In Switzerland, e-voting means voting online via the internet. The Confederation and the cantons have been conducting trials with e-voting for more than 15 years as part of the ‘Vote électronique’ project. A significant number of voters have been able to cast their ballots online in National Council elections and in popular votes on federal proposals. In over 300 trials to date, a total of 15 cantons have allowed certain groups of citizens to vote online. Up to two-thirds of voters in cantons where online voting is possible have chosen to make use of the e-voting option.
The Confederation and cantons have followed the principle of ‘security before speed’. In Switzerland, e-voting is only permitted if strict requirements under federal law are met. The key security element is verifiability. Currently, systems with individual verifiability are being used.
A completely verifiable system will be available starting from 2019.
Certification, the publication of the source code of the systems and the conduct of public intrusion tests are required before systems with complete verifiability can be used.
Under the following links, the federal legislation on electronic voting can be found. Further information is available on the German, French and Italian versions of this website.
Independent review Swiss Post system 2019
Following the publication of the source code in February 2019, researchers have uncovered significant security flaws in the new, fully verifiable, system provided by Swiss Post. One of the security issues relates to individual verifiability and thus to the system already used. As a result, the system was not available for the vote on 19 May 2019.
Subsequently, the Federal Chancellery has announced its intention to review the current situation, including an assessment of the certification and authorization procedures. It has also commissioned an independent review of Swiss Post’s individually verifiable system. Below are the three final reports of the external experts.
Members of the e-voting research group at the Bern University of Applied Sciences BFH (Philipp Locher, Rolf Haenni, Reto E. Koenig): analysis of the cryptographic implementation of the Swiss Post voting protocol
Vanessa Teague (The University of Melbourne, Parkville, Australia) and Olivier Pereira (Université catholique de Louvain, Belgium): analysis of the cryptographic protocol and its implementation according to the system specification
At its meeting on 26 June, the Federal Council decided to provisionally forgo introducing electronic voting into regular operation. In the consultation on the planned amendment to the Political Rights Act, the majority of respondents generally expressed support for e-voting, but considered its introduction into regular operation to be premature. In addition, the Federal Council commissioned the Federal Chancellery to amend the general conditions for future trials.
The e-voting system operated by Swiss Post will not be available for the vote on 19 May. Following the recent public intrusion test the Federal Chancellery will be reviewing the licensing and certification procedures for e-voting systems.
Researchers have uncovered a significant flaw in the new e-voting system of Swiss Post. The flaw concerns the system offering universal verifiability, which is currently undergoing a public intrusion test. It does not affect the system already being used in four cantons. The flaw does not allow the system to be intruded. The Federal Chancellery has urged Swiss Post to take appropriate measures to prevent such flaws.
Swiss Post is making its future e-voting system available for a public intrusion test from 25 February to 24 March. The e-voting system is the first Swiss system that can be fully verified. Interested hackers from all over the world are welcome to attack the system. In doing so, they will contribute to improving the system’s security.
