If you suspend your transcription on amara.org, please add a timestamp below to indicate how far you progressed! This will help others to resume your work!
Please do not press “publish” on amara.org to save your progress, use “save draft” instead. Only press “publish” when you're done with quality control.
The Norwegian e-vote project started in 2008, and was used for live election trials in 2011 and 2013. By using cutting-edge cryptography and committing to a high degree of openness in all parts of the execution, the project aimed to overcome public concerns about security risks and lack of verifiability.
To promote security, the entire voting system was implemented using a complex and verifiable cryptographic protocol, with no assumed trust between different system functions. To promote openness, the entire election system source code is publicly available, as well as most project documentation. The voting system would published the SHA-256 hashes of encrypted ballots on GitHub every hour, and detailed instructions were provided to voters on how to verify that their vote had been submitted.
In the run-up to the 2013 elections, the author audited the cryptographic Java implementation of the back-end election system, making a number of surprising findings. During the actual elections, a major encryption bug was discovered in the Javascript frontend code, potentially revealing the preferences of a large number of voters.
Most hackers and cryptographers are highly sceptical of Internet voting, due to legitimate security concerns. Even so, insufficient technical security, or even the perception of such, does not appear to be a main reason for why the project was discontinued.
The aim of this talk is twofold. First, we shall look at Norway's Internet voting project in its social and political context, highlighting the reasons why it came to be, and some of the key forces shaping the project throughout. Secondly, we discuss the findings, experiences and lessons learned from attempting to audit a large, public, complex and security-critical code base.