Moscow used the blockchain to vote for the election, was cracked in 20 minutes and won $15,000 in prize money.

A French security researcher has found a serious loophole in the blockchain-based voting system, and Russian officials plan to use the system in the 2019 Moscow Duma elections in September 2019.

Pierrick Gaudry, a scholar at Lorraine University and a researcher at INRIA (French Institute for Digital Science), found that he could calculate the private key of the system based on the public key of the voting system. These private keys are used together with the public key to encrypt the user votes in this election.

It takes only 20 minutes to crack the Moscow blockchain voting system.


Gaudry blamed this problem on a variant of the official EIGalal encryption scheme used in Russia, which uses an encryption key that is too small to be secure. This means that modern computers can crack the encryption scheme in a matter of minutes.

Gaudry mentioned in a report released earlier this month: "With a standard personal computer, and using only publicly available free software, you can crack the system in 20 minutes."

He added: "If these (private keys) are known, any encrypted data can be decrypted as quickly as they are created."

As for what an attacker can do with these encryption keys, it is not known that due to the fact that the voting system has no English version, Gaudry is unable to conduct further investigation.

The French researcher said: "Before you have read the agreement, it is difficult to accurately say the consequences, because although we believe that it is still unclear, this method for encrypting voters weak encryption. For the attacker, how easy it is to get the corresponding relationship between the vote and the voter."

“In the worst case, anyone who uses the system can know the vote when they complete the vote.”

The first such system


The blockchain voting system in Moscow is the first such system. It was developed in-house by the Moscow Information Technology Department and operates on the Ethereum blockchain platform in the form of a “smart contract”.

The voting system is scheduled to go live on September 8 and will run for 12 hours, in sync with the official voting time.

Once deployed on election day (September 8th), residents of Moscow can vote through the Internet, mobile phones or home computers and encrypt their votes on the public Ethereum blockchain.

This Internet-based and blockchain-based voting system is not limited to people traveling abroad and having limited mobility. The system is available to everyone who pre-registers, which means that the system has the potential to attract people who don't usually vote.

When the system was deployed in September 2019, Moscow's Internet voting system would be the first block-based, legally binding system, not just for limited testing.

Moscow official commitment to solve this problem


Since the Moscow official published its source code on GitHub in July and asked security researchers to test it, the French scholar was able to test the upcoming blockchain-based voting system in Moscow.

After Gaudry's discovery was announced, Moscow's information technology department promised to fix the problem in the report, namely the use of weak private keys.

The spokesperson said in an online response: "We absolutely agree that the private key length of 256×3 is not secure enough. This implementation is only used during the trial period. After a few days, the length of the private key will be changed to 1024."

Gaudry found that Moscow officially modified the EIGamal encryption method to use three weaker keys instead of one, and could not explain why the information department chose this approach.

The French researcher believes: "This is a mystery. The only possible explanation we can think of is that the designer thinks this can make up for the key size that is too small for the prime number involved. But three prime numbers with a length of 256 bits and one The prime number of 768 bits is really different."

However, according to Gaudry, a 1024-bit key may not be enough. He believes that the official should use at least one of the 2048-bit keys.

This design decision also confuses Chris Roberts, chief security strategy officer at Attivo Networks.

Roberts said: "What is the reason for the developers of the platform to choose a weak-length key first is obviously a problem. Is it lack of knowledge and understanding? Or just to get the fastest speed and efficiency or something else?"

"The American system can learn a lot from Russia."

He added: "There is a good aspect for this. Moscow allows others to view, research the code and then help them improve their security."

In addition, the Moscow official has also approved a monetary reward for Gaudry, according to the Russian news site Meduza, Gaudry will receive 1 million rubles, about 15,000 US dollars.

According to a report released in July, Gaudry received a reward close to the Moscow government's highest award for the hole hunter, but when the code was placed on GitHub, the promised reward was 1.5 million rubles ($22,500).

Roberts said: "The US system can learn a lot from this system in Russia." He refers to the excessive and growing pain that the United States has recently experienced in trying to protect the security of its electronic voting machines.

These growing pains are mainly from voting machine suppliers who refuse to engage with the cybersecurity community, and the Moscow government has no problems in this regard.

This closure of the electronic voting machine and election system used in the United States is precisely why Microsoft recently announced the opening of a new technology on GitHub to protect the security of electronic voting machines.

Author | Catalin Cimpanu
Translation | Yao Jialing

Source: blockchain outpost