Machine-Checked Proofs for Electronic Voting: Privacy and Verifiability for Belenios

Cortier, Véronique; Drăgan, Constantin Cătălin; Dupressoir, François; Warinschi, Bogdan

doi:10.1109/csf.2018.00029

Cited by 19 publications

(26 citation statements)

References 28 publications

(60 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Therefore, in the rest of this section, we will focus on the proof of both privacy and verifiability, conducted in a cryptographic model [16]. These proofs have been established with the aforementioned EasyCrypt tool.…”

Section: Security Proofsmentioning

confidence: 99%

Belenios: A Simple Private and Verifiable Electronic Voting System

Cortier

Gaudry

Glondu

2019

Lecture Notes in Computer Science

View full text Add to dashboard Cite

We present the electronic voting protocol Belenios together with its associated voting platform. Belenios guarantees vote privacy and full verifiability, even against a compromised voting server. While the core of the voting protocol was already described and formally proved secure, we detail here the complete voting system from the setup to the tally and the recovery procedures. We comment on the use of Belenios in practice. In particular, we discuss the security choices made by election administrators w.r.t. the decryption key and the delegation of some setup tasks to the voting platform.

show abstract

Section: Security Proofsmentioning

confidence: 99%

Belenios: A Simple Private and Verifiable Electronic Voting System

Cortier

Gaudry

Glondu

2019

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…Ballots are signed and election authorities can verify on the bulletin board that all ballots have been cast by the expected legitimate party. A second advantage of Belenios is that it was proved to satisfy a formal notion of election verifiability, both in the symbolic model [15] (for a particular variant) and in the computational model [14]. This adds confidence that verifiability is satisfied by the protocol specification.…”

Section: Introductionmentioning

confidence: 99%

“…This adds confidence that verifiability is satisfied by the protocol specification. Nonetheless, several problems of Belenios and of verifiability definitions in [14,15] were shown in [9], leading to weaker guarantees than expected. In the typical scenario when revoting is allowed and voters can verify their ballots anytime, attacks on verifiability are still possible, most damaging in the case when the registrar is corrupted.…”

Section: Introductionmentioning

confidence: 99%

“…Even in the ideal case when both the server and the registrar are honest, ballot reordering attacks are possible, breaking individual verifiability. These attacks are outside the scope of proofs in [14,15], since they do not consider the typical scenario of revoting.…”

Section: Introductionmentioning

confidence: 99%

“…Our security proofs are in the symbolic model, automatically performed with the Tamarin prover [26], although we need to make some further abstractions, as explained below. We use the verifiability definition of [9], which is more general than [14,15], accounting for revoting and different corruption scenarios.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Provably Improving Election Verifiability in Belenios

Baloglu

Bursuc

Mauw

et al. 2021

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Belenios is an online voting system that provides a strong notion of election verifiability, where no single party has to be trusted, and security holds as soon as either the voting registrar or the voting server is honest. It was formally proved to be secure, making the assumption that no further ballots are cast on the bulletin board after voters verified their ballots. In practice, however, revoting is allowed and voters can verify their ballots anytime. This gap between formal proofs and use in practice leaves open space for attacks, as has been shown recently. In this paper we make two simple additions to Belenios and we formally prove that the new version satisfies the expected verifiability properties. Our proofs are automatically performed with the Tamarin prover, under the assumption that voters are allowed to vote at most four times.

show abstract

Coding

Pettiaux

2022

Digital Dictionary

View full text Add to dashboard Cite

Machine-Checked Proofs for Electronic Voting: Privacy and Verifiability for Belenios

Cited by 19 publications

References 28 publications

Belenios: A Simple Private and Verifiable Electronic Voting System

Belenios: A Simple Private and Verifiable Electronic Voting System

Provably Improving Election Verifiability in Belenios

Coding

Contact Info

Product

Resources

About