Bug in Moscow’s Blockchain Polling System Can Reveal How Users Voted: Report
The vulnerability allowed users votes in the recent constitutional poll to be decrypted, Russian journalists found.
A vulnerability in a blockchain-based system used in Russia's recent poll meant users' votes could be decrypted, journalists found.
On Wednesday, the final day of a vote on constitutional amendments, Russian media outlet Meduza published research showing the keys for decrypting votes could be retrieved using the HTML code of the electronic ballot.
Over the past week, the country has voted to approve or reject changes to Russia’s constitution, the most striking of which eliminated the two-term restriction for presidents in office, effectively allowing Vladimir Putin to run for reelection until 2036.
In two parts of the country, Moscow and the region of Nizhny Novgorod, people had an option to vote electronically. Their votes were recorded on Exonum-based blockchain system created by Moscow’s Department of Information Technologies with the help of Kaspersky Lab.
According to Meduza's findings, votes had been encrypted using the TweetNaCl.js cryptographic library. This provides a deterministic algorithm, meaning that with similar input data, the system generates the same cryptographic key, which is used for both encoding and decoding the vote.
As such, Meduza said it was able to find the two keys that were universally used to encode the “yes” and “no” votes. This allowed its team to decode the voting data, which was being published in CSV files by the Department of Information Technologies as the voting proceeded.
Such transparency was intended to help independent observers to check the correctness of the vote count, but can also be used to check how particular people voted – bringing the threat that they may be pressured to vote a certain way in future polls, Meduza wrote.
The BBC has previously reported that city-owned companies in Moscow had been forcing their employees to register for electronic voting and even share credentials for their accounts with supervisors.
The Department of Information Technologies’ representative Artyom Kostyrko commented on Meduza’s report Wednesday, saying people can only decode their own votes on their own devices. That contradicted Meduza's report, which said it’s possible to decode any vote using the same cryptographic keys.
The department’s press office did not respond to CoinDesk’s request for comment by press time.
Kaspersky Lab’s press representative, Olga Bogolyubskay, told CoinDesk the company has nothing to add to the official comment by the department, but did say it has been providing “expert support to the Moscow Department of Information Technology,” along with other companies.
STORY CONTINUES BELOW
“We have expertise and significant experience in ensuring the security and transparency of mass online voting using blockchain technologies through our Polys platform,” Bogolyubskay added.
Meduza's report is just the latest security concern with the voting system. The Department of Information Technologies reported Friday an “observation node” had been attacked while the constitutional vote was underway. However, according to independent elections observers in Russia, there is no technical way to connect to the blockchain from the outside, as it ran entirely on the department’s servers.