Continuous improvement of the e-voting system: reports from experts
At the start of 2021, Swiss Post initiated a community programme on e-voting and published the essential components and documentation for the beta version of its future e-voting system. This is a cyber security measure. Swiss Post aims to work with leading international specialists to identify and eliminate every vulnerability in order to maintain the system at the highest possible security level.
On this page you will find a description of all confirmed findings, the severity of which Swiss Post classifies as high or critical after an in-depth technical analysis. The details are updated on a regular basis.
Overview of the findings
| Status | 22.05.2023 |
|---|---|
| Number of reports | 249 |
| Number of findings with high severity level | 4 |
| Number of findings with critical severity level | 0 |
| Total rewards paid out | € 159 550 |
Confirmed findings with high and critical severity
Swiss Post permanently and fully discloses its future e-voting system. Experts can analyze the documents and test the source code. As part of the bug bounty program, Swiss Post pays rewards for confirmed vulnerabilities. These are cyber security and international best practice measures to keep security at the highest possible level. The aim of these measures is to find and eliminate possible points of attack in the system at an early stage on the basis of the reported findings.
All information, including questions, comments and findings, is published on the GitLab specialist platform.
Below you will find a regularly updated description of all confirmed findings, the severity of which Swiss Post classifies as high or critical after a detailed technical analysis.
The findings are listed chronologically after their publication time on GitLab.
Date: September 2021
Reported by: Ruben Santamarta
Severity: high
Description: The error described indicates that an attack on an offline entity of the Secure Data Manager (SDM) is possible if malware were to be saved on an encrypted data carrier used for the physical transport of data between online and offline computers. The canton uses the SDM program to set up the electronic contest before every election or vote. The program runs on several offline computers and one online computer within the canton’s infrastructure. By exploiting this error, an attacker could jeopardize the correct configuration of the electronic contest via an offline computer.
An attack could be carried out at the point when the imported data are validated and could be facilitated by the current lack of restriction on which data can be imported into the SDM directory.
Status and resolution: SDM - Insecure USB file handling during 'importOperation'Target not accessible
Date: October 2021
Reporting: Analysis of the Confederation’s independent experts (reported by: V. Teague, O. Pereira and Th. Haines), on the basis of which Swiss Post’s e-voting team discovered the error
Severity: high
Description: The error would an attacker who has gained control over the voting client, the voting server and a control component, to endanger individual verifiability. The attacker could falsify a public key, a cryptographic component used to securely transmit a message to the voter unaltered, and get the other control components to accept it anyway. The voter themselves would not be able to determine that their vote was invalidated, i.e. individual verifiability would not be ensured. However, the attack would be discovered when the canton checked the votes.
Status and solution: Insufficient signature validation of the election public key resulting in possible attacks against individual verifiability
Date: June 2021
Reported by: Pierrick Gaudry, Véronique Cortier, Alexandre Debant
Severity: high
Description: If an attacker could control parts of Swiss Post’s server infrastructure and the last offline control component operated by the canton, it would be possible for them to exploit the error in order to break the voting secrecy of multiple votes. The control components do not currently check whether a ballot box belongs to a particular voting procedure. Nor do they check whether the votes in a ballot box have already been mixed and decrypted.
Status and solution: Risk of privacy breach due to the CCMs not checking the ZKP before mix-decrypting
Date: February 2021
Reported by: Thomas Haines
Severity: high
Description: An attacker who manages to break into the e-voting infrastructure can, by exploiting the described error, could obtain information that could help them guess choice return codes and the confirmation code. They could use this to indicate the correct registration of the vote to the voter while still recording the incorrect vote in the background.
Status and solution: The algorithm GenCMTable allows an adversary to recover the election event’s set of possible short return codes