Onderzoekers hebben een ernstige tekortkoming in het nieuwe Zwitsers e-voting systeem gevonden. De fout in de code zou toelaten om uitgebrachte stemmen te wijzigen zonder dat dit wordt gedetecteerd. Voor de onderzoekers is de fout zo ernstig dat ze oproepen om af te zien van het gebruik van het systeem (ontwikkeld door Swiss Post) bij de volgende verkiezingen. Cryptografie-expert Matthew Green schetst de ernst van het probleem: “I don’t think this was deliberate. However, if I set out to design a backdoor that allowed someone to compromise the election, it would look exactly like this.”
It is 9am Swiss Time, @VTeagueAus, Olivier Pereira & I are releasing details of a cryptographic trapdoor that we found in the Swiss Post #evoting system that would allows admins to falsely “prove” mixes that alter votes & undetectably compromise elections: https://t.co/ETEDuDsSAe
— Sarah Jamie Lewis (@SarahJamieLewis) March 12, 2019
Cory Doctorow trekt het debat verder open en argumenteert waarom stemmen via het internet een dom idee is en waarom het Zwitsers systeem in het bijzonder nooit moet worden ingezet, zelfs als de fout is verholpen. Hij verwijst daarvoor onder meer naar de Open Privacy Research Society: “We have only examined a tiny fraction of this code base and found a critical, election-stealing issue. Even if this [backdoor] is closed its mere existence raises serious questions about the integrity of the rest of the code.”
Doctorow:
When Swiss Post agreed to run the election, they promised an e-voting system based on “zero knowledge” proofs that would allow voters to trust the outcome of the election without having to trust Swiss Post. Swiss Post is now moving the goalposts, saying that it wouldn’t be such a big deal if you had to trust Swiss Post implicitly to trust the outcome of the election.
You might be thinking, “Well, what is the big deal? If you don’t trust the people administering an election, you can’t trust the election’s outcome, right?” Not really: we design election systems so that multiple, uncoordinated people all act as checks and balances on each other. To suborn a well-run election takes massive coordination at many polling- and counting-places, as well as independent scrutineers from different political parties, as well as outside observers, etc.
- Cory Doctorow bij BoingBoing: A critical flaw in Switzerland’s e-voting system is a microcosm of everything wrong with e-voting, security practice, and auditing firms
- Motherboard: Researchers Find Critical Backdoor in Swiss Online Voting System
- Het onderzoeksrapport van Sarah Jamie Lewis, Olivier Pereira en Vanessa Teague: Trapdoor commitments in the SwissPost e-voting shuffle proof