On September 5, 2017 the Estonian Information Systems Authority – Riigi Infosüsteemi Ametit (RIA) reported that researchers have found a vulnerability in the Estonian digital ID card:
Possible Security Vulnerability Detected in the Estonian ID-card Chip
This is a serious issue in general, as the card is at the heart of citizen digital interactions with the government, but has particular implications for Internet voting, as the ID card is key to the functioning of the voting system, enabling amongst other features the unique Estonian ability to vote multiple times with only the last vote counting (including choosing to vote in person on election day, cancelling all previous Internet votes).
There are local government council elections coming up soon, with online voting starting in a month, running from 5 October 2017 to 11 October 2017 (online voting is only available for advance polls, not on election day).
above from Municipal council election 2017
According to the Is the ID-card safe? FAQ, the National Electoral Committee (Vabariigi Valimiskomisjon) will decide whether to proceed with online voting.
UPDATE 2017-09-06: In its September 6, 2017 meeting, the National Electoral Committee decided to proceed with online voting in the October elections. Reported by err.ee – Electoral committee: Online voting in October elections still on / Valimiskomisjon: e-hääletamine toimub. ENDUPDATE
The analysis of the ID-card vulnerability, by “[a]n international group of cryptography scientists from recognized universities” will be “published in the coming autumn at an international scientific conference” according to the ID-card safety FAQ.
UPDATE 2017-09-06: There’s more detail about the specific vulnerability, which is appears to be a computationally-intensive, technically-challenging way to determine the private key from the security chip, in Postimees article Hackers could have made digital clones / Häkkerid võinuks luua eestlastest digikloonid. ENDUPDATE
Links in English
- Estonian Information Systems Authority
- Estonian Information Systems Authority – Possible Security Vulnerability Detected in the Estonian ID-card Chip
- Is the ID-card safe? (FAQ)
- Estonian Elections (new website) / National Electoral Committee
- Estonian Elections (new website) – Municipal council election 2017
- Estonian Elections (old website) – Statistics about Internet Voting in Estonia
Links in Estonian
- Riigi Infosüsteemi Ametit (RIA)
- Rigi Infosüsteemi Ametit (RIA) – ID-kaardi kiibis avastati turvarisk
- Twitter – Riigi Infosüsteemi Ametit @e_riik
- Kas ID-kaardi kasutamine on turvaline?
- Valimised – Kohaliku omavalitsuse volikogu valimised 2017
- Twitter – Riigi valimisteenistus ja Vabariigi Valimiskomisjon @valimiskomisjon
Original story via Bruce Schneier – Security Flaw in Estonian National ID Card
As Estonia is the only country in the world with national Internet voting, I have written about it many times:
June 16, 2017 evaluation of Predicting the Future – online voting – Estonia
July 8, 2016 Estonian Internet voting and turnout myths
March 8, 2011 Estonian vote-counting system fails
November 11, 2004 e-voting in Estonia
For a perspective on security concerns with the Estonian system that predate the ID card issue, it is also important to read the materials on the website Independent Report on E-voting in Estonia as well as
- video – Security Analysis of Estonia’s Internet Voting System (media.ccc.de) – also on YouTube
- book chapter section – Practical Attacks on Real-world E-voting (section 7.3.2 Estonia’s Internet Voting System), to appear in Feng Hao and Peter Y. A. Ryan (Eds.), Real-World Electronic Voting: Design, Analysis and Deployment, pages 145–171, CRC Press, 2016
- scientific paper – Security Analysis of the Estonian Internet Voting System, CCS ’14 Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, Pages 703-715, ISBN: 978-1-4503-2957-6, doi:10.1145/2660267.2660315 (landing page) – also available from jhalderm.com website