"ABSTRACT
Estonia was the first country in the world to use Internet
voting nationally, and today more than 30% of its ballots
are cast online. In this paper, we analyze the security of
the Estonian I-voting system based on a combination of
in-person election observation, code review, and adversarial
testing. Adopting a threat model that considers the advanced
threats faced by a national election system—including dishonest insiders and state-sponsored attacks—we find that
the I-voting system has serious architectural limitations and
procedural gaps that potentially jeopardize the integrity of
elections. In experimental attacks on a reproduction of the
system, we demonstrate how such attackers could target
the election servers or voters’ clients to alter election results or undermine the legitimacy of the system. Our findings illustrate the practical obstacles to Internet voting in the modern world, and they carry lessons for Estonia, for other countries considering adopting such systems, and for the
security research community."
Cf. E-Voting Refuses to Die Even Though It's Neither Secure nor Secret: More than two dozen states offer some form of internet voting, but it often means waiving the right to a secret ballot https://www.scientificamerican.com/article/e-voting-refuses-...
1 comment
[ 3.1 ms ] story [ 12.5 ms ] threadCf. E-Voting Refuses to Die Even Though It's Neither Secure nor Secret: More than two dozen states offer some form of internet voting, but it often means waiving the right to a secret ballot https://www.scientificamerican.com/article/e-voting-refuses-...