Category Archives: Research Articles

Estonian Voting Verification Mechanism Revisited (Again)


Two papers on the topic. The first:

Abstract: After the Estonian Parliamentary Elections held in 2011, an additional verification mechanism was integrated into the i-voting system in order to resist corrupted voting devices [..] However, the verification phase ends by displaying the cast vote in plain form on the verification device. [..] In this respect, we propose an alternative verification mechanism for the Estonian i-voting system to overcome this vulnerability.

The second:

Abstract: Recently, Muş, Kiraz, Cenk and Sertkaya proposed an improvement over the present Estonian Internet voting vote verification scheme. This paper points to the weaknesses and questionable design choices of the new scheme. We show that the scheme does not fix the vote privacy issue it claims to. It also introduces a way for a malicious voting application to manipulate the vote without being detected by the verification mechanism, hence breaking the cast-as-intended property. In addition, the proposal would seriously harm usability of the Estonian vote verification scheme.

TL;DR: Turkish researchers see a privacy risk in the verification process which lets voter’s mobile device to learn for whom the vote was given. Estonian researchers in the counter paper argue why the proposed improvements do not solve the issue, instead decreasing the security of the scheme.

Links:
https://eprint.iacr.org/2016/1125
https://eprint.iacr.org/2017/081

E-Vote-ID 2016: Family Voting Patterns in E-vote Log Data: Estonian Electronic Elections 2013-2015

This paper user evidence from anonymized system log data on all Estonian e-votes from 2013-2015 to examine for patterns and combinations indicative of family voting.
[..]
Using logs we identify unique e-voting sessions coming from the same IP address and computer with the same operating system that happen in close proximity to each other, specifically with not more than 10 minutes between the end of one and the beginning of another unique voting act.
[..]
The results show that 7-8% of e-votes are cast in such pairs. The age and gender structure of these evoters also shows a set of distinct combinations. The age differences in these pairs are either very small or large. The largest group is formed by same aged pairs of opposite sexes, indicating same aged partners e-voting together. Another prominent pattern are pairs with large age differences of same or opposite sexes, indicating a parent voting together with a voting aged youth.

The new minister of Ministry of Economic Affairs and Communications (MKM) Kadri Simson sees this as a concern for i-voting:

“The Estonian Constitution says that the Election must be general and uniform. When the old man votes in the polling division, it is not allowed that his young cousin comes with him to polling booth and helps him to vote. However, in the Internet voting it is quite possible, since there is no control over who is assisting in the use of ID card.” said Kadri Simson, the chairman of the Center Party fraction in parliament.

Links:
https://digi.lib.ttu.ee/i/?6967
http://www.pealinn.ee/koik-uudised/kadri-simson-eestis-pole-antud-voimalust-e-valimiste-turvasusteemi-n174077
http://journals.plos.org/plosone/article?id=10.1371/journal.pone.0177864

Yearbook of Estonian courts 2015

estonian_courts_yearbook_2015
The focus of this Yearbook is on criminal procedure with special emphasis on surveillance operations. There are three articles that are of our interest.

“Supervision over surveillance”,  Uno Lõhmus, Visiting Professor at the University of Tartu:

In conclusion
First, full judicial pre-approval of surveillance operations, judicial supervision of the operations at the time of conduct thereof, and effective review of the operations after their completion are not ensured. Second, the rules on surveillance are laconic, incomplete and ambiguous, and the case law has not been able to improve this situation. In other words, legal clarity of the law is not ensured. This adds to the complexity of judges’ work and may also contribute to superficiality.

In addition, the case law does not clarify whether the installation of spyware in a computer system should be regarded as the installation of a technical means.

As of 1 January 2013, examination of traffic and location data in electronic communication is not considered to be a surveillance operation.

“Problems related to surveillance – the perspective of a defence counsel”, Küllike Namm, attorney-at-law:

In conclusion
This article focuses on the questions that have arisen in connection with surveillance operations and to which the current law does not provide answers. The discussion of these issues is intended to point out that the activities of public authorities in organising surveillance are inadequately regulated by the Code of Criminal Procedure. This creates a situation where the provisions on access to information on surveillance operations do not guarantee that a person subjected to surveillance can examine the data collected by surveillance operations and, where necessary, take possession of the data in a format that can be played back.

“Some problems encountered in computer system searches”, Eneli Laurits, Adviser to the Penal Law and Procedure Division of the Ministry of Justice:

Summary
The Code of Criminal Procedure of Estonia does not regulate computer system searches. It is relatively difficult to apply the existing rules to the collection of evidence in the manner described in this article, but it is still possible.

When performing an inspection, the body conducting proceedings is not entirely free of jurisdiction-related issues: for example, if the object of inspection is the social media website of a victim or a suspect, then the inspection of the website is complicated in theory, but simple in practice – a mouse click is enough to display various data within the territory of Estonia. An inspection can be based on cooperation (the subject voluntarily provides the user IDs and passwords), but there is always the possibility that voluntary cooperation fails. An investigative body should be able to rely on a legal regime in such cases.

Links:
http://www.riigikohus.ee/vfs/2071/Riigikohtu_aastaraamat_eng_veebi.pdf

Criminal procedure and digital evidence in Estonia by Eneli Laurits

digital_evidence_and_electronic_signature_law_review

It has been decided in Estonia that by the year 2020, a criminal file may be digital. Following on from this decision, it is necessary to decide how to incorporate into the law a regulation concerning digital evidence with the aim of seizing as much as possible evidence in its initial digital form, and ensuring the evidence is seized in the place where it is physically located.

This article aims to sum up the most common activities within which digital evidence might be taken, highlighting the potential problems of interest to the legislature when elaborating specific regulations for digital evidence.

Quite disturbing revelation is that by the current law, the law enforcement agents, after court authorized inspection, seizure or remote take-over of the computer system, are allowed to access any other remote resources that the system has access to:

The Advisory Guidelines on IT-Evidence, prepared on 24.05.2016 by law enforcement agencies, claim that in case of public investigative measures (inspection, search) and covert surveillance, no request for legal assistance is needed for data stored in cloud on foreign states’ servers.

For example, upon apprehension, a suspect has a computer or a smartphone unprotected with a password, and it is possible to obtain and to look through the information about the data stored, for example, in the cloud or in an e-mail box (which are not on the Estonian servers). Even when prosecutors approach the court on their own initiative, and by pointing out an obvious similarity between the search of a computer system and the search of a physical space to obtain permission from the court, preliminary investigation judges have so far found that such permission is not needed.

The Supreme Court has found that a permission granted by a prosecutor, and not by a court, is enough to observe, copy data in the person’s e-mail box (including when an e-mail box is located on a foreign state’s server) and to covertly examine a part of the server where a particular e-mail box is located, because messages are then not being transmitted, but they have already reached a recipient.

Links:
http://journals.sas.ac.uk/deeslr/article/download/2301/2254

E-Vote-ID 2016: Improving the verifiability of the Estonian Internet Voting scheme

Estonian_internet_voting

Abstract. We describe an update of the Estonian Internet Voting scheme targeted towards adding verification capabilities to the central system. We propose measures to ensure the auditability of the correctness of vote decryption and i-ballot box integrity. The latter will be improved to a level where it would be possible to outsource the vote collection process to an untrusted party and later fully verify the correctness of its operations.

The short summary is that I-voting system used for local municipal elections in October 2017 will use ElGamal cryptosystem that can be plugged into mix-net. Currently it is not clear whether the general public will be allowed to verify mix-net inputs and outputs.

Links:
http://research.cyber.ee/~jan/publ/ivxv-evoteid.pdf

 

Homomorphic Tallying for the Estonian Internet Voting System

Estonian_internet_voting

Abstract. In this paper we study the feasibility of using homomorphic tallying in the Estonian Internet voting system. The paper analyzes the security benefits provided by homomorphic tallying, the costs introduced and the required changes to the voting system. We find that homomorphic tallying has several security benefits, such as improved ballot secrecy, public verifiability of the vote tallying server and the possibility for observers to recalculate the tally without compromising ballot secrecy. The use of modern elliptic curve cryptography allows homomorphic tallying to be implemented without a significant loss of performance.
[..]
The homomorphic tallying scheme described above is not new. The scheme was introduced in 1997 by Cramer et al. [6] and has been used in the Helios open-audit voting system [1] for years. The contribution of this paper is an analysis of the deployment of homomorphic tallying in the context of Estonian Internet voting, where the performance of the protocol is improved by the use of elliptic curve cryptography.

In the new tender specification published by National Electoral Committee (NEC) we can read that there is a plan to use some kind of mix-net-based technology to provide counted-as-cast verifiability for the local government elections in October 2017. While mix-nets cryptographically are more complicated than homomorphic tallying, the mix-nets are more universal and thus can be used also in elections abroad, where the ballot style is not as simple as in Estonia (e.g., elections where the voter can vote for more than one candidate).

Links:
http://eprint.iacr.org/2016/776.pdf

Log Analysis of Estonian Internet Voting 2013 – 2015

Log server

Conclusions
In this work we developed a systematic data analysis method that can be used to assess the state of an ongoing i-voting and to perform post-election analysis.
The log monitoring solution developed has been a useful tool for detecting software bugs and logging deficiencies, which might not have been otherwise detected.

Although the three elections analyzed in this study were different types of elections, we can see that most of the measured values are similar. Furthermore, taking into account all the observations, we can conclude that in KOV2013, EP2014 and RK2015, no large-scale attack against i-voters was carried out.

Links:
http://eprint.iacr.org/2015/1211.pdf
http://kodu.ut.ee/~arnis/slides_logmon.pdf

Secure multi-party computation considered for fighting VAT fraud in Estonia

mpc_tax

In 2013 parliament mandated an invoice data annex to the VAT return whereby all firms must report all transactions with other firms exceeding 1000 Euros, with a view to checking that the buying and selling companies were declaring the same amount. Following lobbying by businesses about the accounting overhead and business secrets, the president vetoed the bill.

Sander and colleagues approached the tax and customs board with a proposal to use secure multiparty computation, and built a research prototype using Sharemind. The idea is to break VAT declarations into three shares, on servers run by the tax board, the business association, and another party, and run distributed computations to get risk scores for companies. His tests show that it’s feasible; the Estonian economy’s monthly tax returns could be processed in ten days. The remaining problem is that the tax board currently keeps its algorithms proprietary, and would prefer not to reveal them in case they get gamed; at present we don’t know how to run obscure queries in practical amounts of time. Revised legislation has now been accepted and secure MPC is on the tax board’s roadmap for the next few years. In conclusion, MPC can solve some real problems, although business processes may have to be changed.

Links:
https://www.lightbluetouchpaper.org/2015/01/26/financial-cryptography-2015/
http://fc15.ifca.ai/preproceedings/paper_47.pdf

Summary of master’s theses: Attack-tree based risk analysis of Estonian i-voting

attack_tree_vote_publishing_attack

This report analyzes two independent works published in 2014 that model security threats of Estonian i-voting scheme using attack trees. The first one, the master’s thesis of Tanel Torn [11] constructs several realistic attack trees for various types of attacks on Estonian i-voting system and evaluates them using three different state-of-the-art methodologies proposed in attack-tree literature. The second work, the master’s thesis of Ruud Verbij [13], proposes a general framework to allow comparison of different internet voting schemes. Verbij evaluates the proposed framework by applying it on Estonian i-voting protocol.

Despite using different approaches, both Torn and Verbij agree on some of the results. First, they both consider attacks on the Central System to be much more expensive, involving more risk and thus less probable. Second, results of both authors’ analyzes show that revocation attacks are more profitable than vote modification attacks. This in mainly due to the fact that in the former case the attack does not have to go through undetected.

The report has been published for UT course “Research Seminar in Cryptography (MTAT.07.022)”.

Links
https://courses.cs.ut.ee/2014/cryptoseminar/fall/uploads/Main/riivo-report-f14.pdf

EVOTE2014: Verifiable Internet Voting in Estonia

estonian_internet_voting_protocol

Abstract
This paper introduces an extension to the Estonian Internet voting scheme allowing the voters to check the cast-as-intended and recorded-as-cast properties of their vote by using a mobile device. The scheme was used during the 2013 Estonian local municipal elections and the 2014 European Parliament elections. 3.43% and 4.04% of all Internet votes were verified, respectively. We will present the details of the protocol, discuss the security thereof and the results of implementation.

Links:
http://www.e-voting.cc/en/portfolio-item/proceedings-evote2014/