The main objective of this work is to check whether the vote verification applications distributed in the app stores can be compiled from the source code that has been made publicly available by Estonian National Electoral Committee. The experiments were performed using the Vote Verification application versions that were distributed in the I-voting period of the Estonian municipal council election held in October 2017.
The report will go through the different steps that were done during this experiment – monitoring the binaries, building the app from the source code, comparing build result with the distributed version and trying to reproduce it based on the differences found.
This is the report for UT course “Research Seminar in Cryptography (MTAT.07.022)”. The work deals with reproducible build problem of vote verification software used in Estonian i-voting held in October 2017.
The TL;DR; is that the source code available in GitHub is outdated and apparently was not the source code which was used to build the applications that were distributed to Android devices in Google Play Store.