March 29, 2024

Vulnerability found in online constitutional voting system

The encryption scheme in the system made it possible to decrypt the votes of the voters before official counting.

INblockchain online voting systemamendments to the Constitution of the Russian Federation found vulnerability, writes Medusa. The encryption scheme in the system made it possible to decrypt the votes of the voters before official counting. She used identical ciphertexts with the same parameters: the sender and recipient generate a shared key, suitable for both encryption and decryption of the message.

For this, it was enough for the voter to saveprivate key generated in the browser on the e-newsletter page. In this case, says Meduza, it was possible to decrypt the voice before the official counting and publication of the private key of the election commission.

June 25th in the electronic surveillance systemvoting on amendments to the Constitution of the Russian Federation failed. Within 12 hours, new data did not appear in extracts from the blockchain system, although this should happen every half hour. Artem Kostyrko, head of the smart project management department of the Moscow Government, acknowledged the malfunction, but emphasized that it could not be called a serious malfunction.

</p></p>