New Swiss Post e-voting system: cryptographic protocol disclosed
Swiss Post will disclose its new e-voting system in stages, as part of a community programme. Swiss Post will invite experts to evaluate the system. In the first step, the cryptographic protocol will be available to be checked. Specifications, documentation and the source code for the e-voting system will follow in further stages over the course of the year.
With the e-voting community programme, Swiss Post is disclosing its new system for electronic voting in elections and votes so that independent experts can critically examine it and report potential vulnerabilities. This procedure is implemented to increase the security of IT systems. By taking this approach, Swiss Post wants to foster dialogue with external e-voting specialists.
In the first step of the disclosure, the draft of the cryptographic protocol will be available to be checked. This document describes Swiss Post‘s e-voting system in mathematical form. It demonstrates that the cryptographic elements ensure voting secrecy is preserved, as well as guaranteeing individual and universal verifiability. Swiss Post published the protocol for a previous system version in 2019. Since then, the completely verifiable system has been revised. Factors including the valuable feedback provided by experts were taken into account when making changes. Accompanying documentation for the protocol, which is also available online, explains what changes have been implemented since 2019, what limitations exist and what improvements still need to be made.
Transparent information for the e-voting community
“We want to make it as easy as possible for independent experts to get involved and, in turn, to suggest improvements,” says Denis Morel, Head of E-Government at Swiss Post.
For this reason, Swiss Post is making a website available to experts with information about the community programme. On the page, direct access to the published materials and all relevant information about the disclosure can be found, such as the process for reporting findings. This website will be gradually updated and added to. All technical data is available on the specialist GitLab platform. Initially, only the cryptographic protocol can be found there. Confirmed findings will also be made publicly accessible on GitLab.
Source code to follow
Specifications, documentation and the source code for the system will follow in stages at later dates. The disclosure in phases is intended to allow checks and specialist discussions.
It is still unclear when the system will be developed to such a degree that it meets the requirements of the Confederation and is ready to be deployed by the cantons. This depends, on the one hand, on the implementation of the new legal framework for e-voting and, on the other hand, on the feedback that Swiss Post receives from the specialist community in the course of the disclosure.
The Federal Council would like cantons to again be able to run electronic voting trials. The Federal Council developed the trial operation for e-voting in 2020 in partnership with the cantons and issued the mandate to amend the relevant legal basis in December 2020. Once the legal basis exists and the systems have been evaluated successfully, the cantons will again be able to launch e-voting trials. Swiss Post will adapt its system to the new statutory requirements.