Abstract. In this paper we study the feasibility of using homomorphic tallying in the Estonian Internet voting system. The paper analyzes the security benefits provided by homomorphic tallying, the costs introduced and the required changes to the voting system. We find that homomorphic tallying has several security benefits, such as improved ballot secrecy, public verifiability of the vote tallying server and the possibility for observers to recalculate the tally without compromising ballot secrecy. The use of modern elliptic curve cryptography allows homomorphic tallying to be implemented without a significant loss of performance.
The homomorphic tallying scheme described above is not new. The scheme was introduced in 1997 by Cramer et al.  and has been used in the Helios open-audit voting system  for years. The contribution of this paper is an analysis of the deployment of homomorphic tallying in the context of Estonian Internet voting, where the performance of the protocol is improved by the use of elliptic curve cryptography.
In the new tender specification published by National Electoral Committee (NEC) we can read that there is a plan to use some kind of mix-net-based technology to provide counted-as-cast verifiability for the local government elections in October 2017. While mix-nets cryptographically are more complicated than homomorphic tallying, the mix-nets are more universal and thus can be used also in elections abroad, where the ballot style is not as simple as in Estonia (e.g., elections where the voter can vote for more than one candidate).
This criticism by Virgo Kruve will longer have no basis: “Current laws do not provide for the possibility of recounting votes delivered electronically. Recounts, however, allow for mistakes made in the ascertaining of election results to be corrected. In Estonia, e-votes are never tallied after the first time.”