E-voting: Belenios software now available for general public use
28 April 2017
Belenios is an online voting platform designed by the Inria-Loria Pesto and Caramba joint project teams. It is now available under a general public license.
That means that anyone can run an election, without having to be an IT expert. Since September 2016, a number of elections within academic establishments have been held using this software, and have demonstrated that people other than the developers had no difficulty in running an election thanks to this tool.
The developers, Véronique Cortier and Pierrick Gaudry, Directors of Research at CNRS, and Stéphane Glondu, an Inria Engineer, are over the moon about the success of their Belenios software, which some of their academic partners are already using for national committee elections. Available for anyone to use, it is, for the time being, used more in academia than by non-profit associations. “The only constraint is that, to use the software, you need the email addresses of everyone eligible to vote, which isn’t always the case within non-profit associations,” explained Véronique Cortier.
So, what can you do with Belenios?
Belenios ensures voter confidentiality and makes elections transparent since the ballot box is public, which allows the voter to check at any time that his or her ballot (encrypted) has been received in the ballot box, using a code issued by email. Since this code is a “right” to vote, the server ballot box only recognises the public part of the code. This makes ballot stuffing impossible. In addition to protecting privacy, Belenios also guarantees end-to-end election verifiablity. Not only can each voter check that his or her ballot is in the ballot box (individual verifiability), but everyone can check that the results match the ballots in the box (universal verifiability), and everyone can check that the ballots come from legitimate voters (eligibility verifiability).
But how is it secure?
The underlying cryptographic principle is that encryption is based on a public key and decryption on a private key shared between the decryption authorities, of which there are usually three. When several keys are required for decryption, then we talk of multiple-key encryption. When the votes are counted, only the final result is decrypted.
How long will it be before Belenios is used for political elections?
Belenios software is not suitable for political elections, because e-voting is the same as a postal vote. There are no actual polling booths and you have to rely on your computer. And, of course, a computer can be infected. Computer Scientist Laurent Grégoire had previously demonstrated, during the French legislative elections in 2012, that it was possible to change a voter’s choice once the ballot slip had been sent to the electronic ballot box for French citizens living abroad. A paper ballot slip is still more secure than an e-ballot.
Belenios can be used to run elections that have never existed before, or instead of tools like Google Form and Lime Survey, tools originally designed for surveys, not elections, ensuring both confidentiality and transparency.A new version of Belenios has just been released, and the Client part is now available on Debian (Linux). You don’t have to install the software package to vote, but, thanks to Belenios, voters can easily check on how the election is going.