Re: FAQ # 25

From: Jan Karrman <jan_at_it_dot_uu_dot_se>
Date: Tue Dec 16 2003 - 05:32:48 CST

On Mon, 15 Dec 2003, David Mertz wrote:

> If we're talking about corruption of the "160 bit number" that encodes
> the votes in the first place... well, it's not possible to put "odds"
> on it the same way. If those bits get flipped in various ways, the
> vote remains valid, and the barcode itself remains fine. But you can't
> be mathematically precise about the probability that we made a
> programming error; nor about the probability a hacker inserts malicious
> code. Obviously, we can take steps to reduce the likelihood of these
> dangers, but not in the mathematically exact sense of MD5/ECC
> collisions or whatever.
>

To calculate the possibility of getting a valid vote from an incorrect
scan by the bar code reader, the following should be taken into account:

  - The 116 bit number is represented, together with the ballot number,
    in the bar code as a 40-digit decimal number, using the Code 128
    character set C. Each bar code character representing one pair of
    digits. An incorrect scan must produce another 40 digit decimal
    number that also represents a valid vote.

  - At least two of the bar code characters must be read incorrectly in
    a way that the required checksum character remains valid. This can
    either be at least two digit pairs from the encoded vote, or at least
    one digit pair and the checksum character itself. The case with the
    last two digits and the checksum character corrupted is probably the
    most likely cause for an error that will not be caught.

I actually did get the wrong code scanned from the Cue Cat once. It got
three symbols (pairs of digits) wrong, that still matched the checksum
character. The scanned number did not represent a valid vote, though.

/Jan
==================================================================
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
==================================================================
Received on Wed Dec 31 23:17:13 2003

This archive was generated by hypermail 2.1.8 : Wed Dec 31 2003 - 23:17:19 CST