Independent audit: insights into the ongoing work at Swiss Post

Independent audit: insights into the ongoing work at Swiss Post 20.04.2022

At the beginning of 2021, Swiss Post launched an e-voting community programme that enabled experts from around the world to examine its new e-voting system. At the same time, several expert groups conducted a review of the system on behalf of the Federal Chancellery. The initial audit reports are now available together with the response reports from Swiss Post. Swiss Post has developed an action plan to resolve the reported findings and notified the Federal Chancellery and the relevant cantons accordingly. The ready-for-use system will not be made available until the work outlined in this plan is complete.

In several stages from the beginning of 2021, Swiss Post has published the key documents and components for the beta version of its future e-voting system with universal verifiability on the specialist platform GitLab. Experts from around the world have since taken part in the review and reported improvements to the system, which Swiss Post has implemented. The latest information on the findings is always available on this blog.

In July 2021, the Federal Chancellery also commissioned several expert groups to examine the system in the areas of cryptography, software, infrastructure and operations as well as to perform penetration testing. This independent examination is a requirement for the use of a system in accordance with the future legal basis. Swiss Post was in contact with the experts during the examination. Swiss Post analysed the audit reports in detail and provided response reports that outlined how the reported findings are to be resolved.

Status of the work and key areas of action

Work on resolving the reported findings is already under way. In the most recent system release, Swiss Post has already taken action to resolve some of the findings from the audit reports. The resolved findings are listed by system component on the specialist platform GitLab (source code systemTarget not accessible, cryptographic primitivesTarget not accessible, cryptographic protocolTarget not accessible).

Other improvements are soon to be implemented. Swiss Post has developed an action plan for resolving the outstanding findings and communicated it to the Federal Chancellery and the cantons involved. This work is centred on aspects of the cryptographic protocol and its implementation in the software. Swiss Post is making clarifications, implementing targeted improvements and recoding, with particular regard to the cryptographic evidence and the findings relating to voting secrecy and individual verifiability.

Swiss Post will not make the ready-for-use system available to the cantons until the work outlined in the action plan is complete. The interested cantons should be able to introduce e-voting within the context of the legally determined trial operation during the course of 2023.

Swiss Post’s reports in response to the expert reports

The audit reports created by the experts are available on the Federal Chancellery websiteTarget not accessible. The response reports from Swiss Post can be found below.

Expert group Examination scope(s) Response report(s) from Swiss Post
Adamiste Stephane (SCRT) Operations and organization Response to SCRT Scope 3Target not accessible
Basin David (Contego Laboratories) Cryptographic protocol Response to Basin Scope 1Target not accessible
Dubuis Eric, Haenni Rolf, Koenig Reto and Locher Philipp (BFH) Cryptographic protocol; Software Reponse to BFH Scope 1Target not accessibleReponse to BFH Scope 2Target not accessible
Essex Aleksander (Western University Canada) Cryptographic protocol Response to Essex Scope 1Target not accessible
Ford Bryan (EPFL) Cryptographic protocol; Software; Operations and organization To follow
Fontes Antonio (SCRT) Operations and organization Response to SCRT Scope 2aTarget not accessible
Haines Thomas (Australian National University), Pereira Olivier (Université catholique Louvain), Teague Vanessa (Thinking Cybersecurity) Cryptographic protocol; Software Response to Haines, Pereira, Teague Scopes 1 & 2Target not accessible
Mowat Alain (SCRT) Penetration test Response to SCRT Scope 4Target not accessible
Perrig Adrian (ETHZ) Penetration test Response to ETHZ Scope 4Target not accessible