Cryptology ePrint Archive: Report 2021/1201

Provably Improving Election Verifiability in Belenios

Sevdenur Baloglu and Sergiu Bursuc and Sjouke Mauw and Jun Pang

Abstract: Belenios is an online voting system that provides a strong notion of election verifiability, where no single party has to be trusted, and security holds as soon as either the voting registrar or the voting server is honest. It was formally proved to be secure, making the assumption that no further ballots are cast on the bulletin board after voters verified their ballots. In practice, however, revoting is allowed and voters can verify their ballots anytime. This gap between formal proofs and use in practice leaves open space for attacks, as has been shown recently. In this paper we make two simple additions to Belenios and we formally prove that the new version satisfies the expected verifiability properties. Our proofs are automatically performed with the Tamarin prover, under the assumption that voters are allowed to vote at most four times.

Category / Keywords: cryptographic protocols / electronic voting, formal verification, verifiability

Original Publication (with minor differences): E-VOTE-ID 2021

Date: received 16 Sep 2021

Contact author: sevdenur baloglu at uni lu, sergiu bursuc at uni lu, sjouke mauw at uni lu, jun pang at uni lu

Available format(s): PDF | BibTeX Citation

Version: 20210917:092026 (All versions of this report)

Short URL: ia.cr/2021/1201


[ Cryptology ePrint archive ]