Online voting and elections
Publications and source code
Specific e-voting documents for professionals for download
Swiss Post believes that only a transparent and politically neutral e-voting solution can be successful in the long term. For this reason, it is publishing specific documents and concepts for professionals related to the electronic casting of votes and cyber security, and it is disclosing the source code.
Media image full width
This document briefly outlines in a table the most significant security principles in end-to-end online voting.
This document describes how Swiss Post has established a secure infrastructure for its electronic voting. It outlines the most important security measures against cyber attacks.
Protocols on verifiability and voting secrecy
In this document, we are introducing the report that provides the cryptographic proof of complete verifiability of Scytl sVote Voting Protocol, according to the complete abstract model defined in the VEleS ordinance.
In this document, we are introducing the report that provides the cryptographic proof of voting secrecy of Scytl sVote Voting Protocol, according to the complete abstract model defined in the VEleS ordinance.
In this document, we are introducing the report that provides the symbolic proof of complete Verifiability of Scytl sVote Voting Protocol, according to the complete abstract model defined in the VEleS ordinance.
In this document, we are introducing the paper that provides the symbolic proof of voting secrecy of Scytl sVote Voting Protocol, according to the complete abstract model defined in the VEleS ordinance.
Transparency creates trust
By publishing the source code, Swiss Post wants to build trust with the public and use feedback from knowledgeable professionals for the purposes of improvement. Source code disclosure is also a mandatory precondition of the Federal Chancellery when using advanced electronic voting systems.
Disclosure of new source code (from 2021)
Swiss Post believes that only a transparent and politically neutral e-voting solution can be successful in the long term. For this reason, starting in 2021, it will be publishing the source code, as well as various specifications of its future solution, with universal verifiability.
Swiss Post is looking to make it as easy as possible for independent experts to critically assess the system and, in turn, to suggest improvements. Compared with the release of the source code in 2019, the new features include:
- definition and implementation of the new disclosure with the inclusion of cantons and experts
- publication of a compilable system
- improvement of documentation and auditability of the system
- opportunities to simulate contests
- simplified access to the code and a streamlining of the terms and conditions of use
Disclosure of old source code (2019)
In 2019, Swiss Post disclosed the source code of its old e-voting solution. This relates to the implementation of the cryptographic protocol for complete verifiability at application level. The specification of the cryptographic protocol and the architecture of the e-voting solution were published.
A Gitlab.com account and registration with Swiss Post are required to view the old source code. In addition, all users must first accept the conditions of use (PDF, 166 KB).
Protocols on auditability and voting secrecy without universal verifiability
The documents for the old version of the Swiss Post e-voting solution (50%, without universal verifiability) are available on request.
Audit certificates and reports
The Confederation stipulates the administrative and technical specifications (in German) for e-voting. Compliance with these specifications must be verified by external bodies during an audit. If 30% of the cantonal electorate is exceeded, certification is also required. The documents and certificates are prerequisites for the approval of electronic voting in the cantons. The final audit reports also generally contain information about the improvement measures implemented over the course of the audit and those still required.
Below you will find various audit certificates and reports concerning Swiss Post’s system. Documents that refer to the 50% certification of the system are available on request.
This document is only valid for the 50% version of Swiss Post’s e-voting solution (system without universal verifiability). The cryptographic protocol describes the individual cryptographic security elements and their use. The protocol must then be analysed to ascertain whether it corresponds to the Federal Chancellery’s requirements. Mathematical evidence has been provided as proof of this. The accuracy of this proof was analysed during the verification. This link provides you with a summary of the certification inspection to enable the system to be used by up to 50% of the electorate (“50% certification”).
During the verification of functionality, tests are carried out to check whether the cryptographic protocol, other security measures and user processes are implemented in the system. The end-to-end encryption which ensures voting secrecy is also audited as part of this.
The verification of infrastructure and operation concerns the implementation of the security requirements with respect to applications, operating systems, databases, security and network components, and the premises available for secure technical operation.
In order to test infrastructure protection, the specialists tasked with doing so attempt to infiltrate the infrastructure.
Public intrusion test 2019
From 25 February to 24 March 2019, Swiss Post carried out a public intrusion test. IT specialists and hackers were invited to attack the system with the aim of finding vulnerabilities.
During the four-week endurance test, around 3,200 international IT experts inflicted targeted attacks on the new e-voting system. After the completion of the intrusion test, there were no manipulated votes in the electronic ballot box. The hackers did not manage to infiltrate the e-voting system. Attempts at overloading the system through DDoS attacks were unsuccessful. The hackers submitted a total of 173 findings. The Federal Chancellery, Cantons and Swiss Post confirmed 16 of them. They fall under the lowest classification level, “Best Practice”, and are thus considered non-critical. The entire assessment process for the findings was overseen by representatives of the Confederation and the cantons.
Swiss Post’s final report (PDF, 975.6 KB) summarizes the results and insights gained from the intrusion test for the Steering Committee, which consists of representatives from the Confederation and the Cantons.
The Confederation’s final report can be found here (German version).