Estonian Voting Verification Mechanism Revisited

After the Estonian Parliamentary Elections held in 2011, an additional verification mechanism was integrated into the i-voting system in order to resist corrupted voting devices, including the so called Student's Attack where a student practically showed that the voting system is indeed not verifiable by developing several versions of malware capable of blocking or even changing the vote. This mechanism gives voters the opportunity to verify whether the vote they cast is stored in the central system correctly. However, the verification phase ends by displaying the cast vote in plain form on the verification device. In other words, the device on which the verification is done learns the voter's choice. In this work, our aim is to investigate this verification phase in detail and to point out that leaking the voter's choice to the verification application may harm the voter privacy. Additionally, when applied in a wide range, this would even compromise the fairness and the overall secrecy of the elections. In this respect, we propose an alternative verification mechanism for the Estonian i-voting system to overcome this vulnerability. Not only is the proposed mechanism secure and resistant against corrupted verification devices, so does it successfully verify whether the vote is correctly stored in the system. We also highlight that our proposed mechanism brings only symmetric encryptions and hash functions on the verification device, thereby mitigating these weaknesses in an efficient way with a negligible cost. More concretely, it brings only $m$ additional symmetric key decryptions to the verification device, where $m$ denoting the number of candidates. Finally, we prove the security of the proposed verification mechanism and compare the cost complexity of the proposed method with that of the current mechanism.