QR Steganography - A Threat to New Generation Electronic Voting Systems

Jordi Cucurull; Sandra Guasch; Alex Escala; Guillermo Navarro-Arribas; Víctor Acín

doi:10.5220/0005120404840491

QR Steganography - A Threat to New Generation Electronic Voting Systems

Jordi Cucurull, Sandra Guasch, Alex Escala, Guillermo Navarro-Arribas, Víctor Acín

2014

Abstract

Quick Response (QR) codes, used to store machine readable information, have become very common nowadays and have found many applications in different scenarios. One of such applications is electronic voting systems. Indeed, some electronic voting systems are starting to take advantage of these codes, e.g. to hold the ballots used to vote, or even as a proof of the voting process. Nevertheless, QR codes are susceptible to steganographic techniques to hide information. This steganographic capability enables a covert channel that in electronic voting systems can suppose an important threat. A misbehaving equipment (e.g. infected with malware) can introduce hidden information in the QR code with the aim of breaking voters’ privacy or enabling coercion and vote-selling. This paper shows a method for hiding data inside QR codes and an implementation of a QR writer/reader application with steganographic capabilities. The paper analyses different possible attacks to electronic voting systems that leverage the steganographic properties of the QR codes. Finally, it proposes some solutions to detect the mentioned attacks.

Download

Paper Citation

in Harvard Style

Cucurull J., Guasch S., Escala A., Navarro-Arribas G. and Acín V. (2014). QR Steganography - A Threat to New Generation Electronic Voting Systems . In Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014) ISBN 978-989-758-045-1, pages 484-491. DOI: 10.5220/0005120404840491

in Bibtex Style

@conference{secrypt14,
author={Jordi Cucurull and Sandra Guasch and Alex Escala and Guillermo Navarro-Arribas and Víctor Acín},
title={QR Steganography - A Threat to New Generation Electronic Voting Systems},
booktitle={Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014)},
year={2014},
pages={484-491},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005120404840491},
isbn={978-989-758-045-1},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014)
TI - QR Steganography - A Threat to New Generation Electronic Voting Systems
SN - 978-989-758-045-1
AU - Cucurull J.
AU - Guasch S.
AU - Escala A.
AU - Navarro-Arribas G.
AU - Acín V.
PY - 2014
SP - 484
EP - 491
DO - 10.5220/0005120404840491