Swiss E-Voting Pilot Can't Count 2,048 Ballots After USB Keys Fail To Decrypt Them (theregister.com) 65
A Swiss e-voting pilot was suspended after officials couldn't decrypt 2,048 ballots because the USB keys needed to unlock them failed. "Three USB sticks were used, all with the correct code, but none of them worked," spokesperson Marco Greiner told the Swiss Broadcasting Corporation's Swissinfo service. The canton government says it "deeply regrets" the incident and has launched an investigation with authorities. The Register reports: Basel-Stadt announced the problem with its e-voting pilot, open to about 10,300 locals living abroad and 30 people with disabilities, last Friday afternoon. It encouraged participants to deliver a paper vote to the town hall or use a polling station but admitted this would not be possible for many. By the close of polling on Sunday, its e-voting system had collected 2,048 votes, but Basel-Stadt officials were not able to decrypt them with the hardware provided, despite the involvement of IT experts. [...]
The votes made up less than 4 percent of those cast in Basel-Stadt and would not have changed any results, but the canton is delaying confirmation of voting figures until March 21 and suspending its e-voting pilot until the end of December, while its public prosecutor's office has started criminal proceedings. The country's Federal Chancellery said e-voting in three other cantons -- Thurgau, Graubunden, and St Gallen -- along with the nationally used Swiss Post e-voting system, had not been affected.
The votes made up less than 4 percent of those cast in Basel-Stadt and would not have changed any results, but the canton is delaying confirmation of voting figures until March 21 and suspending its e-voting pilot until the end of December, while its public prosecutor's office has started criminal proceedings. The country's Federal Chancellery said e-voting in three other cantons -- Thurgau, Graubunden, and St Gallen -- along with the nationally used Swiss Post e-voting system, had not been affected.
Buy cheap shit... (Score:2, Interesting)
Buy cheap shit, get cheap shit.
If you need encryption keys and to have them portable and secure?
Two options: 1) yubikey. Use its built in features. or 2) Industrial storage. The latter uses SLC or MLC NAND Flash with nicer wear leveling provisions instead of shit-tier USB drives which may not have any wear leveling algorithm at all (let alone extra "hidden" space to help that algorithm out). QLC in the cheap USB shit is rated around 100 write cycles per cell. This can degrade exceedingly fast. I've been abl
Re:Buy cheap shit... (Score:5, Informative)
Two options: 1) yubikey.
Yubikey I would have once considered secure, but they closed the source with the introduction of the YK4 (exactly commensurate with the Snowden Revelations - Imagine that), and there's no reason I should trust them. The onus is on them to prove their product is "secure" and they're not able or willing to do so.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:3)
There's enough past evidence of state actors compromising the method used for security. Open source allows auditing. Closed source doesn't. Security should be auditable, otherwise it's not security but rather blind trust.
Re: (Score:2)
Master keys, mistakes, etc.
Re: (Score:2)
Re: (Score:1)
Re:Buy cheap shit... (Score:4, Interesting)
If you really want reliability, no flash. Proper write once, burn it into the chip ROM. You could get someone to design you a ROM key stick for not much money and you could release the specs as open hardware, which would fit will with the Swiss system's open source ethos.
Yubikey is at least EEPROM, but that does leave the possibility that it gets erased accidentally by static or on purpose and reused by idiots.
I couldn't find out what they meant by "USB key" anyway. Yubikeys are USB keys.
Re: (Score:2)
I have been using SATA SSDs and nVME SSDs for reliable Flash storage, but with Crucial leaving that market, maybe this is no longer a good option.
Companies like Swissbit and maybe Transcend make industrial or at least non-consumer grade Flash sticks.
Re: (Score:2)
I'm sure pretty much any kind of flash is actually fine for this application. But if you REALLY want to be sure, you burn it into a proper ROM chip. Can't be erased or rewritten and doesn't depend on some capacitor retaining a charge. If you decide to toss it in a safe deposit box for forty years, no problem.
Re: Buy cheap shit... (Score:2)
Do you think we can get someone to make a rom chip containing a private key, securely?
Re: (Score:2)
You'll have to specify what you mean by "securely." You can store a key no problem. You can get fancy and store an encrypted key that requires a second part (like your password) to decrypt. Or you can get really fancy and store an encrypted key in the same chip as a processor that uses the key to sign stuff so the key never leaves the chip.
Hardware keys do one or another of those things. Things like Yubikey do the last one, which is really the only one that needs extra hardware. There are a bunch of readily
Re: (Score:2)
There's a German company that uses a totally different type of cell that's low-cycle but should last a hundred years.
The cheap one is just big enough for key or two and has a serial interface and the expensive one is bigger and does the whole USB stack.
I think the serial interface stands more of a chance of being readable when I'm 90. USB seems so ubiquitous now but those parallel ZIP drives seemed perfect at the time too.
I'm going to get a few once the tariff situation gets kicked to the curb. And, no, no
Re: (Score:2)
To me the number 2048 rings a warning bell. Might not be the key itself but a number rollover issue.
Re:Buy cheap shit... (Score:4, Interesting)
I was thinking something similar. Having 2048 bad ballots seems more like a encryption key issue than a hardware failure.
Three USB keys with the same key that are unable to decode the ballot makes me think the problem is in the encryption algorithm, perhaps if bit 11 is high, the algorithm encounters a divide by 0 error or similar.
Re:Buy cheap shit... (Score:4, Insightful)
Since all 3 failed, this does not sound like a hardware problem at all.
why are vote being ENCRYPTED ? (Score:5, Interesting)
Signed? Sure, that makes perfect sense. But encrypted? Why do you even want to do that? Unless the ballot isn't anonymous and you can see who voted for which candidates, but I certainly hope you're not trying to do that?
Re: (Score:3)
it's a good point, but, arguably the result would be the same. If you can't verify the signature even for technical reasons, then you can't really use the votes.
Although certainly using a few separate signature keys and algorithms on the same doc could provide redundancy in case one of the key pairs is lost / damaged etc.
But encrypting data at rest (basically all storage) is a checkbox requirement in pretty much all security frameworks even if it's not clear exactly what that's protecting against, how t
Re: (Score:3)
You verify a signature with the public key that pairs with the private key used to sign. There is no need to keep a public key secret so no need to keep it offline on a fragile flash drive. You can and should keep the verification public keys available on the elections website available to all. Even if the private keys in the voting machine used to create the signature on the e-ballots are lost, you can still verify the signature with the widely available and corresponding replicated public keys.
Re: (Score:2)
yeah, that's a good point. Presumably the public keys in that case should be published ahead of time to prove there was no key swapping shenanigans.
Though in this case it seems the issue is something beyond losing the key anyway since the likelihood of the three independent copies all getting corrupted is pretty small.
What is the Security Architecture? (Score:4, Insightful)
I am not familiar with it, and I assume that so are you. So, fantasies...
There might be nonces or other tokens attached to a vote that must remain secret (proof of voting only once, etc.). Another use of encryption is avoiding claims along the lines "The results published by authorities are false! Here is the true copy which cannot be validated because dem computors are broken! But everyone knows that the copy is REALLY TRUE!" With the present system, if dem computors are broken, there cannot be any alternative results.
The architecture, BTW, must be a public knowledge, otherwise it cannot be trusted. I believe that you can find it somewhere if this is a matter of interest to you.
Re: (Score:2, Insightful)
The architecture, BTW, must be a public knowledge, otherwise it cannot be trusted.
Tom Scott has covered this [youtube.com] before:
The system needs to make sure your vote is securely and accurately counted, sure. But it also needs to be obvious to everyone, no matter their technical knowledge.
And this excludes any computer "magic". It is fundamentally impossible [cmu.edu] to trust and verify a computer system in that way. All security experts agree that electronic voting is a horrible bad idea [schneier.com].
The only reasonable way to involve computers is to do OCR counting. That way the computer is just a much faster counter where humans can reproduce or substitute at any point.
Re: (Score:3)
It is fundamentally impossible [cmu.edu] to trust and verify a computer system in that way.
Nope, it is not. This is an outdated and old view, and nothing "fundamental" was ever proven. This here is the actual state-of-the-art: https://arxiv.org/abs/1004.553... [arxiv.org]
What it actually is, is a lot of effort.
Re:why are vote being ENCRYPTED ? (Score:5, Informative)
Signed? Sure, that makes perfect sense. But encrypted? Why do you even want to do that? Unless the ballot isn't anonymous and you can see who voted for which candidates, but I certainly hope you're not trying to do that?
You need to do that to preserve confidentiality of the vote. Nobody except the voter should know how they personally voted. Furthermore, nobody should know how the votes are being cast until tallying officially begins.
What they do is they authenticate the user to make sure they are eligible to vote, but the ballot is submitted end-to-end encrypted from the voter's device. The system that receives the ballot knows the user is eligible to vote, receives the user's ballot, but cannot read the ballot's content.
The ballot can only be decrypted by the tallying authority and the decryption is performed only after the tallying can officially begin. This means nobody knows how a particular voter voted and nobody knows how the vote is going in advance.
Re: (Score:2)
My point was that it should NEVER be possible for ANYONE to determine how an individual voted. I don't care if you promise to encrypt it. That information shouldn't be stored anywhere, in any form, encrypted or otherwise.
So if THAT'S their reason for encrypting it, people need to take a step back and think about the reason.
Re:why are vote being ENCRYPTED ? (Score:4, Informative)
My point was that it should NEVER be possible for ANYONE to determine how an individual voted. I don't care if you promise to encrypt it. That information shouldn't be stored anywhere, in any form, encrypted or otherwise.
So if THAT'S their reason for encrypting it, people need to take a step back and think about the reason.
What is encrypted is the ballot, so e.g. "yes" or "no" if that are the available choices. The ballot does not contain any identifiable information.
By decrypting the ballot they would be able to know whether it contains "yes" or "no", but they would still be unable to know who cast that particular yes/no.
Re: (Score:2)
At a very low point of activity you can always determine it, though. If you can swap out USB keys before and after a single person votes, then the swapped key contains only one vote. When you decrypt it you'll know how that one person voted.
Re: (Score:3)
At a very low point of activity you can always determine it, though. If you can swap out USB keys before and after a single person votes, then the swapped key contains only one vote. When you decrypt it you'll know how that one person voted.
Sure, but technically you can do with a physical box too... In e-voting they employ mechanisms to avoid that kind of tracking before tallying, e.g. mixnets. [swisspost-digital.ch]
The mix network is the basis for the complete verifiability of Swiss Post’s e-voting system. It consists of mixers that mix and re-encrypt the votes after the electronic ballot box has been closed on the Election/Voting Sunday. The mix network prevents the individual and the vote they have cast from being linked to each other and ensures that voting secrecy is protected. Additionally, the mix network provides evidence that no votes were changed, deleted or added. The algorithms used in the mix network are available in the published open-source library of cryptographic primitives. Swiss Post has completely rewritten these algorithms. Swiss Post’s e-voting system is based on the Bayer-Groth mix network.
Re: (Score:2)
And we can do that. The counts are encrypted using homomorphic encryption. You know, the thing Intel just announced they have acceleration for.
You know what we can do with it? We can have
Re: (Score:2)
Before that, local elections would often be held in the town s
How required is "in progress not known"? (Score:2)
Sure, I can see how for most typical voting (winner takes all, after picking 1 answer) people about to vote might adjust their vote based on current results. Lets ignore situations like the US where different states seem to announce their own results at different times (which already breaks this goal).
But ranked choice systems should negate any benefit of doing so, right? No need to manipulate the positions of entries hoping not to "waste" your vote. They keep removing the worst off candidate, and swap w
Re: (Score:2)
Sure, I can see how for most typical voting (winner takes all, after picking 1 answer) people about to vote might adjust their vote based on current results. Lets ignore situations like the US where different states seem to announce their own results at different times (which already breaks this goal).
But ranked choice systems should negate any benefit of doing so, right?
It would not negate e.g. the bandwagon effect [wikipedia.org].
The bandwagon effect can take place in voting: it occurs on an individual scale where a voters opinion on vote preference can be altered due to the rising popularity of a candidate or a policy position. The aim for the change in preference is for the voter to end up picking the "winner's side" in the end. Voters are more so persuaded to do so in elections that are non-private or when the vote is highly publicised.
Re: why are vote being ENCRYPTED ? (Score:2)
It probably tries to mimic a real ballot where the votes are unknown until someone opens the ballot box and starts counting.
In reality, both encryption and signing should be used to achieve anonymity (until counting time) and integrity.
Re: (Score:2)
These are votes, not elections. They are on numerous issues. And why encrypted? Because the law requires it?
So no one tested it? (Score:2)
Er.. that's a very suspicious number (Score:3)
That exact number of failures is very suspicious and makes me wonder if something else is going on
Re: (Score:3)
2^11 is certainly a "convenient" number.
makes me wonder if the voting sample was much larger, and some weird bug trashed the first 2^11 votes somehow. Maybe the first block of a file got corrupted or something like that?
Re: (Score:2)
Yep. Any IT guy worth his salt would spot that and conclude that the process failed long before it reached the USB.
I'm guessing the IT contractor is busy inventing a bullshit excuse. I don't know the specific excuse, but I guarantee it'll have one or more of these words: hackers or China or Russia or dark net.
Re: (Score:2)
Probably just some Swiss administrative incompetence at work. Yes, even the Swiss have incompetent people.
E-voting in Geneva (Score:5, Insightful)
The Canton of Geneva used to have e-voting for citizens abroad. I don't know how secure it was, but it was really convenient.
Voting is handled by the cantons, and I don't think all of the cantons offered electronic voting. This meant that citizens from Geneva who lived abroad could vote electronically but citizens of Ticino (for example) who lived abroad could not.
Geneva scrapped it a few years ago. I don't think anyone else has it anymore, outside of this pilot, but I could be wrong.
For those who don't know, Switzerland votes several times per year in nation-wide referendums, in addition to the normal elections for political offices. It's interesting to see the kinds of questions that are put to everyday citizens. The questions often come from everyday citizens and sometimes try to make radical changes to things.
The cantons send mail-in ballots to citizens abroad. Between the transit abroad and then back to Switzerland, I wonder how many overseas ballots actually make it back in time.
Re:E-voting in Geneva (Score:4, Informative)
Between the transit abroad and then back to Switzerland, I wonder how many overseas ballots actually make it back in time.
It's estimated that about 1/4 of the voters abroad have issues [swissinfo.ch]. It's one of the main reasons e-voting is being pushed.
USB failed, or decrypt failed? (Score:3)
The article doesn't make it clear if the drives containing the key failed (all of them), or if the decryption failed. Assuming the drives agree on the content of the encryption key, it sounds more likely that the *en*cryption key was incorrectly specified, or the vote data was corrupted such that it cannot be decrypted. Or perhaps someone swapped the data during transportation and this is a feature-not-bug.
Perhaps the encryption step itself failed. (Score:3)
Re: (Score:2)
Not at all. Very likely the data was simply organized into blocks of that size.
2048... interesting number in computing.. (Score:1)
2048... interesting number in computing.. 2k
Test first. Print out the key. (Score:3)
As QR code on paper. Twice.
Hope they learn their lesson.
To Err is Human (Score:3)
To really foul things up requires a computer.
Paper ballots... #2 pencil... Humans counting. There, all fixed.
Re: (Score:2)
Watermarked serialized paper ballots, voter ID and same day voting
And use a black pen, not something erasable.
Re: (Score:2)
Paper ballots... #2 pencil... Humans counting. There, all fixed.
Yeah, because no election in history, with paper ballots counted by people, has ever gone wrong.
Re: (Score:1)
2048 sounds like a bug too (Score:2)
2048 votes collected sounds fishy too, 2K in binary. I wonder if more than 2048 votes were collected but a bug only accounted for 2K of them.
Re: (Score:2)
This is simply "2048 of the votes collected". Probably some "AI" translation missing important detail because the original text (but not its headline) is a bit ambiguous.
There's an easy fix here (Score:1)
Computer scientists confirm it: (Score:5, Insightful)
Paper and glass boxes is the best technology for voting. It's easy to spoof, but it's also easy to detect when someone is spoofing the result.
The most essential property of a voting process is that anyone can understand how it proceeds, and with digital voting you need to rely on techno priests reviewing that everything went as intended. That's not secure, no matter how complex cryptographic algorithm you create to avoid tampering.
Re: (Score:2)
e-voting pilot, open to about 10,300 locals living abroad and 30 people with disabilities
You just missed the part that says e-voting is aimed at people who can't physically access the polling places.
USB keys are not the problem (Score:2)
2048 is suspicious (Score:1)
2048 is a suspicious number of votes not to be able to count...
I guess (Score:2)
Like many things, it needs to be formatted in FAT32 nor NTSC.