Disclosure of e-voting system: key cryptographic algorithms published as open-source content

Disclosure of e-voting system: key cryptographic algorithms published as open-source content 23.03.2021

In the second phase of the disclosure of its new e-voting system, Swiss Post is publishing key cryptographic algorithms. These can be found in an open-source library.

Swiss Post began disclosing its new e-voting system in January 2021, as part of a community programme. The company’s aim is to enable verification of the system and dialogue between experts and Swiss Post’s e-voting team. The disclosure is taking place in stages. Swiss Post can use the feedback received from independent experts to develop the system on a continuous basis. In January, it published the cryptographic protocol. It is now starting the second phase of the process by releasing the library of cryptographic primitives.

An e-voting system from Switzerland and for Switzerland: key algorithms rewritten

Since spring 2020, Swiss Post has held all the rights to the e-voting system that are necessary for the independent development of the system. Since then, it has further developed the system at its IT location in Neuchâtel and rewritten key algorithms. This lays the foundation for an e-voting system from Switzerland for Switzerland. Key cryptographic algorithms, known as crypto-primitives, are available in the library provided by Swiss Post. The library is being published under the open-source Apache licence 2.0. In doing so, it endeavoured to structure the library and its contents clearly and in a way that is easy to understand for independent verification.

The algorithms in the library are the core of the cryptography used in Swiss Post’s e-voting system. A key element of the cryptographic primitives that are currently available is the algorithms used in the mix network. The mix network is the basis for the complete verifiability of Swiss Post’s e-voting system. It consists of mixers that mix and re-encrypt the votes after the electronic ballot box has been closed on the Voting Sunday. The mix network prevents the individual and the vote they have cast from being linked to each other and ensures that voting secrecy is protected. Additionally, the mix network provides evidence that no votes have been changed, deleted or added. Swiss Post’s e-voting system is based on the Bayer-Groth mix network.

Further components to follow

Swiss Post will publish the specifications and source code of the e-voting system and the separate verification software in the next phases of the disclosure process. Additional algorithms will also be published in the library of cryptographic primitives at a later date.

More information about the disclosure of the new e-voting system can be found on the community website.

First findings from the disclosure

Swiss Post launched the disclosure of the new system on 19 January 2021. Since then, there have been the following reports on this:

  • Coordinated vulnerability disclosure: experts are in agreement about the benefits of coordinated vulnerability disclosures. Discussions are taking place to decide how long the verification process should last. A discussion about this was initiated on GitLab.
  • Cryptographic protocol: as part of the disclosure, a researcher for Swiss Post has reported a finding relating to the cryptographic protocol. Swiss Post has checked this case carefully. The finding and its solution are documented on GitLab. A new version of the protocol will be published at a later date.