all posts.

Security Analysis of the MERGE Voting Protocol

Source

Interesting analysis: An Internet Voting System Fatally Flawed in Creative New Ways. Abstract: The recently published “MERGE” protocol is designed to be used in the prototype CAC-vote system. The voting kiosk and protocol transmit votes over the internet and then transmit voter-verifiable paper ballots through the mail. In the …

RADIUS Vulnerability

Source

New attack against the RADIUS authentication protocol: The Blast-RADIUS attack allows a man-in-the-middle attacker between the RADIUS client and server to forge a valid protocol accept message in response to a failed authentication request. This forgery could give the attacker access to network devices and services without the attacker …

Maybe the Phone System Surveillance Vulnerabilities Will Be Fixed

Source

It seems that the FCC might be fixing the vulnerabilities in SS7 and the Diameter protocol: On March 27 the commission asked telecommunications providers to weigh in and detail what they are doing to prevent SS7 and Diameter vulnerabilities from being misused to track consumers’ locations. The FCC has …

Security Analysis of a Thirteenth-Century Venetian Election Protocol

Source

Interesting analysis : This paper discusses the protocol used for electing the Doge of Venice between 1268 and the end of the Republic in 1797. We will show that it has some useful properties that in addition to being interesting in themselves, also suggest that its fundamental design principle is …