OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

election-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Thoughts on crypto vulnerability and voting systems


Thoughts on exposure of hashing systems.  Eg - a cracker can be
assumed to have access to the generating SW - and probably the
source code (especially if its a public mechanism or open source).

So their challenge is to attack a reduced set of possibilities.  Obviously
the defense is that they do not know the original seed code sequence.
What the hash system needs is to generate a diverse population of
codes to avoid possiblility of sequences betraying the original

The biggest threat is that they could then potentially alter votes without

Again - looking at the Trusted Voting Process - since the whole method
does not rely on cryptography anywhere - if the crypto being used is
compromised - it does not compromise the voting process pre-say.
Eg - since there are four counts being cross-referenced - you need
access to all four mechanisms to be able to change them consistently -
otherwise one count will betray changes in another.

1) electoral roll counts
2) e-vote records
3) printer records (frog equivalents)
4) paper ballots and their scanned counts

Seems like all exposing the hash scheme can do for you is allow
you to see into anonymous voting records.  Not very interesting!
The other risk is disruption - deliberately altering part of the voting
record in attempt to invalidate the whole election.

The best defense is clearly if the attacker can gain little benefit from
the attack - he will not bother with it in the first place!


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]