---
_id: '5621'
abstract:
- lang: eng
  text: Remote voting through the Internet provides convenience and access to the
    electorate. At the same time, the security concerns facing any distributed application
    are magnified when the task is so crucial to democratic society. In addition,
    some of the electoral process loses transparency when it is encapsulated in information
    technology. In this paper, we examine the public record of three recent elections
    that used Internet voting. Our specific goal is to identify any potential flaws
    that security experts would recognize, but may have not been identified in the
    rush to implement technology. To do this, we present a multiple exploratory case
    study, looking at elections conducted between 2006 and 2007 in Estonia, Netherlands,
    and Switzerland. These elections were selected as particularly interesting and
    accessible, and each presents its own technical and security challenges. The electoral
    environment, technical design and process for each election are described, including
    reconstruction of details which are implied but not specified within the source
    material. We found that all three elections warrant significant concern about
    voter security, verifiability, and transparency. Usability, our fourth area of
    focus, seems to have been well-addressed in these elections. While our analysis
    is based on public documents and previously published reports, and therefore lacking
    access to any confidential materials held by electoral officials, this comparative
    analysis provides interesting insight and consistent questions across all these
    cases. Effective review of Internet voting requires an aggressive stance towards
    identifying potential security and operational flaws, and we encourage the use
    of third party reviews with critical technology skills during design, programming,
    and voting to reduce the changes of failure or fraud that would undermine public
    confidence.
author:
- first_name: Guido
  full_name: Schryen, Guido
  id: '72850'
  last_name: Schryen
- first_name: Eliot
  full_name: Rich, Eliot
  last_name: Rich
citation:
  ama: 'Schryen G, Rich E. Security in Large-Scale Internet Elections: A Retrospective
    Analysis of Elections in Estonia, The Netherlands, and Switzerland. <i>IEEE Transactions
    on Information Forensics \&#38; Security</i>. 2009;4(4 Part):729-744.'
  apa: 'Schryen, G., &#38; Rich, E. (2009). Security in Large-Scale Internet Elections:
    A Retrospective Analysis of Elections in Estonia, The Netherlands, and Switzerland.
    <i>IEEE Transactions on Information Forensics \&#38; Security</i>, <i>4</i>(4
    Part), 729–744.'
  bibtex: '@article{Schryen_Rich_2009, title={Security in Large-Scale Internet Elections:
    A Retrospective Analysis of Elections in Estonia, The Netherlands, and Switzerland},
    volume={4}, number={4 Part}, journal={IEEE Transactions on Information Forensics
    \&#38; Security}, publisher={IEEE}, author={Schryen, Guido and Rich, Eliot}, year={2009},
    pages={729–744} }'
  chicago: 'Schryen, Guido, and Eliot Rich. “Security in Large-Scale Internet Elections:
    A Retrospective Analysis of Elections in Estonia, The Netherlands, and Switzerland.”
    <i>IEEE Transactions on Information Forensics \&#38; Security</i> 4, no. 4 Part
    (2009): 729–44.'
  ieee: 'G. Schryen and E. Rich, “Security in Large-Scale Internet Elections: A Retrospective
    Analysis of Elections in Estonia, The Netherlands, and Switzerland,” <i>IEEE Transactions
    on Information Forensics \&#38; Security</i>, vol. 4, no. 4 Part, pp. 729–744,
    2009.'
  mla: 'Schryen, Guido, and Eliot Rich. “Security in Large-Scale Internet Elections:
    A Retrospective Analysis of Elections in Estonia, The Netherlands, and Switzerland.”
    <i>IEEE Transactions on Information Forensics \&#38; Security</i>, vol. 4, no.
    4 Part, IEEE, 2009, pp. 729–44.'
  short: G. Schryen, E. Rich, IEEE Transactions on Information Forensics \&#38; Security
    4 (2009) 729–744.
date_created: 2018-11-14T14:06:44Z
date_updated: 2022-01-06T07:02:12Z
ddc:
- '000'
department:
- _id: '277'
extern: '1'
file:
- access_level: open_access
  content_type: application/pdf
  creator: hsiemes
  date_created: 2018-12-18T13:16:07Z
  date_updated: 2018-12-18T13:16:07Z
  file_id: '6316'
  file_name: JOURNAL VERSION.pdf
  file_size: 1544790
  relation: main_file
file_date_updated: 2018-12-18T13:16:07Z
has_accepted_license: '1'
intvolume: '         4'
issue: 4 Part
keyword:
- e-voting
- Internet voting
- Internet election
- security
- verifiability
- RIES
- Estonia
- Neuch{\^a}tel
language:
- iso: eng
oa: '1'
page: 729-744
publication: IEEE Transactions on Information Forensics \& Security
publisher: IEEE
status: public
title: 'Security in Large-Scale Internet Elections: A Retrospective Analysis of Elections
  in Estonia, The Netherlands, and Switzerland'
type: journal_article
user_id: '61579'
volume: 4
year: '2009'
...