Security Analysis of Croatia's Receipt Registration and Verification System
In this paper, the authors presented initial analysis of a fiscal system introduced by Republic of Croatia's Tax Administration. It is only a partial analysis, based on publicly available information, which doesn't include testing's on live systems due to being illegal by the new Criminal law in Croatia. Also, they assumed that the implementations are perfect, i.e. there are no software bugs. The finding is that on the server side the system is relatively well protected. On the client side, the things are quite different. This is Achilles' heel of the whole system.