Community programme Key points at a glance
In 2019, Swiss Post disclosed the source code of an earlier version of its e-voting system with complete verifiability. Since then, we have continued to develop the system, while improving the documentation and auditability. The feedback from those who took part provided us with a key basis for designing the ongoing programme, in particular with regard to the options for cooperating with interested parties. We have updated and improved the procedure: the system is being disclosed step by step and transparently. Dialogue with experts is a core component of the disclosure process, which forms part of the e-voting community programme.
The disclosed items are listed and described below. The disclosure of the system is almost complete. The source code of the separate open-source verification software will be published in the autumn. All items can be viewed on GitLab.
This scientific document describes the Swiss Post e-voting system in mathematical form. It demonstrates that the cryptographic elements protect voting secrecy and guarantee individual and universal verifiability.
The changes made to the cryptographic protocol since 2019 are described in supporting documentation, which is also available on GitLab.
The symbolic analysis supplements the cryptographic evidence as verification that Swiss Post’s e-voting system maintains voting secrecy and complies with individual and universal verifiability. The symbolic analysis is written in the ProVerif programming language. Its correctness can be checked automatically using suitable software.
The specification provides a detailed description of the cryptographic protocol. It describes the process from the configuration of the electronic contest to the casting and counting of votes. It contains codes known as pseudocodes, which serve to illustrate algorithms. The specification describes the more general algorithms and some of the underlying components.
A source code is a text written in a particular programming language. It sets out the specific rules and requirements used to create a piece of software. The e-voting system’s source code contains the elements of the entire software through which the requirements of the cryptographic protocol are implemented.
The published source code for the e-voting system is prepared in such a way that it can be compiled, tested and simulated with ease.
The library released by Swiss Post contains key cryptographic algorithms, known as cryptographic primitives. These are used in both the e-voting system and the separate verification software. A key element of the cryptographic primitives that are currently available is the algorithms used in the mix network. Additional algorithms will be integrated in later phases of the disclosure.
The specifications for the cryptographic primitives are also available.
(technical tool for vote checkers)
The specifications correspond to a detailed description of the open-source verification software for Swiss Post’s e-voting system. On this basis, third parties with or without commercial objectives can test and redevelop the software, and place it on the market as an independent product. Swiss Post’s aim is to enable the use of third-party verification software.
System documentation (“infrastructure whitepaper”)
The infrastructure whitepaper describes the e-voting infrastructure and all the security aspects that have been implemented. This includes information about data centers and the structure and application of the infrastructure and the databases. The various security measures are also outlined.
The architecture documentation details the overall structure of the e-voting system: from the legal framework to the actual e-voting solution with its various components and interfaces, the principles of the architecture and decisions related to it, and the quality requirements specified for the system.
Description of the development process
Swiss Post is developing the e-voting system using agile project management. This document describes the software development, gives an overview of which tools were used and demonstrates how the various quality specifications are followed during development and how they are checked. The procedure for the regular source code disclosure is also explained.
Tests are carried out at various levels as part of the development of the e-voting system. The software is checked for conformity with the requirements set out in the Federal Chancellery Ordinance on Electronic Voting (OEV) and Post CH Ltd’s internal specifications in accordance with the ISO 25010 standard. The test concept describes the entire procedure, including the test objects, the infrastructure used, the reporting and the test organization.
What you can expect
What awaits you when your participate in the e-voting community programme? The key points can be found at a glance below:
The following additional functions are available to experts in order to test the e-voting system during the course of the year.
- Verification software: the source code of the verification software will be released over the coming months. This means that the entire system will have been disclosed.
- Public intrusion test: Swiss Post will carry out a public intrusion test at a later date as part of the bug bounty programme. You will have the opportunity to attack and attempt to penetrate Swiss Post’s e-voting infrastructure.