Swiss Post is disclosing its new universally verifiable e-voting system in stages as part of a community programme, to allow it to be verified by independent experts.

The cryptographic protocol and the library of cryptographic primitives have already been disclosed. Swiss Post will publish other elements of the system at a later point.

More information on the disclosure can be found on the e-voting community website.

Disclosed earlier e-voting system (2019)

In 2019, Swiss Post disclosed the source code of an earlier version of its e-voting system with complete verifiability. This related to the implementation of the cryptographic protocol for complete verifiability at application level. The specification of the cryptographic protocol and the architecture of the e-voting solution were published.

Go to the previous system from 2019

From 25 February to 24 March 2019, Swiss Post carried out a public intrusion test. IT specialists and hackers were invited to attack the system with the aim of finding vulnerabilities.

During the four-week endurance test, around 3,200 international IT experts inflicted targeted attacks on the new e-voting system. After the completion of the intrusion test, there were no manipulated votes in the electronic ballot box. The hackers did not manage to infiltrate the e-voting system. Attempts at overloading the system through DDoS attacks were unsuccessful. The hackers submitted a total of 173 findings. The Federal Chancellery, Cantons and Swiss Post confirmed 16 of them. They fall under the lowest classification level, “Best Practice”, and are thus considered non-critical. The entire assessment process for the findings was overseen by representatives of the Confederation and the cantons.

Swiss Post’s final report (PDF, 975.6 KB) summarizes the results and insights gained from the intrusion test for the Steering Committee, which consists of representatives from the Confederation and the Cantons.

The Confederation’s final report can be found here (German version).