Belenios: the Certification Campaign

Belenios: the Certification Campaign. Angèle Bossuat, Elo\"ise Brocas, Véronique Cortier, Pierrick Gaudry, Stéphane Glondu, and Nicolas Kovacs. In SSTIC 2024 - Symposium sur la sécurité des technologies de l'information et des communications, Rennes, France, June 2024.

Download

[PDF] 

Abstract

This article presents our work on the security evalutation of the Belenios voting solution as a Certification de Sécurité de Premier Niveau, the French simple alternative to Common Criteria. We present the steps taken by the LORIA, who designed Belenios, and Quarkslab, who carried out the evaluation, as well as our exchanges with the ANSSI, who coordinated everything. We also hope to start a more general discussion on how to evaluate the security of e-voting systems in practice, as they are difficult to compare with other types of software, and any vulnerability may have an impact at a large scale.

BibTeX

@inproceedings{Belenios-SSTIC24,
  TITLE = {{Belenios: the Certification Campaign}},
  AUTHOR = {Bossuat, Ang{\`e}le and Brocas, Elo{\"i}se and Cortier, V{\'e}ronique and Gaudry, Pierrick and Glondu, St{\'e}phane and Kovacs, Nicolas},
  BOOKTITLE = {{SSTIC 2024 - Symposium sur la s{\'e}curit{\'e} des technologies de l'information et des communications}},
  ADDRESS = {Rennes, France},
  YEAR = {2024},
  MONTH = {June},
  URL = {https://inria.hal.science/hal-04578848},
  abstract = {This article presents our work on the security evalutation of the Belenios voting solution as a Certification de Sécurité de Premier Niveau, the French simple alternative to Common Criteria. We present the steps taken by the LORIA, who designed Belenios, and Quarkslab, who carried out the evaluation, as well as our exchanges with the ANSSI, who coordinated everything. We also hope to start a more general discussion on how to evaluate the security of e-voting systems in practice, as they are difficult to compare with other types of software, and any vulnerability may have an impact at a large scale.},
}