Security Analysis of the Estonian Internet Voting System

  title={Security Analysis of the Estonian Internet Voting System},
  author={Drew Springall and Travis Finkenauer and Zakir Durumeric and Jason Kitcat and Harri Hursti and Margaret MacAlpine and J. Alex Halderman},
  journal={Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security},
Estonia was the first country in the world to use Internet voting nationally, and today more than 30% of its ballots are cast online. In this paper, we analyze the security of the Estonian I-voting system based on a combination of in-person election observation, code review, and adversarial testing. Adopting a threat model that considers the advanced threats faced by a national election system---including dishonest insiders and state-sponsored attacks---we find that the I-voting system has… 
Comparative Analysis of Electronic Voting and Internet Voting Framework
Analysis of Indian e-voting system and Estonian Internet voting system from polling security, confidentiality, verification, sincerity, and integrity and ballot secrecy finds that the design of the machines or systems have loopholes, limitations and procedures on the architecture that might endanger the integrity of the elections.
UC Modelling and Security Analysis of the Estonian IVXV Internet Voting System
This work provides a rigorous security modeling for the Estonian IVXV system as a ceremony, attempting to capture the effect of actual human behavior on election verifiability in the universal composability (UC) framework.
An Assessment of the Security and Transparency Procedural Components of the Estonian Internet Voting System
This paper examines the procedural components of the I-Voting system, with an emphasis on the controls related to procedural security mechanisms and on system-transparency measures, and conducts an initial investigation into the extent to which the present controls mitigate the real security risks faced by the system.
Individual Verifiability and Revoting in the Estonian Internet Voting System
It is shown that a compromised voter device can defeat the individual verifiability mechanism of the current Estonian voting system.
Estonian Internet Voting with Anonymous Credentials
This study proposes an e-voting scheme EIV-AC that integrates the EIV scheme with anonymous credentials based on self sovereign identity and further supports participation privacy, i.e. whether or not an eligible voter has participated in an election is kept hidden – also from the election authorities.
Estonian Voting Verification Mechanism Revisited
This work investigates this verification phase in detail and points out that leaking the voter's choice to the verification application may harm the voter privacy and proposes an alternative verification mechanism for the Estonian i-voting system to overcome this vulnerability.
Security Analysis of the Democracy Live Online Voting System
It is concluded that using OmniBallot for electronic ballot return represents a severe risk to election security and could allow attackers to alter election results without detection.
On the Necessity of Auditing for Election Privacy in e-Voting Systems
This work investigates election privacy issues that appear in the state-of-the-art implementations of e-voting systems that apply threshold public key encryption (TPKE) in the client like Helios and use a bulletin board (BB) and proposes a list of guidelines to avoid some common, subtle, yet important problems.
The New South Wales iVote System: Security Failures and Verification Flaws in a Live Online Election
An independent security analysis of parts of the live iVote system and uncovered severe vulnerabilities that could be leveraged to manipulate votes, violate ballot privacy, and subvert the verification mechanism, including vote verification that was itself susceptible to manipulation.
A Trustworthy Electronic Voting System for Australian Federal Elections
An analysis of the iVote electronic voting system used for the 2017 Western Australian State Election is presented, outlining a number of security risks introduced by the use of cloud-based distributed denial of service mitigation.


Attacking the Washington, D.C. Internet Voting System
This case study is the first (to the authors' knowledge) to analyze the security of a government Internet voting system from the perspective of an attacker in a realistic pre-election deployment and attempts to illuminate the practical challenges of securing online voting as practiced today by a growing number of jurisdictions.
Helios: Web-based Open-Audit Voting
  • B. Adida
  • Computer Science
    USENIX Security Symposium
  • 2008
Helios is the first web-based, open-audit voting system, publicly accessible today: anyone can create and run an election, and any willing observer can audit the entire process.
Security analysis of India's electronic voting machines
It is concluded that in spite of the EVM machines' simplicity and minimal software trusted computing base, they are vulnerable to serious attacks that can alter election results and violate the secrecy of the ballot.
STAR-Vote: A Secure, Transparent, Auditable, and Reliable Voting System
This paper describes the current design of STAR-Vote, a collaboration between a number of academics and the Travis County (Austin), Texas elections office, which currently uses a DRE voting system and previously used an optical scan voting system.
The Application of I-Voting for Estonian Parliamentary Elections of 2011
An overview of the Estonian Internet Voting System is given and events that occurred during the Riigikogu Elections of 2011 are analyzed.
Security Seals on Voting Machines: A Case Study
New Jersey’s protocols for the use of tamper-evident seals have been not at all effective, and the more general problem of seals in democratic elections is discussed.
PrÊt À Voter: a Voter-Verifiable Voting System
The key elements of the approach are presented and the evolution of the design and their suitability in various contexts are described and the voter experience, and the security properties that the schemes provide are described.
Broken Ballots: Will Your Vote Count?
For many of us, the presidential election of 2000 was a wake-up call. The controversy following the vote count led to demands for election reform. But the new voting systems that were subsequently
Ethical Issues in E-Voting Security Analysis
This paper makes an early effort to address questions that flow from the unique and important role voting plays in modern democratic societies with reference to experience from previous e-voting security reviews, and hopes it will help practicing researchers anticipate and address ethical issues in future studies.
A Simple Cast-as-Intended E-Voting Protocol by Using Secure Smart Cards
  • H. Lipmaa
  • Computer Science, Mathematics
    IACR Cryptol. ePrint Arch.
  • 2014
We propose a simple cast-as-intended remote e-voting protocol where the security is based on the use of secure (and trusted) smart cards that incorporate incard numeric keyboards and LCD displays,