31C3 talk: Security Analysis of Estonia’s Internet Voting System


Estonia is the only country in the world that relies on Internet voting in a significant way for legally-binding national elections — up to 30% of all voters cast their ballots online. This makes the security of Estonia’s Internet voting system of interest to technologists and citizens the world over. Over the past year, I helped lead the first rigorous, independent security evaluation of the system, based on election observation, code review, and laboratory testing. The findings are alarming: there are staggering gaps in Estonia’s procedural and operational security, and the architecture of the system leaves it open to cyberattacks from foreign powers. Our investigation confirmed the viability of these attacks in the lab, but the Estonian government has chosen to downplay them. We urgently recommend that Estonia discontinue use of the system before the country suffers a major attack.

The presentation contains good technical overview of Estonian i-voting. The presenter argues that Estonian i-voting has weak operational security. Some of the arguments used by the presenter are quite questionable:

Harri Hursti, one member of our team who is a very large Finnish man and known as a prodigious drinker, went out for serious drinking with this very nice Russian fellow, who is the head of security for the election operations team. During this dinner, I am told, each man consumed two bottles of Vodka, after witch nothing can be hidden from the truth. So, Hursti reports that by the end of this evening he had dranked that root password out of the head of security.


One thought on “31C3 talk: Security Analysis of Estonia’s Internet Voting System

Leave a Reply

Your email address will not be published. Required fields are marked *