Category Archives: Internet Voting

Cyber Security Newsletter 2023-10-12 (i-voting / RK2023)

Other events (not related to RK2023):

Research articles:

  • [2023-08-23] A research article by Tobias Hilt, Kati Sein (Cybernetica), Tanel Mallo (Cybernetica), Melanie Volkamer and Jan Willemson (Cybernetica): “Voter Perception of Cast-as-Intended Verifiability in the Estonian i-vote protocol”. The researchers performed semi-structured interviews with 13 voters to investigate the perception of individual verifiability in online elections in the aftermath of the 2013 parliamentary election in Estonia. The study finds that the voters clearly lack comprehension of the real purpose of the verifiability step (i.e., to detect a malware attack).
    https://research.cyber.ee/~janwil/publ/voterperception.pdf
    https://twitter.com/EVoteID/status/1709556280216412465/photo/1
    https://twitter.com/trtram/status/1653773719960006657
  • [2023-09-22] A research article by Jan Willemson (Cybernetica) and Kristjan Krips (Cybernetica/UT): “Estimating carbon footprint of paper and Internet voting”. The paper compares the carbon footprint of paper voting in polling stations with the emissions of i-voting in KOV2023. The results show that paper voting has about a 180 times higher carbon footprint, owing largely to the need to transport the voters to the polling stations and back.
    https://research.cyber.ee/~janwil/publ/VotingCO2.pdf
    https://link.springer.com/chapter/10.1007/978-3-031-43756-4_9
  • [2022-10-01] A research article by Piret Ehin (UT), Mihkel Solvak (UT), Jan Willemson (Cybernetica) and Priit Vinkel (Cybernetica): “Internet voting in Estonia 2005–2019: Evidence from eleven elections”. The article examines Internet voting in Estonia over 15 years and 11 nation-wide elections.
    https://www.sciencedirect.com/science/article/pii/S0740624X2200051X
  • [2022-09-24] A research article by Cornelia Sindermann, Dmitri Rozgonjuk (UT), Mihkel Solvak (UT), Anu Realo (UT) and Kristjan Vassil (UT): “Internet voting: the role of personality traits and trust across three parliamentary elections in Estonia”. The researchers investigated what affects the decision to use or not use internet voting. The work indicates that, out of the Big Five personality traits, it is only Agreeableness that seems to be related to trust in internet voting and the use of internet voting.
    https://link.springer.com/article/10.1007/s12144-022-03644-4
  • [2022-07-19] A research article by Jan Willemson (Cybernetica): “Towards Identifying Social Factors behind (In)Efficiency of Voting Security Measures”. In this article, the author analyzes various social factors that could explain why different countries implement different security measures in their voting systems. E.g., why in Switzerland coercion and vote buying is not part of the threat model, while voting systems in other countries try to implement measures against these attacks.
    https://www.jedem.org/index.php/jedem/article/view/673
  • [2022-06-08] Kristjan Krips (Cybernetica/UT) defended his PhD thesis “Privacy and coercion resistance in voting”. Among other things, the work contains a great amount of information about the Estonian i-voting system. The work indicates that the attack resistance of paper voting tends to be overestimated, while the Estonian internet voting system could also be improved.
    https://ut.ee/en/node/138599
    https://kuku.pleier.ee/podcast/kuue-samba-taga/132123
    https://novaator.err.ee/1608635968/doktoritoo-e-haaletamise-kontrollitavusele-seab-piirid-haalteostmise-risk
  • [2022-06-06] A research article by Maris Vutt (UT): “Electronic Voting in Adopting Resolutions of Limited Companies: The Example of Estonian Law”. The article provides an overview of how Estonian companies implement electronic voting in shareholders’ meetings. The author finds that although the law contains no precise requirements, it should be taken into account that the procedure laid down for electronic voting must ensure the identification of shareholders as well as the security and reliability of electronic voting.
    http://dx.doi.org/10.13165/j.icj.2022.06.007

Cyber Security Newsletter 2021-12-10 (i-voting / KOV2021)

Reproducing Android Vote Verification Application Builds for Estonian I-Voting System

The main objective of this work is to check whether the vote verification applications distributed in the app stores can be compiled from the source code that has been made publicly available by Estonian National Electoral Committee. The experiments were performed using the Vote Verification application versions that were distributed in the I-voting period of the Estonian municipal council election held in October 2017.
The report will go through the different steps that were done during this experiment – monitoring the binaries, building the app from the source code, comparing build result with the distributed version and trying to reproduce it based on the differences found.

This is the report for UT course “Research Seminar in Cryptography (MTAT.07.022)”. The work deals with reproducible build problem of vote verification software used in Estonian i-voting held in October 2017.

The TL;DR; is that the source code available in GitHub is outdated and apparently was not the source code which was used to build the applications that were distributed to Android devices in Google Play Store.

Links:
https://courses.cs.ut.ee/MTAT.07.022/2017_fall/uploads/Main/annika-report-f17.pdf

Liisa Past, Kaur Virunurm: E-State and Proactive Risk Management

The presentation was given in cybersecurity conference “Cyberchess 2017” held on October 5, 2017 in Riga. The presentation touched upon the recent events such as i-voting and the flaw found in the ID card chip.

The last question from the audience was worth a dime:

Is PPA considering any legal action against the vendor, because, as I understand, you have been informed by the researchers, but the vendor has not informed you.
And the second one: in the new procurement, what are are the lessons learned? Are you planing to change or include some clauses on liability?

The question was not answered in full, but the answer would be interesting indeed.

Links:
https://www.youtube.com/watch?v=6N_ZeFDNzvg
https://cert.lv/uploads/pasakumi/liisapastkaurvirunurm.pdf

 

Workshop on source code of Estonian i-voting system in Tartu hackerspace

On Friday Sep 8th from 18:00 we will discuss next generation source code for Estonian e-voting software.

The code was published on GitHub Sep 5th, which leaves us exactly a month to check it out, test it and hack it. To give this new national sports of hacking e-voting a good kickoff we have a) invited coders behind the system to introduce the code to us and we will host b) a brainstorming session on what interesting hacks we can come up with. Let’s see where it goes!

Everybody is welcome, however some tehcnical knowledge about software and coding will help a lot to make the event meaningful for you.

Links:
https://hackest.org/syndmused:2017-09-08_i-voting

RIA is looking for Internet voting penetration testers

According to the terms and conditions of the contract, the subject of audit is: ballot counting software, software for voters, election web site and other technical infrastructure related to e-voting.

Through this, the RIA wants to make sure that there are no vulnerabilities in the system or applications which would make it possible to see or change the voting results or otherwise manipulate the system. The security examiner must draw up a report on security threats in which the potential hazard scenarios are highlighted and suggestions on how to correct the errors are provided.

The testing is organized by the RIA before all elections, using the expertise of various experts. “We can not talk about the results of the earlier security tests, because this information is confidential in terms of security. As far as I can say, the current testing period is around one month, and it also leaves enough time to ensure that if there are any bottlenecks or security problems we will have time to fix them.” said RIA spokeswoman Helen Uldrich.

Indeed, the results of the penetration tests are kept secret. The terms of the procurement stipulate that at the end of the test the reports must be submitted digitally signed and encrypted. Security tests are performed in a test environment and if necessary a secure channel for testers can be created. The i-voting environment is open only to computers with specific IP addresses that are notified to RIA.

Two companies have been chosen to do pentest and two bugs have been found:

Penetration tests were carried out by Clarified Security from Estonia and the worldwide Finnish company Nixu, whose work resulted in detection of two errors in the new system. According to specialists, this is not something tragic, but part of the normal software development.

 

Links:
http://www.err.ee/610258/ria-otsib-e-valimiste-proovihakkijat
http://www.err.ee/634302/pealtnagija-e-valimistele-leidub-endiselt-kriitikuid

ETV “Suud Puhtaks” debate on internet voting security

Is the cyber security in Estonia ensured? Why the government wants to change the period of i-voting and what signal with that we send to the world? Talk show host Urmas Vaino helps to set things straight.

Debating:
Indrek Saar, Minister of Culture, Social Democratic Party
Jaanus Karilaid, Member of Parliament, Center Party
Priidu Pärna, Member of Tallinn City Council, Pro Patria and Res Publica Union
Anto Veldre, RIA analytic
Kristjan Vassil, UT senior researcher
Märt Põder, organizer of journalism hackathon
Arti Zirk, TUT IT faculty student
Tarvi Martens, Electoral Committee, Head of Internet Voting
Kristen Michal, Member of Parliament, Reform Party
Mihkel Slovak, UT senior researcher
Henrik Roonemaa, Geenius.ee editor
Erki Savisaar, Member of Parliament, Center Party
Andres Kutt, RIA, IT architect
Sven Heiberg, Cybernetica AS, Project Manager of Internet Voting System
Jaak Madison, Member of Parliament, Conservative People’s Party
Jaanus Ojangu, Chairman of Free Party
Agu Kivimägi, Stallion cyber security consultant
Jaan Priisalu, TUT researcher
Silver Meikar, Adviser to Minister of Culture
Kalev Pihl, SK ID Solutions, Board Member
Oskar Gross, Head of Cyber Crime Unit of Central Criminal Police
Klaid Mägi, RIA, Head of the department for handling incidents (CERT-EE)
Heiki Kübbar, Founder of ICEfire OÜ
Birgy Lorenz, Board Member of Network of Estonian Teachers of Informatics and Computer Science
Andres Kahar, KAPO Bureau Manager
Sven Sakkov, Director of NATO Cooperative Cyber Defence Centre
Heiki Pikker, TUT Cyber Security MSc student

Links:
http://www.err.ee/587007/suud-puhtaks-kui-turvalised-on-e-valimised
http://etv.err.ee/v/paevakajasaated/suud_puhtaks/saated/8d5babc5-cc33-4ed5-9bc0-927d4293ee21/suud-puhtaks
http://news.err.ee/310788/center-party-wants-to-shorten-e-voting-period

Estonian Voting Verification Mechanism Revisited (Again)


Two papers on the topic. The first:

Abstract: After the Estonian Parliamentary Elections held in 2011, an additional verification mechanism was integrated into the i-voting system in order to resist corrupted voting devices [..] However, the verification phase ends by displaying the cast vote in plain form on the verification device. [..] In this respect, we propose an alternative verification mechanism for the Estonian i-voting system to overcome this vulnerability.

The second:

Abstract: Recently, Muş, Kiraz, Cenk and Sertkaya proposed an improvement over the present Estonian Internet voting vote verification scheme. This paper points to the weaknesses and questionable design choices of the new scheme. We show that the scheme does not fix the vote privacy issue it claims to. It also introduces a way for a malicious voting application to manipulate the vote without being detected by the verification mechanism, hence breaking the cast-as-intended property. In addition, the proposal would seriously harm usability of the Estonian vote verification scheme.

TL;DR: Turkish researchers see a privacy risk in the verification process which lets voter’s mobile device to learn for whom the vote was given. Estonian researchers in the counter paper argue why the proposed improvements do not solve the issue, instead decreasing the security of the scheme.

Links:
https://eprint.iacr.org/2016/1125
https://eprint.iacr.org/2017/081

E-Vote-ID 2016: Family Voting Patterns in E-vote Log Data: Estonian Electronic Elections 2013-2015

This paper user evidence from anonymized system log data on all Estonian e-votes from 2013-2015 to examine for patterns and combinations indicative of family voting.
[..]
Using logs we identify unique e-voting sessions coming from the same IP address and computer with the same operating system that happen in close proximity to each other, specifically with not more than 10 minutes between the end of one and the beginning of another unique voting act.
[..]
The results show that 7-8% of e-votes are cast in such pairs. The age and gender structure of these evoters also shows a set of distinct combinations. The age differences in these pairs are either very small or large. The largest group is formed by same aged pairs of opposite sexes, indicating same aged partners e-voting together. Another prominent pattern are pairs with large age differences of same or opposite sexes, indicating a parent voting together with a voting aged youth.

The new minister of Ministry of Economic Affairs and Communications (MKM) Kadri Simson sees this as a concern for i-voting:

“The Estonian Constitution says that the Election must be general and uniform. When the old man votes in the polling division, it is not allowed that his young cousin comes with him to polling booth and helps him to vote. However, in the Internet voting it is quite possible, since there is no control over who is assisting in the use of ID card.” said Kadri Simson, the chairman of the Center Party fraction in parliament.

Links:
https://digi.lib.ttu.ee/i/?6967
http://www.pealinn.ee/koik-uudised/kadri-simson-eestis-pole-antud-voimalust-e-valimiste-turvasusteemi-n174077
http://journals.plos.org/plosone/article?id=10.1371/journal.pone.0177864

Book Chapter: E-voting in Estonia by Dylan Clarke and Tarvi Martens

real_world_electronic_voting

“Real-World Electronic Voting: Design, Analysis and Deployment” is a new book about to appear on secure electronic voting. One chapter describes the Internet voting used in Estonia.

In Chapter 6, Dylan Clarke, an ERC research fellow at Newcastle University, and Tarvi Martens, the chief architect of the Estonian remote Internet voting system, describe the Estonian Internet voting system. Since the first pilot in 2005, Internet voting has been used for the whole country in three sets of local elections, two European Parliament elections and three parliamentary elections.

The draft is available in arXiv.org.

Links:
https://www.crcpress.com/Real-World-Electronic-Voting-Design-Analysis-and-Deployment/Hao-Ryan/p/book/9781498714693
https://arxiv.org/pdf/1606.08654v1.pdf