Cloud infrastructure, biometric ID could be used by NSW’s iVote system

The New South Wales Electoral Commission (NSWEC) is eyeing potential changes to its iVote platform ahead of the NSW’s 2019 election.

iVote offers both browser-based Internet voting and telephone voting. It was used in the 2011 and 2015 NSW state elections, and as well as in the 2017 Western Australia election and a number of by-elections.

The NSW budget, handed down in June, included funding for improvements to iVote.

The state’s electoral commission has yet to release a request for proposals or sought formal tenders. However begun an industry engagement process seeking to understand “the current market in the field of electronic voting, focused on exploring existing solutions and understanding the possible improvements that could be brought to the iVote system for the 2019 NSW State General Election and future election needs”.

There have been two versions of iVote, with the second built by Scytl in partnership with the NSW EC for the 2015 NSW election.

The current system has three major parts: A registration and credential management system, both developed by the electoral commission; the core voting system purchased from Scytl; and a telephone system built by the NSWEC that allows the verification of votes.

The NSWEC says that the functionality of the components may change in the next version, but its current procurement strategy assumes that the three parts will be part of the final design of the next version of iVote. The commission says that where possible, its preference is the use of off-the-shelf software.

The electoral commission’s industry engagement document seeks information on a wide range of areas, with the NSWEC seemingly open to significant changes in the next version of its eVoting platform.

For example, it seeks information on the management and distribution of voter credentials, including the possible use of channels such as SMS messages, custom apps, WhatsApp and iMessage.

It is also interested in the authentication of votes using conventional methods “as well as possibility of using other means such as biometric”.

New hosting infrastructure will be required for the iVote system, the commission has revealed.

Currently the registration system is hosted in the NSW EC’s data centres, while the core voting system is delivered out of the state government’s GovDC data centres under a contract with Secure Logic, and the verification component is hosted by AC3 in its data centres.

Along with other agencies, the commission is migrating from its own data centres to the GovDC facilities.

In the future the registration system is likely to be delivered out of the GovDC data centres, but the core voting system will have to be hosted elsewhere to maintain separation of systems. Verification could also potentially be hosted outside of GovDC.

With regards to future hosting arrangements, the electoral commission says it is interested in industry views on “the use of cloud based infrastructure and dedicated infrastructure”.

The commission is hosting workshop sessions for potential suppliers this month.

The robustness, privacy and verification method of iVote have previously been challenged.

In 2015, cyber security researchers uncovered a vulnerability in iVote that could potentially be exploited to stage man-in-the-middle attacks to subvert votes.

“We found a serious security hole that exposed the browsing session both to an attack called the FREAK attack and another attack called the Logjam attack,” one of the researchers, Dr Vanessa Teague from the University of Melbourne, last year told the hearing of a NSW parliamentary inquiry.

Both attacks involved intercepting code on its way from a third party service into the voter’s browsing session and allowed an Internet-based man-in-the-middle attacker to subvert the voter session entirely, expose how the person intended to vote, and send in a different vote back to the electoral commission, the researcher said.

“None of this would have looked untoward at the electoral commission end – it would have looked exactly like a valid vote from an eligible voter,” she added.

“In fact, it would have been a valid vote from an eligible voter – it just wouldn’t have been that one that that voter intended to cast.”

Earlier this year a Victorian parliamentary inquiry backed the roll out of Internet-based voting for state elections, but only in limited circumstances.