README.md 3.21 KB
Newer Older
1
2
3
4
Belenios
========


5
6
Introduction
------------
7

8
Belenios is a verifiable voting system that partly implements the
Stephane Glondu's avatar
Stephane Glondu committed
9
10
Helios-C protocol described [here](http://eprint.iacr.org/2013/177),
which is itself derived from [Helios](http://vote.heliosvoting.org).
11

Stephane Glondu's avatar
Stephane Glondu committed
12
13
14
15
It consists of a command-line tool and a web server. Both use the same
backend and can be used to organize elections and perform
verifications. They employ messages formatted in a common format, a
specification of which is available in doc/specification.tex.
16

17
Compilation instructions are provided in INSTALL.md.
18

Stephane Glondu's avatar
Stephane Glondu committed
19

Stephane Glondu's avatar
Stephane Glondu committed
20
21
Election overview
-----------------
22

Stephane Glondu's avatar
Stephane Glondu committed
23
24
25
26
An election involves several roles: an administrator, a credential
authority, trustees and voters. For maximum security, each of these
roles must be performed by a different entity. An election can be
summarized as follows:
27

Stephane Glondu's avatar
Stephane Glondu committed
28
29
30
31
32
33
34
35
36
 1. The administrator initiates the process.
 2. The credential authority generates one credential per voter; he
    sends the private part to each voter and all public parts to
    the administrator.
 3. Each trustee generates a keypair and sends his/her public key to
    the administrator.
 4. The administrator collects all public credentials and trustees'
    public keys and sets up the election.
 5. The administrator opens the election.
Stephane Glondu's avatar
Stephane Glondu committed
37
 6. Each voter votes; the administrator collects, checks and publishes
Stephane Glondu's avatar
Stephane Glondu committed
38
39
40
41
    all the ballots.
 7. The administrator closes the election.
 8. Trustees collectively decrypt the result.
 9. The administrator announces the result of the election.
42

43

Stephane Glondu's avatar
Stephane Glondu committed
44
45
The command-line tool
---------------------
46

Stephane Glondu's avatar
Stephane Glondu committed
47
48
49
Each step can be performed with the help of the command-line tool. The
tool is also the most convenient way to exercise the verifiability
capabilities of the system.
50

Stephane Glondu's avatar
Stephane Glondu committed
51
More information in doc/tool.md.
52

53

Stephane Glondu's avatar
Stephane Glondu committed
54
55
The web server
--------------
56

Stephane Glondu's avatar
Stephane Glondu committed
57
58
59
60
61
62
63
64
65
66
The whole process can be executed using the web server. Each step can
be done with a browser. In this case, the formal "administrator" role
above is typically shared between the server and a human operator. The
server can also assume the roles of credential authority and
trustee. Therefore, in its simplest (and weakest) form, an election
involves only an operator henceforth called "election administrator"
(usually distinct from the person who sets up and administrates the
server itself) and voters. In its strongest form, an election involves
the election administrator, a credential authority, (at least) two
trustees and voters.
67

Stephane Glondu's avatar
Stephane Glondu committed
68
More information in doc/web.md.
69

70
71
72
73
74
75
76
77
78

Legal
-----

### Internal code

By "internal code", we mean everything that is not in the `ext/`
directory.

Stephane Glondu's avatar
Stephane Glondu committed
79
Copyright © 2012-2021 Inria, CNRS
80
81
82
83
84
85
86
87
88
89
90
91
92
93

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version, with the additional
exemption that compiling, linking, and/or using OpenSSL is allowed.

This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
Affero General Public License for more details.

### External code

94
95
Please refer to each file for accurate copyright and licensing
information.