---
_id: '5621'
abstract:
- lang: eng
text: Remote voting through the Internet provides convenience and access to the
electorate. At the same time, the security concerns facing any distributed application
are magnified when the task is so crucial to democratic society. In addition,
some of the electoral process loses transparency when it is encapsulated in information
technology. In this paper, we examine the public record of three recent elections
that used Internet voting. Our specific goal is to identify any potential flaws
that security experts would recognize, but may have not been identified in the
rush to implement technology. To do this, we present a multiple exploratory case
study, looking at elections conducted between 2006 and 2007 in Estonia, Netherlands,
and Switzerland. These elections were selected as particularly interesting and
accessible, and each presents its own technical and security challenges. The electoral
environment, technical design and process for each election are described, including
reconstruction of details which are implied but not specified within the source
material. We found that all three elections warrant significant concern about
voter security, verifiability, and transparency. Usability, our fourth area of
focus, seems to have been well-addressed in these elections. While our analysis
is based on public documents and previously published reports, and therefore lacking
access to any confidential materials held by electoral officials, this comparative
analysis provides interesting insight and consistent questions across all these
cases. Effective review of Internet voting requires an aggressive stance towards
identifying potential security and operational flaws, and we encourage the use
of third party reviews with critical technology skills during design, programming,
and voting to reduce the changes of failure or fraud that would undermine public
confidence.
author:
- first_name: Guido
full_name: Schryen, Guido
id: '72850'
last_name: Schryen
- first_name: Eliot
full_name: Rich, Eliot
last_name: Rich
citation:
ama: 'Schryen G, Rich E. Security in Large-Scale Internet Elections: A Retrospective
Analysis of Elections in Estonia, The Netherlands, and Switzerland. IEEE Transactions
on Information Forensics \& Security. 2009;4(4 Part):729-744.'
apa: 'Schryen, G., & Rich, E. (2009). Security in Large-Scale Internet Elections:
A Retrospective Analysis of Elections in Estonia, The Netherlands, and Switzerland.
IEEE Transactions on Information Forensics \& Security, 4(4
Part), 729–744.'
bibtex: '@article{Schryen_Rich_2009, title={Security in Large-Scale Internet Elections:
A Retrospective Analysis of Elections in Estonia, The Netherlands, and Switzerland},
volume={4}, number={4 Part}, journal={IEEE Transactions on Information Forensics
\& Security}, publisher={IEEE}, author={Schryen, Guido and Rich, Eliot}, year={2009},
pages={729–744} }'
chicago: 'Schryen, Guido, and Eliot Rich. “Security in Large-Scale Internet Elections:
A Retrospective Analysis of Elections in Estonia, The Netherlands, and Switzerland.”
IEEE Transactions on Information Forensics \& Security 4, no. 4 Part
(2009): 729–44.'
ieee: 'G. Schryen and E. Rich, “Security in Large-Scale Internet Elections: A Retrospective
Analysis of Elections in Estonia, The Netherlands, and Switzerland,” IEEE Transactions
on Information Forensics \& Security, vol. 4, no. 4 Part, pp. 729–744,
2009.'
mla: 'Schryen, Guido, and Eliot Rich. “Security in Large-Scale Internet Elections:
A Retrospective Analysis of Elections in Estonia, The Netherlands, and Switzerland.”
IEEE Transactions on Information Forensics \& Security, vol. 4, no.
4 Part, IEEE, 2009, pp. 729–44.'
short: G. Schryen, E. Rich, IEEE Transactions on Information Forensics \& Security
4 (2009) 729–744.
date_created: 2018-11-14T14:06:44Z
date_updated: 2022-01-06T07:02:12Z
ddc:
- '000'
department:
- _id: '277'
extern: '1'
file:
- access_level: open_access
content_type: application/pdf
creator: hsiemes
date_created: 2018-12-18T13:16:07Z
date_updated: 2018-12-18T13:16:07Z
file_id: '6316'
file_name: JOURNAL VERSION.pdf
file_size: 1544790
relation: main_file
file_date_updated: 2018-12-18T13:16:07Z
has_accepted_license: '1'
intvolume: ' 4'
issue: 4 Part
keyword:
- e-voting
- Internet voting
- Internet election
- security
- verifiability
- RIES
- Estonia
- Neuch{\^a}tel
language:
- iso: eng
oa: '1'
page: 729-744
publication: IEEE Transactions on Information Forensics \& Security
publisher: IEEE
status: public
title: 'Security in Large-Scale Internet Elections: A Retrospective Analysis of Elections
in Estonia, The Netherlands, and Switzerland'
type: journal_article
user_id: '61579'
volume: 4
year: '2009'
...