Auditing the Swiss Post E-voting System: An Architectural Perspective
Bryan Ford
Swiss Federal Chancellery –
Independent examination of Swiss Post system 2021
Scopes 1, 2 and 3 Final Report –
April 4, 2022
Abstract:
Switzerland is one of the few countries globally that has a national program
for electronic voting (E-voting), which has been evolving in several stages for
well over a decade. For the past several years, the program’s most recent stage
has focused on introducing strong cryptographic verifiability into the system,
together with security features such as trust splitting and a software
implementation open to public inspection. Although multiple system providers
have participated in the E-voting program in the past, currently the only
active provider is the SwissPost.
This report represents the author’s analysis of the Swiss Post’s E-voting
system as part of an audit that commenced in 2021. This author’s primary role
in this audit was to examine the overall architecture of the system from a
high-level systems-security perspective, and to study how all the elements of
the system fit together to implement an “end-to-end” electronic voting process.
Audit report:
PDF