One of the world's leading security organizations has overturned the results of its annual leadership election after an official lost the encryption key needed to unlock the results stored in a verifiable and privacy-preserving voting system.
International Association for Cryptological Research (IACR) said on Friday that votes were cast and counted using HeliosAn open source voting system that uses trusted cryptography to count and tally votes in a verifiable, confidential, and privacy-preserving manner. Helios encrypts every vote in a way that ensures the secrecy of every vote. Another cryptography used by Helios allows each voter to confirm that their ballot was counted fairly.
“An honest but unfortunate human error”
According to the association's bylaws, the three members of the election commission act as independent trustees. To prevent the two of them from colluding to rig the results, each trustee keeps one third of the cryptographic key needed to decrypt the results.
“Unfortunately, one of the three trusted parties has irretrievably lost their private key, an honest but unfortunate human error, and is therefore unable to calculate their share of the decryption,” the IACR said. “As a result, Helios is unable to complete the decryption process and it is technically impossible for us to obtain or verify the final result of these elections.”
To prevent such an incident, IACR will adopt a new private key management mechanism. Instead of requiring all three pieces of private key material, elections will now only require two. Moti Jung, a trustee who was unable provide his third of key materials, resigned. He will be replaced by Michel Abdallah.
IACR is a non-profit scientific organization dedicated to research in cryptology and related fields. Cryptology is the science and practice of designing computing and communications systems that remain secure in the presence of adversaries. The partner is holding new elections, which began on Friday and will last until December 20.
