E-voting
Online voting and elections
Media image full width
Core documents
This document briefly outlines in a table the most significant security principles in end-to-end online voting.
This document describes how Swiss Post has established a secure infrastructure for its electronic voting. It outlines the most important security measures against cyber attacks.
Protocols on verifiability and data protection
In this document, we are introducing the report that provides the cryptographic proof of complete verifiability of Scytl sVote Voting Protocol, according to the complete abstract model defined in the VEleS ordinance.
In this document, we are introducing the report that provides the cryptographic proof of voter privacy of Scytl sVote Voting Protocol, according to the complete abstract model defined in the VEleS ordinance.
In this document, we are introducing the report that provides the symbolic proof of complete Verifiability of Scytl sVote Voting Protocol, according to the complete abstract model defined in the VEleS ordinance.
In this document, we are introducing the paper that provides the symbolic proof of voter privacy of Scytl sVote Voting Protocol, according to the complete abstract model defined in the VEleS ordinance.
Protocol for the system without universal verifiability
The following documents are only valid for the 50% version of Swiss Post’s e-voting solution.
This scientific specialist article describes which protocol will come into effect in Swiss Post’s e-voting system. A general overview of the protocol and its most important participants will be given. It also contains syntactical and symbolic descriptions which could be useful for other protocols that use return codes as well as for a symbolic analysis of the security of such concepts. Details on the implementation are given in the document.
This document contains a general description of the individual verifiability of the protocol, which Swiss Post uses in their e-voting system.
Description of the protocol for the e-voting system used in Switzerland for up to 50% of the cantonal electorate.
Report on the automatic proof of individual verifiability and voting secrecy for the protocol using ProVerif.
Disclosure of source code
Swiss Post believes that only a transparent and politically neutral e-voting solution can be successful in the long term. It is therefore publishing the source code of its solution with universal verifiability (see blog “Swiss Post publishes the source code for its e-voting system”) In addition, it has published various technical documents (see “Transparency and publications”).
By publishing the source code for its e-voting solution, Swiss Post wants to build trust with the public and use feedback from knowledgeable professionals for the purposes of improvement. Source code disclosure is also a mandatory precondition of the Federal Chancellery when using advanced electronic voting systems.
Swiss Post’s disclosed source code relates to the implementation of the cryptographic protocol for complete verifiability at application level. The specification of the cryptographic protocol and the architecture of the e-voting solution are published.
A Gitlab.com account and registration with Swiss Post are required to view the source code. In addition, all users must first accept the conditions of use (PDF, 166 KB).
Audit certificates and reports
The Confederation stipulates the administrative and technical specifications (in German) for e-voting. Compliance with these specifications must be verified by external bodies during an audit. If 30% of the cantonal electorate is exceeded, certification is also required. The documents and certificates are prerequisites for the approval of electronic voting in the cantons. The final audit reports also generally contain information about the improvement measures implemented over the course of the audit and those still required.
Below you will find various audit certificates and reports concerning Swiss Post’s system. Documents that refer to the 50% certification of the system are available on request.
Verification of the cryptographic protocol without universal verifiability (English version)
This document is only valid for the 50% version of Swiss Post’s e-voting solution (system without universal verifiability). The cryptographic protocol describes the individual cryptographic security elements and their use. The protocol must then be analysed to ascertain whether it corresponds to the Federal Chancellery’s requirements. Mathematical evidence has been provided as proof of this. The accuracy of this proof was analysed during the verification. This link provides you with a summary of the certification inspection to enable the system to be used by up to 50% of the electorate (“50% certification”).
During the verification of functionality, tests are carried out to check whether the cryptographic protocol, other security measures and user processes are implemented in the system. The end-to-end encryption which ensures voting secrecy is also audited as part of this.
The verification of infrastructure and operation concerns the implementation of the security requirements with respect to applications, operating systems, databases, security and network components, and the premises available for secure technical operation.
In order to test infrastructure protection, the specialists tasked with doing so attempt to infiltrate the infrastructure.
Contact us
We would be happy to advise you about e-voting.
Write to us
Send us your query directly online.
On LinkedIn
News and information on LinkedIn
Our address
Post CH Ltd
E-voting
Wankdorfallee 4
3030 Berne
Switzerland