Moscow, the capital of Russia, has created a blockchain-based voting system back in 2017. Initially, the system was used in order to vote on several topics that affected the city administration. Now, however, the residents will be able to vote on municipal elections using it. Great, right? Well, not so much when you consider the opinion of Pierrick Gaudry.
Gaudry is a French cryptography expert who worked for governmental institutions. He recently looked at the system, which is based on Ethereum (ETH) and has concluded that the code is
“completely insecure”.
According to him, someone with the necessary logic could crack the defenses of the program in 20 minutes using a normal computer. The issue, he affirmed, was not with Ethereum, which is far from easy to hack, but with the encryption system used by the creators of the program.
Gaudry’s main problem with the choice is that the encryption is way too short and flawed. The system, which is based on a program called ElGamal, is less 256 bits long, which is generally considered the ideal.
The city affirms that the system will be used in the upcoming local elections and that the voters will have their identities and details preserved. Gaudry disagrees. He said that a potential hack could expose people and anyone could see in who they voted, as well as their personal details.
Fortunately, the team posted the code on Github exactly to make sure that, if someone could crack it, they would before the elections. Gaudry has already contacted the team, which is aware of the issues. They promised to upgrade the cryptographic system to at least 1,024 bits soon as a response to the criticism.
