Experts worldwide report improvements to the beta version of Swiss Post’s e-voting system

Experts worldwide report improvements to the beta version of Swiss Post’s e-voting system

Swiss Post has been disclosing the beta version of its e-voting system in stages since January. With the participation of the international experts, it wants to uncover all vulnerabilities, remedy them and develop the system continuously. Several hundred experts have already participated and submitted numerous reports. Swiss Post has acted accordingly and made various improvements. On this page you will find a regularly updated description of all confirmed findings, the severity of which Swiss Post classifies as high or critical after an in-depth technical analysis.

Since the beginning of 2021, Swiss Post has been disclosing the beta version of its e-voting system in stages. The last time it published the source code was in September. At the same time, Swiss Post also launched the open-ended public bug bounty programme for the e-voting system. Depending on the severity, it will reward findings with up to 250,000 francs. This means that experts from all over the world can test the system, including by simulating voting procedures, and can report any improvements to Swiss Post. The aim is to find vulnerabilities early on with the participation of international experts, to correct them and thus continuously develop the system. The consciously sought-after external view of independent experts forms part of the mosaic in the development of a secure system. At the same time, public review is expected to become a federal requirement for e-voting systems in Switzerland that can be authorized for legally defined trial operation and used in cantons that are interested in the system.

Since July 2021, independent experts appointed by the Confederation have also been examining the beta version of Swiss Post’s e-voting system in parallel with the public review. The review will be completed with the publication of reports. Swiss Post will be notified in advance of the initial findings in order to ensure the rapid further development of the e-voting system. Swiss Post will also publish the resulting corrections on GitLab and on this website.

The findings of the e-voting system are classified in four severity categories (low, medium, high, critical). A description of the severity categories can be found on the e-voting community website.

So far, several hundred people, including specialists from science as well as ethical hackers, have participated in Swiss Post’s community programme on e-voting. Swiss Post has received 111 reports, including three findings with high severity. Two of them were received before the start of the public bug bounty programme. Swiss Post’s e-voting team discovered a new finding in October thanks to the analysis of the Confederation’s independent experts. Swiss Post has proposed solutions for all three findings, and in one case has already implemented the correction in the system. No findings of the highest severity (critical) have been received yet.

Swiss Post understands cyber security as a continuous participatory process. It is therefore pleased with the lively participation of specialists from around the world in its e-voting community programme. In this way, public scrutiny can have its full effect as a measure to keep the security of a system at the highest possible level at all times. Swiss Post corrects all serious findings before making its e-voting system available for use in the cantons.

Overview of the findings

Status
25.11.2021
Number of reports
115
Number of reports with high severity level
3
Number of reports with critical severity level
0
Total rewards paid out € 75 600

Confirmed findings with high and critical severity

Swiss Post permanently and fully discloses its future e-voting system. Experts can analyze the documents and test the source code. As part of the bug bounty program, Swiss Post pays rewards for confirmed vulnerabilities. These are cyber security and international best practice measures to keep security at the highest possible level. The aim of these measures is to find and eliminate possible points of attack in the system at an early stage on the basis of the reported findings.

All information, including questions, comments and findings, is published on the GitLab specialist platform.

Below you will find a regularly updated description of all confirmed findings, the severity of which Swiss Post classifies as high or critical after a detailed technical analysis.

Issue #1 (e-voting) Insufficient Signature Validation of the Election Public Key resulting in possible attacks against individual verifiability
Issue #11 (e-voting documentation) Risk of privacy breach due to the CCMs not checking the ZKP before mix-decrypting
Issue #2 (e-voting documentation) The algorithm GenCMTable allows an adversary to recover the election event's set of possible short return codes