Tarvi martens eVoting Estonia
-
Upload
christian-wernberg-tougaard -
Category
Documents
-
view
348 -
download
0
description
Transcript of Tarvi martens eVoting Estonia
Internet Voting
in Estonia
Tarvi Martens
I-Voting Project Manager
National Electoral Committee
Internet Voting?
� In October 2005 Estonia had
first-ever
pan-national
Internet Voting
with binding results
� Ever since, i-voting has been used in four
elections in total
The spread of internet voting
47
62
44
61
9,317
30,275
58,669
104,413
0
10
20
30
40
50
60
70
2005 local 2007 national 2009 EP 2009 local
0
20000
40000
60000
80000
100000
120000
140000
Overall turnout Internet voters
E-stonia ?
� Population: 1.35M
� Everyday Internet usage: 63%
� Internet banking: 88%
� Mobile penetration: >100%
� 1000+ Free Internet Access points
� Member of EU and NATO since 2003
� Electronic identity delivered: >90% (age 15+)
ID-card Project
� Started in 1997
� First card issued: Jan 28, 2002
� October 2006: 1 000 000th ID-card was issued
� “rollout completed”
The Card
� “Compulsory”
for all residents
� Contains:
� Personal data file
� Certificate for authentication
(along with e-mail address
� Certificate for digital signature
Usage of the ID-card
� Major ID-document
� Replacement of
� (transportation) tickets
� library cards
� health insurance card
� driver documents
� etc...
� Authentication token for all major e-services
� Digital signature tool
Internet Voting ?
� Not a nuclear physics
� Just another application for ID-card
...with some special requirements & measures...
I-voting Main Principles
� All major principles of paper-voting are followed
� I-voting is allowed during 7-day (was: 3-day)period before Voting Day
� The user uses ID-card� System authenticates the user
� Voter confirms his choice with digital signature
� Repeated e-voting is allowed� Only last e-ballot is counted
� Manual re-voting is allowed� If vote is casted in paper during pre-voting days,
i-vote(s) will be revoked
Voter registration
� Missing
� All citizen (residents) should register their place
of living in central population register
� Only voters with registered addresses are eligible
� Population register is used
Encrypted
vote
Digital signature
I-voters
I-votes Results
Private keyPublic key
Envelope scheme
AuditKey Management
List of
Candidates
List of
Voters
Vote
Forwarding
Server
Vote
Storing
Server
Vote
Counting
Application
Voter
application
Audit
application
log
loglog
Central System
Architecture
To vote via Internet voter needs:an Estonian ID card with valid
certificates and PIN codes
Computer used for voting
must have:a smart card reader (6 EUR)
a driver for ID card (free to download)
I Website for voting
www.valimised.ee
www.valimised.ee
II Identification
� Put your card into card reader
� Insert PIN 1
****
III You are identified
IV Ballot completion� Choose a candidate
IV Confirmation� Confirm your choice with PIN2
V Vote recieved
Principle of Transparency
� All system components shall be transparent for
auditing purposes
� No “black boxes” are allowed
� No use of 3rd party-controlled authentication
mechanisms or services
� No components without source code
Technology Selection
� Keep it as simple as possible
� Build it on secure & stable platforms (Debian)
� No black boxes – everything must come with
source code
� Minimize on use of 3rd party components
Managing Procedures
� All fully documented
� Crash course for
observers-politicians & auditors
� All security-critical procedures:
� Logged
� Audited & observed
� Videotaped
Hosting and Monitoring
� Governmental security hosting
� Strict requirements for entering the server
premises
� Auditor(s), cam-man, operator, police officer
� Sealing of hardware
� Large number of network security specialists
involved in network-monitoring 24/7 for dDOS or
trojans in voluntary basis
2256
4661
0
500
1000
1500
2000
2500
1 8 15 22 29 36 43 50 57 64 71 78 85 92 99 106 113 120 127 134 141 148 155
0
100
200
300
400
500
Local elections 2009
Local elections 2005
Gendered internet voting?
Impact on turnout?
ID-card usage vs. I-voting
0
50000
100000
150000
200000
250000
300000
2005
VII
2005
X20
06 I
2006
IV20
06 V
II20
06 X
2007
I20
07 IV
2007
VII
2007
X20
08 I
2008
IV20
08 V
II20
08 X
2009
I20
09 IV
2009
VII
No of ID-card users
No of i-voters
What it takes ?
Procedures
Technology Voters
Politicians
& Laws
Token for
i-voters
Trust
Lessons learned
� I-voting is not a killer-application.
It is just another way for people to vote
� People’s attitude and behavior change in
decades and generations, not in seconds
� I-voting is as natural as Internet-banking but even
more secure
� Internet voting is here to stay