Which encryption and signature methods are supported when sending voter credentials by e-mail?
If you have chosen to send voter credentials for the voting project via e-mail, eligible voters and nominators will receive a signed e-mail from the sender “POLYAS GmbH” or “voting.polyas.de”. This is based on the S/MIME standard and the signature method SHA256withRSA.
The transport route to the recipient’s mail server is encrypted via TLS-1.3 or TLS-1.2, if supported.
Also supported is the use of S/MIME for the individual end-to-end encryption of voter credentials. This requires the eligible voter to send a signed e-mail (S/MIME) to reply@polyas.com.
The encryption method used in this case is AES256_CBC.
The e-mails sent by POLYAS are not stored as cleartext. Even though the voter notification can be sent from the POLYAS Online Voting Manager to a different e-mail address than the original, the contents of the voter notification remain encrypted with the public key of the original recipient.