Re: Interesting, But What About the Election-Day Virus?

From: Roy M. Silvernail <roy-ovc_at_rant-central_dot_com>
Date: Thu Dec 09 2004 - 12:29:36 CST

Nils Paz wrote:
>
> The idea is intriguing. That is why it would be important to perform OS
> checksums during an election at various and random times of the day. As
> suggested by Rick Gideon, MD5 could be the vehicle.

SHA1 is a better idea for the hash function. MD5 has had known
weaknesses since at least 1997, and recent work has disclosed a working
method to force collisions. Considering the importance of that which
we're attempting to certify, we may want to go all the way to SHA-256.
It's slower, but even more resistant to tampering. (and when I say
slower, I mean SHA-256 may not be suited for thousands of transactions a
second, but for random checks every 5-10 minutes during polling, it
would be fine)

-- 
Roy M. Silvernail is roy@rant-central.com, and you're not
"It's just this little chromium switch, here." - TFT
SpamAssassin->procmail->/dev/null->bliss
http://www.rant-central.com
_______________________________________________
OVC discuss mailing lists
Send requests to subscribe or unsubscribe to arthur@openvotingconsortium.org
==================================================================
= The content of this message, with the exception of any external 
= quotations under fair use, are released to the Public Domain    
==================================================================
Received on Fri Dec 31 23:17:08 2004

This archive was generated by hypermail 2.1.8 : Fri Dec 31 2004 - 23:17:22 CST