E-voting system’s "construction manual" disclosed 05.05.2021
The disclosure of Swiss Post’s new e-voting system is making progress. Various improvements have already been implemented thanks to feedback from national and international experts. The system specifications are now ready for verification. A public bug bounty programme for e-voting is being launched in the second half of the year.
The disclosure of the future e-voting system with complete verifiability began in early 2021 and is being conducted in phases. Swiss Post specifically began this process at an early stage so that it would have enough time to implement reported improvements. The cryptographic protocol and an open source library with key cryptographic algorithms have already been disclosed. Swiss Post is now publishing the specifications for the system.
Experts can test the system specifications
The specifications provide a detailed description of the cryptographic protocol. They are effectively the construction manual for the e-voting system and explain all of its components. They describe the whole process, from the configuration of the electronic ballot to the casting and counting of votes. They contain codes, known as pseudocodes, which illustrate algorithms. The specifications describe the more general algorithms and some of the underlying building blocks.
Various improvements implemented thanks to feedback
The community programme has gathered pace since the start of the disclosure process: various national and international researchers have reported their findings. Swiss Post is posting all findings on GitLab and is in dialogue with the experts who submit reports and the community. Based on the feedback received, Swiss Post has identified various improvements to the algorithms published in the open source library. The new version of the cryptographic protocol, which is now being published, contains a correction to the individual verifiability reported as part of the disclosure.
Public bug bounty programme and forthcoming stages
Swiss Post is committed to bug bounty programmes. They are deemed best practice internationally, but are not yet firmly established in Switzerland. Swiss Post aims to pave the way for the introduction of these new methods in Switzerland. Bug bounty programmes are based on the premise that the development of IT systems is never complete, but is a continuous process in which security vulnerabilities are detected and rectified. This is vital, not least because the methods used to attack systems are continually evolving. Collaboration with ethical hackers is especially useful in this process, as it ensures that we always remain one step ahead of cybercriminals.
Swiss Post is gradually extending its bug bounty programme to e-voting. It will launch the public bug bounty programme for e-voting in the second half of 2021. Anyone who is interested can contact Swiss Post now to be notified when the programme starts.
Swiss Post will publish the system’s source code and separate verification software over the coming months.
More information about the disclosure of the new e-voting system can be found on the community website.
At the end of April, the Federal Council began the public consultation procedure on the future legal basis for the trial operation of e-voting. These requirements will be fed into the development of Swiss Post’s e-voting system based on the project roadmap.
The Canton of Thurgau, which in future would like to run an e-voting trial using the new Swiss Post system, has commissioned an independent analysis of the objects that have already been disclosed. The newly published report by Prof. Dr Carsten Schürmann, Professor for IT at the University of Copenhagen and member of the expert group mandated for the redesign by the Confederation in 2020, rates the maturity of the objects as mostly satisfactory. The report identifies potential for improvement in the specifications (relating to completeness and structure) and the cryptographical analysis (relating to completeness and avoidance of repetitions). Swiss Post is examining these findings to improve the objects. The report is available on GitLabTarget not accessible.