Skip to main content

An Assessment of the Security and Transparency Procedural Components of the Estonian Internet Voting System

Jason R.C. Nurse; Ioannis Agrafiotis; Arnau Erola; Maria Bada; Taylor Roberts; Meredydd Williams; Michael Goldsmith; Sadie Creese


The I-Voting system designed and implemented in Estonia is one of the first nationwide Internet voting systems. Since its creation, it has been met with praise but also with close scrutiny. Concerns regarding security breaches have focused on in-person election observations, code reviews and adversarial testing on system components. These concerns have led many to conclude that there are various ways in which insider threats and sophisticated external attacks may compromise the integrity of the system and thus the voting process. In this paper, we examine the procedural components of the I-Voting system, with an emphasis on the controls related to procedural security mechanisms, and on system-transparency measures. Through an approach grounded in primary and secondary data sources, including interviews with key Estonian election personnel, we conduct an initial investigation into the extent to which the present controls mitigate the real security risks faced by the system. The experience and insight we present in this paper will be useful both in the context of the I-Voting system, and potentially more broadly in other voting systems.

Book Title
International Conference on Human Aspects of Information Security‚ Privacy and Trust at the 19th International Conference on Human−Computer Interaction (HCII)