Paper 2021/1098

Individual Verifiability and Revoting in the Estonian Internet Voting System

Olivier Pereira


Individual verifiability remains one of the main practical challenges in e-voting systems and, despite the central importance of this property, countries that sought to implement it faced repeated security problems. In this note, we revisit this property in the context of the IVXV version of the Estonian voting system, which has been in used for the Estonian municipal elections of 2017 and for the Estonian and European parliamentary elections of 2019. We show that a compromised voter device can defeat the individual verifiability mechanism of the current Estonian voting system. Our attack takes advantage of the revoting option that is available in the Estonian voting system, and only requires compromise of the voting client application: it does not require compromising the mobile device verification app, or any server side component.

Available format(s)
Cryptographic protocols
Publication info
Preprint. MINOR revision.
election schemesverifiability
Contact author(s)
olivier pereira @ uclouvain be
2021-08-30: revised
2021-08-26: received
See all versions
Short URL
Creative Commons Attribution


      author = {Olivier Pereira},
      title = {Individual Verifiability and Revoting in the Estonian Internet Voting System},
      howpublished = {Cryptology ePrint Archive, Paper 2021/1098},
      year = {2021},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.