IACR Cancels Leadership Election Due to Lost Encryption Key

A firm considered one of the leading global voices in encryption has cancelled the announcement of its leadership election results after an official lost the encrypted key needed to unlock them. The International Association for Cryptologic Research (IACR) uses an electronic voting system which needs three members, each with part of an encrypted key, to access the results. In a statement, the scientific organisation said one of the trustees had lost their key in 'an honest but unfortunate human mistake', making it impossible for them to decrypt - and uncover - the final results.

The IACR said it would rerun the election, adding 'new safeguards' to stop similar mistakes happening again. The association is a global non-profit organisation founded in 1982 with the aim to 'further research' in cryptology, the science of secure communication.

It opened votes for three Director and four Officer positions on 17 October, and the voting process closed on 16 November. The Association used an open-source electronic voting system called Helios for the process.

'Irretrievably' Lost

The IACR stated that the lack of results was due to one of the trustees 'irretrievably' losing their private key, leaving it 'technically impossible' for the firm to know the final verdict, forcing them to cancel the election. The organisation expressed its deep regret for the mistake, which it takes 'very seriously'.

American cryptographer Bruce Schneier commented on the incident, stating that failures in cryptographic systems often stem from human errors, such as forgetting keys or improperly sharing them. Voting for the IACR positions has been renewed and will run until 20 December, with the organization implementing a '2-out-of-3' threshold mechanism for key management, along with clear procedures for trustees to follow.