43 comments

[ 2.6 ms ] story [ 106 ms ] thread
This provides some more information [0].

Not only did Gemalto fail to notify Estonia in good time about the ROCA flaw (the discoverers of which noticed that Estonia were still issuing vulnerable cards, so notified them themselves), some cards had their private keys generated outside of the card and then inserted, rather than on-card generation. I think Estonia is to be applaued here for handling all this in a sane manner.

[0] https://dan.enigmabridge.com/estonia-hits-gemalto-again-inse...

I suppose the Estonians are partially at fault for trusting Gemalto with anything, post Snowden.
The article stipulates that the contract dates back until 2002, about 11 years before the Snowden allegations came to light. So while they could have switched afterwards, the contract may have had a longer contract period, locking them in for a while. You also can’t just switch the identity provider for your national ID system, such a move would need at least some lead time.
Nothing to do with Snowden revelations, but with RSA prime number generation. Because of a bug on the chip, primes were generated starting from numbers divisble by ten, which are way rarer than those divisble by two (pardon the extreme simplification.)

That's a hardware design error. The claim is that Gemalto failed to fullfil the contractual clauses about quickly informing the customer (the Estonian state) of the security breach, not the existance of the security breach itself.

I believe it is not a design error. It rahter sounds like an incorrectly implemented manufacturing optimisation. And in that sense close to the Volkswagen diesel-test optimisation -- compromising the reason for the RNG/exhaust test in the first place.
Seems related if they trusted an untrustworthy company to inform them.
Gemalto issues all of Sweden's forms of state ID right now, the NSA must be laughing.
The problem is mandatory blind trust in single entity, be it Gemalto or Oberthur or NSA^H^HIST. Same issue with CA-s.
Exactly, this crazy to think you can keep you sovereignty while giving to a foreign (French), NSA/CIA infiltrated (In-Q-Tel/Snowden) company the keys to all your citizens ID, moreover with internet voting. While ahead of its time, maximum caution must be taken, and the balance must be made between convenience and independence.
In fact the root cause of the flaw is in the attempt to make the keys inaccessible to any single entity by generating them on the card. This needs the card to have circuitry and software to generate RSA primes and some reliable source of entropy, both of which are somewhat non-trivial problems (as in easy to subtly screw up) in the smartcard environment.
Everyone told them you can't have secure electronic voting.
And yet, they do have it ;)
Not according to experts in electronic voting system security.
Could you provide sources for your claims?
source please. So far I've only seen "experts" hack some old 20 US voting stations that are a joke in comparison.
Independent Report on E-voting in Estonia https://estoniaevoting.org/press-release/ This is from 2014.
There are too many concepts covered by the term e-voting.

I'm sure the OP wasn't claiming the concept discussed in your link is a universally accepted as secure. That's because someone who thinks any voting method that allows a votes to be bought and sold is of course in a state of sin. Internet voting is one of those methods.

Who knows, the OP may have also not been claiming purely electronic voting is a solved problem. Opinions may vary on that one, depending on how secure you think end-to-end audited voting is in practice. If all voters took the time to do the 60 second audit procedure it would of course be perfectly secure, but that's an unrealistic assumption.

Which leaves a hybrid system - were the voting is done electronically using an end-to-end auditable system and the initial count is done electronically, but each vote is also printed and manually placed in the ballot box by the voter in the normal manner so if something goes wrong they can be manually re-counted.

If that is what the OP is talking about then they are right - such a system is faster to use, gets the counting done near instantaneously, easier to use (particularly for voters with disabilities), is more accurate (because it can point out mistakes in the vote), is less wasteful (because how to vote cards and information on candidates can be presented electronically) and of course is more secure than the existing manual system. And yes, on that the experts agree pretty much universally.

The sad thing is I only know of one electronic voting system that did it that way, and it was only a trial. All other deployed e-voting systems I've seen were mostly windows desktop's enclosed in an impressive looking box.

Some things in this world are very hard to explain.

That's a statement that applies to everything, including classic paper voting. It's never a question of whether there's absolute security, because nothing has it. It's about comparing the security and other benefits of different systems.
Not quite.

The Australian Ballot works pretty good. Private voting, public counting.

https://en.wikipedia.org/wiki/Secret_ballot

Like all systems, requires funding and attention, of course.

Comparatively...

There is no electronically mediated equivalent of the one-way hash of dropping your ballot into the box suitable for elections in the USA.

Because our ballots are complicated and our units of administration (precincts) are small. Meaning any end-to-end auditable system for hashing ballots won't generate the necessary hash collisions to hide one's ballot within the herd of ballots.

It's really hard to fake paper voting IMO.

I'm a Greek citizen. At the voting place of the city where I was born and am registered since, there are many rooms. Depending on the initial letters of your last name, you have to go and vote in a specific one. Each room has at least two randomly conscripted citizens, responsible to strike out your name from the list they have, once you drop your single vote envelope. Reminds me of the jury duty of USA citizens. Every few rooms have police officers (very possibly also randomly chosen) inspecting and protecting the procedure.

My father worked few times in voting stations in Belarus in the beginning of nineties. He was amazed how easy it would be to subvert the voting results. His observation was that especially late into counting everybody was tired and focused on the counts to the point that a person can walk to the table, grab some ballot papers and put some fake ones. I guess nowadays with video recording etc. it will be harder, but still.

What really makes the paper ballots secure is that counting fraud does not scale. It is impossible to do it on substantial number of voting stations with nobody noticing even in semifunctional democracy. With electronic voting scaling an exploit to all voting machines is straightforward.

The main problem with electronic voting is that you can't understand what the machine is doing. Source code won't help, because you don't know what is running on the machine. Source code won't help because you don't know what the compiler will do (maybe insert some extra stuff?).

Paper voting is comprehensible by everyone.

That's an illusion. People can comprehend paper voting on a source code level, in that they know what should happen in theory. No single person can even fully observe a single counting station, much less a whole election. You still end up having to trust the system.
It's not. People can comprehend paper voting on "source code level" aswell as the "compiled" version.

>No single person can even fully observe a single counting station, much less a whole election.

First is possible (just observe the person whos counting), second not, for obvious reasons that you can't be at two places at once.

> just observe the person whos counting

.. and trust the votes to all be real?

A person voting could put two votes instead of one. (It can still look like one, using the same method that's used for card tricks.) Even if you introduce extra steps, like every paper needing a stamp or something, you're still going to need to trust this stamper person. They could be in on it, and either stamp multiple or leak the stamp design.

The staff could be inserting fake votes into the ballot box before it gets counted, even without actual voters.

The counters could add votes from their sleeves, again classic card trick mechanics.

The counters can remove votes from the pile by stacking two or just sliding one off the table while also performing a distraction. Once again, classic magic trick mechanics that are used for vanishing jewelry etc.

Basically my point is that if the counting station is being staffed by magicians from Vegas, they can produce any result they want without an average person that's observing understanding anything.

Besides, at the end of the day it doesn't even matter, because one counting station is within the margin of error for the whole election.

The article doesn't mention voting. Not sure why it's relevant to Estonia's ID cards.
This is surprising. Estonia was oft quoted example of digital governance. Any ideas on how this will effect their blockchain projects?
How is this surprising? Or did you just want to mention cryptocurrencies?
Estonia had excellent digital governance before the blockchain fad so they'll handle it pretty much just fine.
They made everyone regenerate their private keys on the card recently during a short window, and those who missed it (like me) ended up with a fancy piece of paper with their name on it. Oh joy.

Just when I'd decided to use my e-Residency for something, it becomes worthless.

They're asking me to reapply for a new ID document and pay the fee all over again. I'd honestly do it, but then they can't hand it over to me in Pakistan and I'm not flying out of the country just to grab an e-Residency card when my previous one hasn't even expired yet.

I guess I'm still a bit sour over this.

I agree that they should reimburse because the flaw was not caused by you, but how did you manage to miss the massive publicity and uproar and not update your card?
I was working 60 hours a week at the time. It had come up on my radar but there wasn't enough time in my day or mental energy left at the end of it to look into it in much detail — I just thought it, like everything else in my life at the time, could wait a few more months.

By the time I looked into it, I was a month or two late.

lol if you're letting yourself so overwhelmed by work probably you'd take a second look at your work-life balance, especially if you're working in Europe, unless you're the founder/executive or something.
That was then, I'm doing much better now, though. Thank you for your concern :)
That 'short window' was some period of months, I thought. It's not cool the problem happened but sounds like you didn't consider it high enough priority to get onto it.
Yeah, unfortunately, short is relative. As I mentioned elsewhere, I was under intense work pressure at the time and everything else in life seemed far lower a priority in comparison.
Problem was not security flaw.

Problem was that Gemalto did not tell Estonia that there is security flaw.

That led to rush security fix which could have been worked on for months before not do it in weeks.