First disclosure made under the Scytl Online Voting Source Code Review Program, a program to allow source code reviewers to report findings associated with the iVote® source code used in New South Wales.
Scytl thanks reviewers for their interest in reviewing Scytl source code, used by the NSW Electoral Commission in the 2019 election as part of the iVote®
Scytl published key components of the iVote voting system source code on the 30th of July to allow independent researchers to review it and to improve it by finding and communicating any vulnerabilities or other weaknesses that may be found. To date over 60 people have chosen to participate in the program.
Scytl thanks Vanessa Teague, Associate Professor at the University of Melbourne’s School of Computing and Information Systems, for participating in the Scytl Online Voting Source Code Review Program and for reporting her finding to Scytl via the responsible disclosure reporting procedure.
Her report, entitled “Faking an iVote decryption proof” has resulted in an update of the documentation related to the iVote system.
“The publication of the source code is part of Scytl’s commitment towards transparency and continuous improvement. I’m pleased that Associate Professor Teague has chosen to participate in the program supplying a paper to Scytl and the New South Wales Electoral Commission explaining in detail her finding.” said Sam Campbell, Scytl General Manager for Asia-Pacific.
The Scytl Online Voting Source Code Review Program is available to those who register in accordance with the terms and conditions at https://www.scytl.com/en/AccessiVote2019.
For further information contact:
John McClymont, Daylight Agency
T: 0432 327 257
iVote® is a registered trademark of NSWEC