Main content area

Swiss Post’s e-voting solution

Electronic voting and elections for Switzerland

Swiss Post offers the cantons and municipalities a simple and flexible solution for introducing e-voting for Swiss citizens living both in Switzerland and abroad. As the trustworthy carrier of more than 20 million consignments containing voting documents and postal votes every year, Swiss Post is also the natural choice for ensuring the safe and confidential transmission of votes cast electronically with its e-voting solution. Its solution has been used since 2016.

Certified for up to 50% of the electorate

Swiss Post’s system is the first and only Swiss e-voting solution certified for 50% of the electorate and will be expanded to certification for 100% of voters by the end of 2018.

Swiss Post’s e-voting solution
Certified accessibility

Swiss Post’s e-voting solution is fully accessible. This has also been confirmed through certification by the “Access for All” foundation.

www.access-for-all.ch

News

Open collapsible container Close collapsible container

The latest information on e-voting

In 2017, further votes and elections are set to take place in the Cantons of Fribourg and Neuchâtel.

Demo system and information site

Open collapsible container Close collapsible container

E-voting blog

Open collapsible container Close collapsible container

Transparency and publications

Open collapsible container Close collapsible container

Swiss Post believes that only a transparent and politically neutral solution for e-voting can be successful in the long term. This is why Swiss Post publishes a certain number of documents and concepts for experts. There is also a plan to publish the source code.

The following documents describe in detail how the Swiss Post e-voting platform works. Experts in the e-voting and cybersecurity sector are the target audience.

If you have any questions, you can address them to Swiss Post at evoting@swisspost.ch.

Presentation of available documents

The Pillars of End-to-End Online Voting (PDF, 815.8 KB)Document is unavailable.
Using a table, this document succinctly describes the principal pillars of security for secured end-to-end e-voting.

Process to secure & verifiable online voting (PDF, 590.6 KB)Document is unavailable.
This document contains a graphic representation of the secured, verifiable e-voting process implemented by Swiss Post.

Swiss Post Online Voting Protocol (PDF, 956.6 KB)Document is unavailable.
This scientific article describes the protocol used by Swiss Post in its e-voting system. Firstly it presents the protocol at a high level with a generic overview of the participants and provides a symbolic and syntactic description, which could be useful for other protocols using the return codes and in order to make a symbolic analysis of the security of such concepts. The document also supplies details on implementation.

Individual Verifiability, Swiss Post Online Voting Protocol Explained (PDF, 1.3 MB)Document is unavailable.
This document is a high-level description of the individual verification of the protocol used by Swiss Post in its e-voting system.

E-voting infrastructure whitepaper (PDF, 974.8 KB)Document is unavailable.
This document describes and presents how Swiss Post has implemented a secured infrastructure for its e-voting service. The document introduces the principal security measures defined to combat cyber-attacks.

Transition to a Javascript voting client or remote e-voting (PDF, 352.5 KB)Document is unavailable.
This document presents the process for replacing client e-voting software written in Java with a client written in Javascript. In particular it displays Scytl’s experiences during the development and roll-out of its new Javascript client.

Cryptographic proof of Individual Verifiability (PDF, 620.7 KB)Document is unavailable.
A description of the protocol for the e-voting system used in Switzerland for up to 50% of the cantonal electorate.

Analysis verifiability and privacy properties for Swiss Post Voting (PDF, 640.5 KB)Document is unavailable.
A report on the automatic proof of individual verifiability and voting secrecy for the protocol using ProVerif.

Audit certificates and reports

Open collapsible container Close collapsible container

The Confederation stipulates the administrative and technical specifications for e-voting. Compliance with these specifications must be verified by external bodies during an audit. If 30% of the cantonal electorate is exceeded, certification is also required. The documents and certificates are prerequisites for the approval of electronic voting in the cantons. The final audit reports also generally cover the improvement measures implemented over the course of the audit and those yet to be implemented.

On this page you will find various audit certificates and reports concerning Swiss Post’s system.

List of documentation

Verification of the cryptographic protocol (PDF, 607.4 KB)Document is unavailable.
The cryptographic protocol describes the individual cryptographic security elements and their use. The protocol must then be analysed to ascertain whether it corresponds to the Federal Chancellery’s requirements. Mathematical evidence has been provided as proof of this. The accuracy of this proof was analysed during the verification. This link provides you with a summary of the certification inspection to enable the system to be used by up to 50% of the electorate (“50% certification”). More information on conformity of the cryptographic protocol can be found on the Swiss Post e-voting blog.

Comments relating to the verification of the cryptographic protocol:

This verification is based on the validation of proof of the conformity of the cryptographic protocol with the requirements under federal law.
On the date of the analysis, the mechanism for write-ins (votes for candidates not printed on the ballot) had not been clarified. However, write-ins are treated in the same way as the other votes which are subject to this verification.
The existence of individual verifiability is inspected for 50% certification. The necessary characteristics are set out in federal legislation. With regard to consistently maintaining voting secrecy, the protocol must be verified as part of 100% certification. The implementation of end-to-end encryption by Swiss Post was assessed during other verifications (verification of functionality).
Not all documents referenced in the report are currently public. Further documents will be released once 100% certification has been attained and the source code is published.

Verification of functionality (PDF, 608 KB)Document is unavailable. (German version)
During the verification of functionality, tests are carried out to check whether the cryptographic protocol, other security measures and user processes are implemented in the system. The end-to-end encryption which ensures voting secrecy is also audited as part of this.

Verification of infrastructure and operation (PDF, 779.4 KB)Document is unavailable. (German version)
The verification of infrastructure and operation concerns the implementation of the security requirements with respect to applications, operating systems, databases, security and network components, and the premises available for secure technical operation.

Verification of protection against attempts to infiltrate the infrastructure (PDF, 565.9 KB)Document is unavailable. (German version)
In order to test infrastructure protection, the specialists tasked with doing so attempt to infiltrate the infrastructure as part of a penetration test.