Following the recent publication of Swiss Post’s media release, part of its content appears to have been misinterpreted, resulting in third parties stating that the vulnerability identified by the group of researchers had already been acknowledged by Scytl in 2017 without being acted upon.
In 2017, Scytl’s team of researchers actually started implementing a verifiable random generator (FIPS 186 algorithms) to generate the commitment parameters of the Mixnet in a verifiable way, as required to achieve universal verifiability. This can be checked in the source code published by Swiss Post: “calculateGenerator_FIPS186_3_Verifiable” class located at cryptolib/cryptolib-elgamal/src/main/java/com/scytl/cryptolib/elgamal/encrytionparams/EncryptionParameterGenerator.java.
However, an undetected gap in the specifications resulted in the Mixnet being implemented to use a standard random generator instead of the FIPS 186 verifiable one. This is the gap identified by the researchers and, therefore, it is by no means a “naïve interpretation” of the cryptographic protocol. The Mixnet implementation has been updated and the modified source code will be applied with the next regular release.
As mentioned in Scytl’s previous statement, the objective of the source code access program is to identify any potential vulnerabilities in a transparent manner and, thanks to the support of experts and the research community, work hand in hand to enhance the security of our electoral system.
