-
Notifications
You must be signed in to change notification settings - Fork 1
Running EVHE
To use EVHE for a vote some setup must be done. This is described in this article. EVHE is a distributed service and for optimal security all server instances should run on different machines.
In the bin folder there is a number of launch-scripts which contains standard setups, which is used in this setup guide.
By running bin/run.sh -h from a terminal configuration information is printed to the console.
All instances should be launched in the order they are presented in the following sections
The first step is to launch the bulletin board at the first instance using bin/bulletinBoard.sh. By supplying the argument --port=xx the bulletin board will be available on port xx. Standard is port=8080.
Secondly a trusted dealer should be run. The trusted dealer creates a distributed keypair for the system, and an RSA keypair for itself. The system works under the assumption that all voters are in possession of the RSA publicKey, so this should be distributed to all participants.
The trusted dealer needs to know the number of decryption authorities to be used in the system, and the fault toleration. The values for these are servers=3 meaning three partial keypairs are created and degree=1 meaning that the system needs atleast 2 (degree+1) decryption authorities to successfully decrypt.
The trusted dealer will place one file for each decryption authority in ./initFiles/ and rsa public and private-key ind ./rsa/. Remember: The RSA private key must be distributed with the clients
bin/trustedDealer.sh takes number of minutes for the poll to run. If the poll should run for an hour it should be called as follows: bin/trustedDealer.sh 60.
This time is relative to NOW, so this should be done as the vote is actually initialized. After calculations are done and files are written, an object containing public information is published with the trusted dealers RSA signature to the bulletin board for clients to use.
There should be the same number of decryption authorities as the server argument used when running the trusted dealer. The trusted dealer created a file for each authority, used for initializing it. For each decryption authority the following steps should be taken:
From root folder create ./initFiles and place a configuration file inside it. When using the bin/decryptionAuthority.sh file the configuration file should be integer name (e.g. 1, 2, etc). The decryption authority is launched by executing bin/decryptionAuthority.sh i where i is the integer denoting this instance, and the config file. The authority will then launch on port 808i
The client has two modes. Voting and getting results. We will start by voting
Voting can take place from the time the trusted dealer has posted its public information to the bulletin board and up to the moment where the clock on the bulletin board exceeds the timestamp sent to the bulletin board by the trusted dealer.
Votes can be either 0 or 1.
There are multiple ways to vote. The bin/vote.sh takes an integer which is either 0 or 1, and votes to a bulletin board assumed to be available at localhost:8080.
When testing bin/multiVote.sh can be called with an integer parameter denoting the amount of random votes to be cast. This also assumes bulletin board at localhost:8080
To vote to an external bulletin board use bin/run.sh --client --server=SERVER:PORT --vote={0,1}
Results can be read after the poll has expired and all decryption authorities has posted their partial results.
Using bin/getResult.sh results are retrieved and calculated from bulletin board assumed to be at localhost:8080.
To read from external bulletin board use bin/run.sh --client --server=SERVER:PORT --read=true