Flaw in NSW’s iVote platform confirmed by researcher
- 14 November, 2019 14:08
A security researcher has confirmed that the version of New South Wales’ online voting platform, iVote, employed during the 2019 election contained a vulnerability that potentially allowed the creation of false decryption proofs for ballots.
Vanessa Teague, an associate professor at the University of Melbourne, has released a paper outlining the iVote flaw, building on previous work of hers in collaboration with Sarah Jamie Lewis from the Open Privacy Research Society, and Olivier Pereira from Université catholique de Louvain.
One of those flaws would have allowed, in some circumstances, an attacker to create a false decryption proof that would pass the verification process despite being different from the original plaintext ballot cast by a voter.
“Based on its assessment of the information supplied by these academics, the NSW Electoral Commission is confident that the new issue they describe in the Swiss Post system is not relevant to the iVote system,” a statement issued by the NSW Electoral Commission at the time said.
However “that assessment was incorrect,” a new paper (PDF) issued by Teague states. “iVote’s decryption proof and verification specification are slightly different from those of the SwissPost system, but the same attack can still be performed after a slight modification.”
Teague said her analysis was based on the iVote protocol described by Scytl, and she is yet to inspect the code itself. Teague is a participant in the NSW Electoral Commission’s iVote source code scrutiny program. The researcher said she provided an earlier version of her report the commission and Scytl 45 days before she published, in line with the source code access agreement.
“Scytl thanks Vanessa Teague, Associate Professor at the University of Melbourne’s School of Computing and Information Systems, for participating in the Scytl Online Voting Source Code Review Program and for reporting her finding to Scytl via the responsible disclosure reporting procedure,” a statement from the software vendor said.
Teague’s report “has resulted in an update of the documentation related to the iVote system,” the statement said.
“The publication of the source code is part of Scytl’s commitment towards transparency and continuous improvement,” said Sam Campbell, Scytl general manager for Asia-Pacific.
“I’m pleased that Associate Professor Teague has chosen to participate in the program supplying a paper to Scytl and the New South Wales Electoral Commission explaining in detail her finding.”
The NSW Electoral Commission’s director of election innovation, Mark Radcliffe, said he welcomed Teague’s work. “There is no indication of any interference with the iVote system at the recent State election or at any other election where the iVote platform has been used,” Radcliffe said in a statement provided by the commission.
The NSW Electoral Commission is “implementing an improved version of the proof, as provided last month by Scytl, the code developer, which will address the issue raised in the report”.
“A number of other improvements to the iVote system are also being considered as part of our commitment to continually improve verifiability, security and useability,” Radcliffe said.