A prominent international organisation in the field of encryption has been compelled to cancel the release of its leadership election results after a trustee misplaced a crucial encrypted key. The International Association for Cryptologic Research (IACR) relies on an electronic voting system that requires three separate members, each holding a portion of an encrypted key, to jointly unlock and access the final tally.
++ The peregrine falcon: nature’s fastest killer in the sky
In a statement, the association confirmed that one trustee had misplaced their key in what it described as “an honest but unfortunate human mistake”, leaving the results permanently inaccessible. As a consequence, the IACR will restart the election process and introduce “additional safeguards” to prevent similar failures in future.
Founded in 1982, the IACR is a global non-profit organisation dedicated to advancing research in cryptology, the study of secure communication. Voting for three Director roles and four Officer posts began on 17 October and closed on 16 November.
The Association used Helios, an open-source, browser-based voting platform that encrypts ballots to protect voter privacy. Three independent trustees were appointed to hold separate encrypted fragments which, when combined, would reveal the outcome. However, while two trustees uploaded their encrypted shares as required, the third did not. The association later confirmed that the missing private key had been “irretrievably lost”, making it “technically impossible” to decrypt the results.
The IACR apologised for the disruption, stating it regarded the incident with “deep seriousness”.
Speaking to the BBC, American cryptographer Bruce Schneier noted that cryptographic failures frequently stem from human error, explaining that systems “often fail for very human reasons”, such as forgotten or mishandled keys. A fresh vote is now under way and will remain open until 20 December. The trustee responsible for the misplaced data has been replaced, and the association has adopted a new “2-out-of-3” threshold for key management, supported by detailed written procedures.
++ Government moves to assure fuel security amid Lindsey refinery collapse
The organisation maintains that the revised process should ensure both integrity and resilience in future elections.
