π π β 8530092
β· I.e. 0b100000100010100010101100: for all primes π β€ 23,
TestBit(π π, π) = true
if π β€ 23 then
β· Quick check for small values, simpler and faster
than testing equality on each option
return TestBit(π π, π)
end if
if Β¬TestBit(π, 0) then return β₯
β· I.e. π is even and, as per line 2, π > 2 thus composite
end if
And it indeed is a bug. The function guarantees to return false βif the number can be determined to be compositeβ and true for all primes, so it should err in only one way.
I would further improve the code by having it shortcut for all primes smaller than 31 (adding 29 and 31) or 63.
For context: Switzerland doesn't have evoting. This is just some big company trying to re-sell a evoting system to the government. It has been in the news a few times, due to software and cryptographic quality issues.
I would be very weary of changing such constants as this
19 should have been tested by a lookup table, there's no need to apply such heavy test to it
However, by changing that constant (if not properly verified) I'd worry it might change the primality test for some classes of numbers. Where this might be later manipulated to produce a weak key
I think you're misunderstanding the constant: it is only used for small numbers (β€ 23), which are tested with a lookup table, and the constant is itself that lookup table. The test for small numbers is literally just checking a bit, so is not heavy at all.
They intended to do 2^2+2^3+2^5+2^7+2^11+2^13+2^17+2^19+2^23 = 9054380, but they accidentally left out 2^19, and got 2^2+2^3+2^5+2^7+2^11+2^13+2^17+2^23 = 8530092.
Could someone explain why they've used a constant sp instead of hardcoding the primes? How was it created, did someone manually hardcoded the bits then converted into a number?
It is brain dead but this is old code from what I recall. We do not have e-voting at this time although the Post which outsourced this first nightmare of a version is still trying to push for it.
I highly doubt we will see e-voting here until there is a verifiable proof that it is verifiable. There was a lot of bad press about this and people don't trust this crap.
They tried a similar thing for E-ID which was supposed to be built by some private cooperation and run on some centralized servers. The people voted against it and now the government has done the right thing and is building an E-ID system that is decentralized and government run. It still has some quirks but it's going in the right direction.
The sad thing is for the governments first version (outsource to private industry) their claim at the poles was that it would take many years for an E-ID if we don't do it this way. Now only 1 year later we have a very good proposal. There is too much corporate interest pushing around pawns in Government at this time even in a direct democracy like Switzerland.
Someone|3 years ago
I would further improve the code by having it shortcut for all primes smaller than 31 (adding 29 and 31) or 63.
mkl|3 years ago
This is step 1 of the algorithm they're using: https://en.wikipedia.org/wiki/Baillie%E2%80%93PSW_primality_...
threatripper|3 years ago
* The function will return True for all primes.
* The function will return False if the number is detected as a composite by some tests.
* The function can return True or False for all other numbers.
* For numbers<=23 they implemented a shortcut using a lookup table which is implemented as bits in a number.
* The bit for number 19 is wrong. It returns false for a prime number which violates "return True for all prime numbers".
This is indeed quite shoddy programming for such an essential and easily testable piece of software.
nairboon|3 years ago
mthld|3 years ago
popcalc|3 years ago
Do the bare minimum research before posting please.
sampo|3 years ago
Looks like they had it in varying number of areas from 2003 to 2019. Then all systems were withdrawn due to security concerns.
https://en.wikipedia.org/wiki/Electronic_voting_in_Switzerla...
https://www.ch.ch/en/votes-and-elections/e-voting/#revision-...
greyw|3 years ago
crisbal_|3 years ago
Isn't it the Swiss post?
benevol|3 years ago
And given what they show off, they should abstain from it for the next 1000 years.
tromp|3 years ago
That is one modest reviewer!
OJFord|3 years ago
raverbashing|3 years ago
19 should have been tested by a lookup table, there's no need to apply such heavy test to it
However, by changing that constant (if not properly verified) I'd worry it might change the primality test for some classes of numbers. Where this might be later manipulated to produce a weak key
mkl|3 years ago
They intended to do 2^2+2^3+2^5+2^7+2^11+2^13+2^17+2^19+2^23 = 9054380, but they accidentally left out 2^19, and got 2^2+2^3+2^5+2^7+2^11+2^13+2^17+2^23 = 8530092.
You can see the problematic Algorithm 4.16 on p31 here: https://gitlab.com/swisspost-evoting/crypto-primitives/crypt...
omega3|3 years ago
gsk22|3 years ago
I don't know much about Swiss e-voting, but seems even the most brain-dead unit test of the IsProbablePrime function should have caught this.
sschueller|3 years ago
I highly doubt we will see e-voting here until there is a verifiable proof that it is verifiable. There was a lot of bad press about this and people don't trust this crap.
They tried a similar thing for E-ID which was supposed to be built by some private cooperation and run on some centralized servers. The people voted against it and now the government has done the right thing and is building an E-ID system that is decentralized and government run. It still has some quirks but it's going in the right direction.
The sad thing is for the governments first version (outsource to private industry) their claim at the poles was that it would take many years for an E-ID if we don't do it this way. Now only 1 year later we have a very good proposal. There is too much corporate interest pushing around pawns in Government at this time even in a direct democracy like Switzerland.
herr_gurke|3 years ago
There is also a question of impact - i think that 19 does not really cause any harm there.
mkl|3 years ago
simonmales|3 years ago
amelius|3 years ago