Skip to main content

Posts

Showing posts from May, 2022

Finding vulnerabilities in Swiss Post's future e-voting system - Part 2

Earlier this year I published the Part I of this series of blog posts on vulnerabilities in Swiss Post's future e-voting system. That publication comprehensively explains the context, methodology and attack surface for the Swiss Post e-voting system, so it is highly recommended to go through it before reading this post, if you're really interested in getting the whole picture. This second round of bugs (reported during December '21 and January '22 ) includes multiple cryptographic vulnerabilities and a deserialization issue.   For me, the most interesting issue is ' #YWH-PGM2323-65 ', not only because it would have prevented ballot boxes from being decrypted during the tally phase, but also due to the potential design weaknesses that I'm coming across as a result of its analysis.  Let's briefly discuss the reported issues before going into detail: ID Title Reward (€) Attack Surface Areas* CVSS #YWH-PGM2323-53 Multiple unchecked length values during Saf