How the Swiss Post E-voting system addresses client-side vulnerabilities

(Part 3 of a 5-part series starting here)

In Part 1 I described how Switzerland decided to assess the security and accuracy of its e-voting system.  Swiss Post is the “vendor” developing the system, the Swiss cantons are the “customer” deploying it in their elections, and the Swiss Parliament and Federal Chancellery are the “regulators,”  deciding whether it’s secure enough for the cantons to use.

Internet voting has inherent vulnerabilities that need to be addressed by any e-voting solution:

The server:  bugs in the server that receives e-ballots and counts them; vulnerabilities in the server that allow hackers to penetrate and alter the vote-counting software; the possibility that insiders can use their access to subvert the vote counts.The client:  bugs in the voter’s voting-app or browser app; vulnerabilities in the voter’s browser or operating system or hypervisor or BIOS that allow hackers to subvert the app so that it changes the ballot, after the voter sees it but before it is encrypted and transmitted.The communications network: possibility that attackers can change votes in transit, or cause ballots to be lost, or to commit denial-of-service attacks.Authentication of voters:  association of a physical human being with a set of digital credentials.

Of these, the communications network is probably the easiest to address with known technology (end-to-end encryption/authentication).  Authentication of voters can be very difficult or less difficult depending on societal infrastructure.  (Since Switzerland has no universal digital ID card, they address this issue by mailing a sheet of paper to each

Read more

Explore the site

More from the blog

Latest News